Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This Office Action is in response to the application 17/600,613 filed on 10/1/2021.
Claims 1 and 3-13 have been examined and are pending.  Claims 11-13 have been added.  Claims 1, 3, and 5-9 have been amended.  Claims 1, 8, and 9 are independent claims.  This action is made FINAL.
Response to Arguments
The rejection of Claims 1, 3-6, and 10 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, is withdrawn because of Applicant’s amendment.  
Applicants’ arguments, see Applicant Arguments/Remarks Made in an Amendment, filed 5/3/2022, with respect to the rejections of claims 1 and 3-10 have been fully considered but are not persuasive.
Applicant argues as follows:  As discussed during the interview, it would not have been obvious to have combined Sayers with Moriguchi to obtain the features of any of the amended independent claims. Sayers describes a technique of encrypted network communication of IOT sensors having low complexity (i.e., low levels of onboard processing power and limited power available). However, the invention of Sayers include an obstructive factor that obstructs combination with the invention of Moriguchi. Specifically, the latter part of Sayers at paragraph [0006] states "Using multiple messages to ... generate an encryption key is acceptable when the processing capabilities of the mobile device and the power source available (i.e. large rechargeable battery) are also required to perform other tasks required of a modern Smartphone, this is in complete contrast to low complexity devices." Thus, this description by Sayers indicates that the low complexity IOT sensor networks disclosed in Savers are unsuitable for generating encryption keys. Thus, it would not have been obvious for to a person having ordinary skill in the art at the time of the invention to have combined the features of Sayers with the common keys as disclosed in Moriguchi at least for that reason.  Therefore, as discussed during the interview, Sayers in view of Moriguchi fails to teach or suggest "the execution controller comprises processing circuitry configured as a common key generator configured to generate first common keys that are different among predetermined first time sections, an encryptor configured to encrypt data pieces to be transmitted to the processors with the respective first common keys, a storage configured to store data pieces encrypted by the encryptor and data pieces encrypted by the processors from which the corresponding data pieces are transmitted, a provider configured to provide the data pieces stored in the storage, and a 12 Application No. 17/600,613Reply to Office Action of February 4, 2022receiver configured to receive, from the provider, data pieces encrypted by the processors with respective second common keys that are different among predetermined second time sections and decrypt the received data pieces, the encryptor is further configured to encrypt the first common keys with a public key for the processors, the storage is further configured to store the first common keys encrypted by the encryptor and the second common keys encrypted by the processors with a public key for the receiver, and the receiver is further configured to acquire the second common keys stored in the storage and to decrypt the acquired second common keys with a secret key for the receiver," as recited by amended Claim 1, and as similarly required by amended Claims 8 and 9. 
Examiner respectfully disagrees.  Sayers, in paragraphs 0032, 0034, 0048 and FIG. 3, discloses, regarding claim 1, Sayers discloses a collection processor to collect machine data pieces repetitively transmitted from a machine; and an execution controller to (i) relay data transmitted and received between the collection processor and a first processor, of processors, that executes any one of subprocesses involved in a processing flow, the processing flow being applied to the machine data pieces and (ii) relay data transmitted and received between the first processor and a second processor of the processors, thereby causing the processors to execute the respective subprocesses in an order in accordance with the processing flow, wherein; in paragraphs 0050 and 0051, the execution controller comprises; in paragraph 0056, a storage to store data pieces encrypted by the encryptor and data pieces encrypted by the processors from which the corresponding data pieces are transmitted; in paragraph 0056, a provider to provide data pieces stored in the storage.  Sayers does not explicitly disclose a data management apparatus comprising: a common key generator configured to generate first common keys that are different among predetermined first time sections, an encryptor configured to encrypt data pieces to be transmitted to the processors with the respective first common keys, a receiver configured to receive, from the provider, data pieces encrypted by the processors with respective second common keys that are different among predetermined second time sections and decrypt the received data pieces, the encryptor is further configured to encrypt the first common keys with a public key for the processors, the storage is further configured to store the first common keys encrypted by the encryptor and the second common keys encrypted by the processors with a public key for the receiver, and the receiver is further configured to acquire the second common keys stored in the storage and to decrypt the acquired second common keys with a secret key for the receiver.   Moriguchi discloses, on page 13, lines 29-32, a data management apparatus comprising; on page 7, line 9, and page 21, lines 14-15, a common key generator configured to generate first common keys that are different among predetermined first time sections; on page 7, lines 8-10 and page 1, lines 30-33, an encryptor configured to encrypt data pieces to be transmitted to the processors with the respective first common keys; on page 8, lines 11-13, a receiver configured to receive, from the provider, data pieces encrypted by the processors with respective second common keys that are different among predetermined second time sections and decrypt the received data pieces; on page 10, line 33, the encryptor is further configured to encrypt the first common keys with a public key for the processors; on page 6, lines 30-35, the storage is further configured to store the first common keys encrypted by the encryptor and the second common keys encrypted by the processors with a public key for the receiver; on page 14, last four lines, the receiver is further configured to acquire the second common keys stored in the storage and to decrypt the acquired second common keys with a secret key for the receiver.
Examiner respectfully notes that because of the amendment to claim 9, claim 9 is now rejected by Sayers, Moriguchi, and Sakemi.  Sayers discloses, in paragraphs 0032, 0034, and 0048 and FIG. 3, a collection processor to collect machine data pieces repetitively transmitted from the machine; and an execution controller to (i) relay data transmitted and received between the collection processor and a first processor[[,]] of processors[[,]] that are each configured to execute any one of subprocesses involved in a processing flow, on the machine data pieces in an order in accordance with the processing flow, wherein; in paragraphs 0050 and 0051, the execution controller comprises; in paragraph 0056, a storage to store data pieces encrypted by the encryptor and data pieces encrypted by the processors from which the corresponding data pieces are transmitted; in paragraph 0056, a provider to provide data pieces stored in the storage.  Moriguchi discloses, on page 13, lines 29-32, a non-transitory computer-readable recording medium storing a program, the program causing a computer to be connected to a machine to function as; on page 7, line 9, and  page 21, lines 14-15, a common key generator to generate first common keys that are different among predetermined first time sections; on page 7, lines 8-10, an encryptor to encrypt data pieces to be transmitted to the processors with the respective first common keys; on page 8, lines 11-13, a receiver to receive, from the providers, data pieces encrypted by the processors with respective second common keys that are different among predetermined second time sections and decrypt the received data pieces; on page 10, line 33, the encryptor encrypts the first common keys with a public key for the processors; on page 6, lines 30-35, the storage stores the first common keys encrypted by the encryptor and the second common keys encrypted by the processors with a public key for the receiver; on page 14, last four lines, the receiver acquires the second common keys stored in the storage and decrypts the acquired second common keys with a secret key for the receiver Sakemi discloses, in paragraph 0053, s an encryptor to encrypt data pieces to be transmitted to the processors with the respective first common keys such that a different one of the first common keys is used to encrypt the data pieces to be transmitted to each of the processors.
Applicant argues as follows:  In addition, as discussed during the interview, dependent Claim 6 also patentably defines over the cited references for the following distinct reasons. Applicant respectfully traverses the assertion in the Office Action that Doi at paragraph [0151] discloses the features of Claim 6. However, Doi at paragraph [0151] indicates that a reference transfer control unit 33 and a substitute transfer control unit 34, as shown in Doi at Fig. 1, use mutually different common keys when transferring an e-mail to each other. This configuration is distinguishable from a configuration in which different common keys are used in respective processing means that are communication partners, such as in an embodiment of Claim 6. 
Examiner respectfully disagrees.  Regarding claim 6, Sayers and Moriguchi disclose the data management apparatus according to claim 1.  Doi, on page 33, lines 16-25, discloses wherein the encryptor is further configured to encrypt data pieces to be transmitted respectively to the processors with .
Applicant argues as follows:  Further, as discussed during the interview, dependent Claim 10 also patentably defines over the cited references for the following distinct reasons.  Applicant respectfully traverses the assertion in the Office Action that Moriguchi suggests the features of Claim 10. However, although Moriguchi may be considered to suggest updating a common key in accordance with a key update flag, Moriguchi fails to teach or suggest 13 Application No. 17/600,613Reply to Office Action of February 4, 2022use of different keys depending on the value of data to be encrypted, such as in an embodiment of Claim 10. 
Examiner respectfully disagrees.  Regarding claim 10, Moriguchi, in page 5, lines 29-37, discloses value of a data piece encompasses value of common key ID; updating depends on the value.  Sayers in paragraph 0032, discloses encrypted data.
The Examiner respectfully suggests that the claims be further amended and details in the specification be incorporated to distinguish the claimed invention over prior art of record.  Should the Applicant desire an interview to further clarify the claim interpretation/rejections, please contact the Examiner at (571) 272 5368 to schedule an interview.


Claim Interpretation - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

Use of the word “means” (or “step for”) in a claim with functional language creates a rebuttable presumption that the claim element is to be treated in accordance with 35 U.S.C. 112(f) (pre-AIA  35 U.S.C. 112, sixth paragraph).  The presumption that 35 U.S.C. 112(f) (pre-AIA  35 U.S.C. 112, sixth paragraph) is invoked is rebutted when the function is recited with sufficient structure, material, or acts within the claim itself to entirely perform the recited function.  
Absence of the word “means” (or “step for”) in a claim creates a rebuttable presumption that the claim element is not to be treated in accordance with 35 U.S.C. 112(f) (pre-AIA  35 U.S.C. 112, sixth paragraph).  The presumption that 35 U.S.C. 112(f) (pre-AIA  35 U.S.C. 112, sixth paragraph) is not invoked is rebutted when the claim element recites function but fails to recite sufficiently definite structure, material or acts to perform that function. 
Claim elements in this application that use the word “means” (or “step for”) are presumed to invoke 35 U.S.C. 112(f) except as otherwise indicated in an Office action.  Similarly, claim elements that do not use the word “means” (or “step for”) are presumed not to invoke 35 U.S.C. 112(f) except as otherwise indicated in an Office action.
Claim limitations “common key generator”, “encryptor”, “provider”,  and “receiver” recited in claims 1, 3-7, and 10-11 have been interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because they use a generic placeholder coupled with functional language “configured to” without reciting sufficient structure to achieve the function.  Furthermore, the generic placeholder is not preceded by a structural modifier.  The generic placeholder selector and combiner are merely a substitute for the term “means”.
Since the claim limitation(s) invokes 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, claim(s) 1, 3-7, and 10-11,  have been interpreted to cover the corresponding structure described in the specification that achieves the claimed function, and equivalents thereof.  
A review of the specification shows that the following appears to be the corresponding structure described in the specification for the 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph limitation: Paragraph 0028 of Applicant’s disclosure provides “The receiver 120 is mainly achieved by the processor 11.” Paragraph 0048, of Applicant’s disclosure provides “The encryptor 42 encrypts the machine data output from the data processor 41 with the common key provided from the common key generator 43 and transmits the machine data to the transferer 142..”  Paragraph 0093 discloses “The functions of the data management apparatus 10 may also be performed by means other than software. Part or all of the functions may be performed by dedicated hardware including circuits.”
If applicant wishes to provide further explanation or dispute the examiner’s interpretation of the corresponding structure, applicant must identify the corresponding structure with reference to the specification by page and line number, and to the drawing, if any, by reference characters in response to this Office action. 
If applicant does not intend to have the claim limitation(s) treated under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112 , sixth paragraph, applicant may amend the claim(s) so that it/they will clearly not invoke 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, or present a sufficient showing that the claim recites/recite sufficient structure, material, or acts for performing the claimed function to preclude application of 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.
For more information, see MPEP § 2173 et seq. and Supplementary Examination Guidelines for Determining Compliance With 35 U.S.C. 112 and for Treatment of Related Issues in Patent Applications, 76 FR 7162, 7167 (Feb. 9, 2011).’

Claim Objections
Claims 3 and 4 are objected to because of the following informalities:  for better clarity, it’s suggested that the limitation “the receiver decrypts data” be further amended to “the receiver configured to decrypt” to properly recite functions performed by a component of an apparatus claim.  Appropriate correction is required.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(d):
(d) REFERENCE IN DEPENDENT FORMS.—Subject to subsection (e), a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.

The following is a quotation of pre-AIA  35 U.S.C. 112, fourth paragraph:
Subject to the following paragraph [i.e., the fifth paragraph of pre-AIA  35 U.S.C. 112], a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.


Claim 13 is rejected under 35 U.S.C. 112(d) or pre-AIA  35 U.S.C. 112, 4th paragraph, as being of improper dependent form for failing to further limit the subject matter of the claim upon which it depends, or for failing to include all the limitations of the claim upon which it depends.  Claim 13 repeats the amended subject matter in base claim 9; that is claim 13, lines 2-4, and claim 9, lines 15-17, both recite “to encrypt the data pieces to be transmitted to the processors with the respective first common keys such that a different one of the first common keys is used to encrypt the data pieces to be transmitted to each of the processors”.  As claim 13 includes limitations recited in its parent claim and fails to further limit subject matter of its parent claim, claim 13 is rejected under 35 U.S.C. 112(d). Applicant may cancel the claim(s), amend the claim(s) to place the claim(s) in proper dependent form, rewrite the claim(s) in independent form, or present a sufficient showing that the dependent claim(s) complies with the 35 U.S.C. 112(d) statutory requirements.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b) (2) (C) for any potential 35 U.S.C. 102(a) (2) prior art against the later invention. 
Claims 1, 7, 8, and 10 are rejected under 35 U.S.C. 103 under 35 U.S.C. 103 as being unpatentable over Sayers (US2019081936), filed April 24, 2017, in view of Moriguchi (JP2011164907), published August 25, 2011.
Regarding claim 1, Sayers discloses a collection processor to collect machine data pieces repetitively transmitted from a machine; and an execution controller to (i) relay data transmitted and received between the collection processor and a first processor, of processors, that executes any one of subprocesses involved in a processing flow, the processing flow being applied to the machine data pieces and (ii) relay data transmitted and received between the first processor and a second processor of the processors, thereby causing the processors to execute the respective subprocesses in an order in accordance with the processing flow, wherein (Sayers, FIG. 3 and paragraph 0032, data management system with a sensor that collects data, data is encrypted with an IOT access node which stores and provides the received encrypted device data; and a secure site which receives and decodes the encrypted device data from the IOT access node “The Overall System Architecture (FIG. 2) considers implementation of two types of sensors/devices 200: the reporter and the controller. The reporter sensor/device normally transmits information to the network and typically does not receive data from the network although it is possible that it may receive data in other embodiments of this invention. In one possible embodiment of the controller sensor/device, it can receive command data information from the Secure Database Storage 203 and/or the Secure Site 209 and act upon the received command data to perform local functions (e.g. turn on an alarm buzzer). In addition the controller sensor/device can also send command data or information (FIG. 4) 403 to the IOT Access Node (IAN) 405 (it is not clear whether the network refers to Controller Sensor 400 or the act of sending encrypted data by the Controller Sensor 403). Both types of sensor/device transmit at intervals determined during the manufacturing process. The transmissions can typically be time based, application/data based or condition threshold based. Other transmissions schemes are possible and can be envisioned in other embodiments of this invention.”; paragraph 0034, “In one embodiment of the invention when the IOT Access Node (IAN) 201, 302, 405, 505 first accesses the network, the onboard security processor should provide the IOT Access Node (IAN) 201, 302, 405, 505 main processor with a registration message packet pre-encrypted. This packet should be encrypted with a randomly selected cipher key from the cipher keys stored in the IOT Access Node (IAN)'s 201, 302, 405, 505 security processor.”; paragraph 0048, are each configured to encompasses both sides of the link encrypt and decrypt messages);
the execution controller comprises (Sayers, paragraph 0050, microcontrollers; paragraph 0051, processors);
a storage to store data pieces encrypted by the encryptor and data pieces encrypted by the processors from which the corresponding data pieces are transmitted (Sayers, paragraph 0056, “In one embodiment of the invention when the IOT Access Node (IAN) 201, 302, 405, 505 first accesses the network, the onboard security processor should provide the IOT Access Node (IAN) 201, 302, 405, 505 main processor with a registration message packet pre-encrypted. This packet should be encrypted with a randomly selected cipher key from the cipher keys stored in the IOT Access Node (IAN)'s 201, 302, 405, 505 security processor.”);
a provider to provide data pieces stored in the storage (Sayers, paragraph 0056, “The packet may typically contain one or more of the following: a timestamp, random number, CRC, a sequence number, secure serialized identity/MD5 hash of the flash memory contents. The packet is forwarded to the IOT Equipment Registry (IER) 204, 306, 410, 511 database with the IOT Access Node (IAN) 201, 302, 405, 505 unique visible serialized identity added to the data packet in clear text 508. The IOT Equipment Registry (IER) 204, 306, 410, 511 database will attempt to decode the IOT Access Node (IAN) 201, 302, 405, 505 registration packet with all the cipher keys 512 available for the identified IOT Access Node (IAN) 201, 302, 405, 505. If the decryption succeeds then the IOT Equipment Registry (IER) 204, 511 database will check the contents are valid, if so then the packet has been successfully deciphered. A successfully deciphered message will indicate that the IOT Access Node (IAN) 201, 302, 405, 505 is genuine. “).
Sayers does not explicitly disclose a data management apparatus comprising: a common key generator configured to generate first common keys that are different among predetermined first time sections, an encryptor configured to encrypt data pieces to be transmitted to the processors with the respective first common keys, a receiver configured to receive, from the provider, data pieces encrypted by the processors with respective second common keys that are different among predetermined second time sections and decrypt the received data pieces, the encryptor is further configured to encrypt the first common keys with a public key for the processors, the storage is further configured to store the first common keys encrypted by the encryptor and the second common keys encrypted by the processors with a public key for the receiver, and the receiver is further configured to acquire the second common keys stored in the storage and to decrypt the acquired second common keys with a secret key for the receiver. 
However, in an analogous art, Moriguchi discloses a data management apparatus comprising (Moriguchi, page 13, lines 29-32, “(FIG. 28: Step S2811) The cryptographic processing server 200 stores the public key ID received in step S2808 and the server side secret key generated in step S2809 in the server side secret key table 220. A data example of the server side private key table 220 after executing this step will be shown again in FIG.”);
a common key generator configured to generate first common keys that are different among predetermined first time sections (Moriguchi, page 7, lines 9, “generates a common key”; page 21, lines 14-15, “the process sequence which updates a common key automatically” discloses common keys that are different among time sections);
an encryptor configured to encrypt data pieces to be transmitted to the processors with the respective first common keys (Moriguchi, page 7, lines 8-10, “(FIG. 12: Step S1201) The information providing terminal 300 newly generates a common key for encrypting information to be managed by the information management system 1000.”; page 1, lines 30-33, “In general, when encrypting and transmitting confidential information such as personal information, the personal information is encrypted using a high-speed common key encryption method, and a common key is obtained using a public key encryption method that facilitates key management and distribution. A hybrid cryptosystem is often used for encryption.”);
a receiver configured to receive, from the provider, data pieces encrypted by the processors with respective second common keys that are different among predetermined second time sections and decrypt the received data pieces (Moriguchi, page 8, lines 11-13, “(FIG. 13: Step S1310) The cryptographic processing server 200 decrypts the information in the information list received in step S1304using the  updated common key decrypted in step S1309 as a decryption key.”);
the encryptor is further configured to encrypt the first common keys with a public key for the processors (Moriguchi, page 10, line 33, “encrypts the common key using the public key”);
the storage is further configured to store the first common keys encrypted by the encryptor and the second common keys encrypted by the processors with a public key for the receiver (Moriguchi, page 6, lines 30-35, “The information management server 100 newly generates a common key ID and stores it in a new row of the common key ID column 131 of the common key table 130. In the same row as the newly stored common key ID column 131, the public key ID and the common key received in step S1103 are stored in the public key ID column 132 and the common key column 134, respectively. The generation date / time column 133 stores the reception date / time of step S1103, and the key update flag column 135 stores TRUE. The state of the common key table 130 after this step is executed is shown again in FIG.”);
the receiver is further configured to acquire the second common keys stored in the storage and to decrypt the acquired second common keys with a secret key for the receiver (Moriguchi, page 14, last four lines, “(FIG. 29: Step S2909).  The cryptographic processing server 200 decrypts the re-encrypted common key list received in step S2904 using the server-side secret key extracted in step S2906 and the terminal-side secret key received in step S2908 as a decryption key.”).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Moriguchi with the data management apparatus/ method/ non-transitory computer readable medium of Sayers to include a data management apparatus comprising: a common key generator configured to generate first common keys that are different among predetermined first time sections, an encryptor configured to encrypt data pieces to be transmitted to the processors with the respective first common keys, a receiver configured to receive, from the provider, data pieces encrypted by the processors with respective second common keys that are different among predetermined second time sections and decrypt the received data pieces, the encryptor is further configured to encrypt the first common keys with a public key for the processors, the storage is further configured to store the first common keys encrypted by the encryptor and the second common keys encrypted by the processors with a public key for the receiver, and the receiver is further configured to acquire the second common keys stored in the storage and to decrypt the acquired second common keys with a secret key for the receiver.
One would have been motivated to provide users with the benefits of reducing a possibility of the leakage of both encrypted information and an encryption key (Moriguchi: abstract).
Regarding claim 7, Sayers and Moriguchi disclose the data management apparatus is further configured to encrypt data pieces with the first common key in accordance with a cryptosystem associated with the corresponding first time section (Moriguchi, page 5, lines 24-28, “FIG. 7 is a diagram illustrating a configuration of the common key table 130 and data examples. The common key table 130 is a table for managing the generation date and time of the common key generated by the information providing terminal 300 or the cryptographic processing server 200. The common key ID column 131, the public key ID column 132, the generation date and time column 133, It has a key string 134 and a key update flag string 135.”).  The motivation is the same as that of the claim from which this claim depends.
Regarding claim 8, Sayers discloses data management method implementable by a data management apparatus including a collection processor to collect machine data pieces repetitively transmitted from a machine, and an execution controller to (i) relay data transmitted and received between the collection processor and a first processor[[,]] of processors[[,]] that are each configured to execute any one of subprocesses involved in a processing flow; on the machine data pieces in an order in accordance with the processing flow, the data management method comprising (Sayers, FIG. 3 and paragraph 0032, data management system with a sensor that collects data, data is encrypted with an IOT access node which stores and provides the received encrypted device data; and a secure site which receives and decodes the encrypted device data from the IOT access node “The Overall System Architecture (FIG. 2) considers implementation of two types of sensors/devices 200: the reporter and the controller. The reporter sensor/device normally transmits information to the network and typically does not receive data from the network although it is possible that it may receive data in other embodiments of this invention. In one possible embodiment of the controller sensor/device, it can receive command data information from the Secure Database Storage 203 and/or the Secure Site 209 and act upon the received command data to perform local functions (e.g. turn on an alarm buzzer). In addition the controller sensor/device can also send command data or information (FIG. 4) 403 to the IOT Access Node (IAN) 405 (it is not clear whether the network refers to Controller Sensor 400 or the act of sending encrypted data by the Controller Sensor 403). Both types of sensor/device transmit at intervals determined during the manufacturing process. The transmissions can typically be time based, application/data based or condition threshold based. Other transmissions schemes are possible and can be envisioned in other embodiments of this invention.”; paragraph 0034, “In one embodiment of the invention when the IOT Access Node (IAN) 201, 302, 405, 505 first accesses the network, the onboard security processor should provide the IOT Access Node (IAN) 201, 302, 405, 505 main processor with a registration message packet pre-encrypted. This packet should be encrypted with a randomly selected cipher key from the cipher keys stored in the IOT Access Node (IAN)'s 201, 302, 405, 505 security processor.”; paragraph 0048, are each configured to encompasses both sides of the link encrypt and decrypt messages);
storing, by the encryptor, the encrypted keys to a storage (Sayers, paragraph 0056, “In one embodiment of the invention when the IOT Access Node (IAN) 201, 302, 405, 505 first accesses the network, the onboard security processor should provide the IOT Access Node (IAN) 201, 302, 405, 505 main processor with a registration message packet pre-encrypted. This packet should be encrypted with a randomly selected cipher key from the cipher keys stored in the IOT Access Node (IAN)'s 201, 302, 405, 505 security processor.”)
and decrypting, by the receiver, the received data pieces (Sayers, paragraphs 0036 and 0037, “Encrypts and decrypts data transfers from and to the sensor/device 200, 302; Encrypts and decrypts data transfers with the IOT Equipment Registry (IER) 204, 511 database”).
Sayers discloses storing, by the encryptor, the encrypted keys to a storage, but does not explicitly disclose generating, by a common key generator of the execution controller, first common keys that are different among predetermined first time sections; encrypting, by an encryptor of the execution controller, the first common keys with a public key for the processors; storing, by the encryptor, the encrypted first common keys to a storage; acquiring, by a receiver of the execution controller, second common keys that are stored in the storage and encrypted with a public key for the receiver, and decrypting, by the receiver, the acquired second common keys with a secret key for the receiver; encrypting, by the encryptor, data pieces to be transmitted to the processors with the first common keys; causing, by the encryptor, the encrypted data pieces to be stored in the storage; providing, by a provider of the execution controller, to the processors the data pieces that are stored in the storage and encrypted by the encryptor; providing, by the provider, to the receiver data pieces that are stored in the storage and encrypted by the processors from which the corresponding data pieces are transmitted with the respective second common keys that are different among predetermined second time sections; and receiving, by the receiver, the data pieces encrypted by the processors.
However, in an analogous art, Moriguchi discloses generating, by a common key generator of the execution controller, first common keys that are different among predetermined first time sections (Moriguchi, page 7, lines 9, “generates a common key”; page 21, lines 14-15, “the process sequence which updates a common key automatically” discloses common keys that are different among time sections);
encrypting, by an encryptor of the execution controller, the first common keys with a public key for the processors (Moriguchi, page 7, lines 8-10, “(FIG. 12: Step S1201) The information providing terminal 300 newly generates a common key for encrypting information to be managed by the information management system 1000.”; page 1, lines 30-33, “In general, when encrypting and transmitting confidential information such as personal information, the personal information is encrypted using a high-speed common key encryption method, and a common key is obtained using a public key encryption method that facilitates key management and distribution. A hybrid cryptosystem is often used for encryption.”);
storing, by the encryptor, the encrypted first common keys to a storage (Moriguchi, page 2, lines 1-5, “On the other hand, even if personal information is encrypted and stored, it is necessary to set an expiration date for the encryption key in order to prevent it from being analyzed by an attacker. Therefore, the encryption key must be updated regularly. As a security standard considering this point, there is PCI DSS (Payment Card Industry Data Security Standard) adopted in the credit card industry. In PCI DSS, at least annual key renewal is mentioned as a requirement for encryption key management.”);
acquiring, by a receiver of the execution controller, second common keys that are stored in the storage and encrypted with a public key for the receiver (Moriguchi, page 5, lines 5-9, “Therefore, in the second embodiment, the information providing terminal 300 encrypts information using a shorter common key, encrypts the common key with a public key, and transmits the encrypted information and the common key to the information management server 100. The structure to be taken is taken. The cryptographic processing server 200 decrypts the common key with the secret key, and further decrypts the information using the common key”);
decrypting, by the receiver, the acquired second common keys with a secret key for the receiver (Moriguchi, page 5, lines 5-9, “Therefore, in the second embodiment, the information providing terminal 300 encrypts information using a shorter common key, encrypts the common key with a public key, and transmits the encrypted information and the common key to the information management server 100. The structure to be taken is taken. The cryptographic processing server 200 decrypts the common key with the secret key, and further decrypts the information using the common key”);
encrypting, by the encryptor, data pieces to be transmitted to the processors with the first common keys (Moriguchi, page 7, lines 8-10, “(FIG. 12: Step S1201) The information providing terminal 300 newly generates a common key for encrypting information to be managed by the information management system 1000.”; page 1, lines 30-33, “In general, when encrypting and transmitting confidential information such as personal information, the personal information is encrypted using a high-speed common key encryption method, and a common key is obtained using a public key encryption method that facilitates key management and distribution. A hybrid cryptosystem is often used for encryption.”);
causing, by the encryptor, the encrypted data pieces to be stored in the storage (Moriguchi, page 2, lines 1-5, “On the other hand, even if personal information is encrypted and stored, it is necessary to set an expiration date for the encryption key in order to prevent it from being analyzed by an attacker. Therefore, the encryption key must be updated regularly. As a security standard considering this point, there is PCI DSS (Payment Card Industry Data Security Standard) adopted in the credit card industry. In PCI DSS, at least annual key renewal is mentioned as a requirement for encryption key management.”);
providing, by a provider of the execution controller, to the processors the data pieces that are stored in the storage and encrypted by the encryptor (Moriguchi, page 6, lines 30-35, “The information management server 100 newly generates a common key ID and stores it in a new row of the common key ID column 131 of the common key table 130. In the same row as the newly stored common key ID column 131, the public key ID and the common key received in step S1103 are stored in the public key ID column 132 and the common key column 134, respectively. The generation date / time column 133 stores the reception date / time of step S1103, and the key update flag column 135 stores TRUE. The state of the common key table 130 after this step is executed is shown again in FIG.”);
providing, by the provider, to the receiver data pieces that are stored in the storage and encrypted by the processors from which the corresponding data pieces are transmitted with the respective second common keys that are different among predetermined second time sections (Moriguchi, page 6, lines 30-35, “The information management server 100 newly generates a common key ID and stores it in a new row of the common key ID column 131 of the common key table 130. In the same row as the newly stored common key ID column 131, the public key ID and the common key received in step S1103 are stored in the public key ID column 132 and the common key column 134, respectively. The generation date / time column 133 stores the reception date / time of step S1103, and the key update flag column 135 stores TRUE. The state of the common key table 130 after this step is executed is shown again in FIG.”);
receiving, by the receiver, the data pieces encrypted by the processors (Moriguchi, page 6, lines 30-35, “The information management server 100 newly generates a common key ID and stores it in a new row of the common key ID column 131 of the common key table 130. In the same row as the newly stored common key ID column 131, the public key ID and the common key received in step S1103 are stored in the public key ID column 132 and the common key column 134, respectively. The generation date / time column 133 stores the reception date / time of step S1103, and the key update flag column 135 stores TRUE. The state of the common key table 130 after this step is executed is shown again in FIG.”).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Moriguchi with the data management apparatus/ method/ non-transitory computer readable medium of Sayers to include generating, by a common key generator of the execution controller, first common keys that are different among predetermined first time sections; encrypting, by an encryptor of the execution controller, the first common keys with a public key for the processors; storing, by the encryptor, the encrypted first common keys to a storage; acquiring, by a receiver of the execution controller, second common keys that are stored in the storage and encrypted with a public key for the receiver, and decrypting, by the receiver, the acquired second common keys with a secret key for the receiver; encrypting, by the encryptor, data pieces to be transmitted to the processors with the first common keys; causing, by the encryptor, the encrypted data pieces to be stored in the storage; providing, by a provider of the execution controller, to the processors the data pieces that are stored in the storage and encrypted by the encryptor; providing, by the provider, to the receiver data pieces that are stored in the storage and encrypted by the processors from which the corresponding data pieces are transmitted with the respective second common keys that are different among predetermined second time sections; and receiving, by the receiver, the data pieces encrypted by the processors.
One would have been motivated to provide users with the benefits of reducing a possibility of the leakage of both encrypted information and an encryption key (Moriguchi: abstract).
Regarding claim 10, Sayers and Moriguchi disclose the data management apparatus according to claim 1.  Moriguchi discloses wherein the first time sections are sections that are predetermined to be divided depending on a value of a data piece encrypted with the corresponding first common key (Moriguchi, page 5, lines 29-37, “The common key ID column 131 holds an ID for identifying each common key. The public key ID column 132 holds the ID of the public key obtained by encrypting the common key identified by the value of the common key ID column 131. The generation date / time  column 133 holds the generation date / time  of the common key identified by the value of the common key ID column 131. The common key string 134 holds the common key itself identified by the value of the common key ID string 131. However, this common key is encrypted with the public key identified by the value of the public key ID column 132. The key update flag column 135 indicates whether or not the common key identified by the value of the common key ID column 131 needs to be updated. If the value in this column is TRUE, it indicates that updating is necessary, and if it is FALSE, it indicates that updating is not necessary.”). The motivation is the same as that of the claim from which this claim depends.
Claims 3 and 4 are rejected under 35 U.S.C. 103 under 35 U.S.C. 103 as being unpatentable over Sayers (US2019081936), filed April 24, 2017, in view of Moriguchi (JP2011164907), published August 25, 2011, and further in view of Tanabe (JP5802892), published November 4, 2015.
Regarding claim 3, Sayers and Moriguchi disclose the data management apparatus according to claim 1.
Sayers and Moriguchi do not explicitly disclose wherein the storage is further configured to store the first common keys and first time- section information pieces in association with each other, and the second common keys and second time-section information pieces in association with each other, the first time-section information pieces indicating the first time sections involving execution of encryption with the respective first common keys, the second time-section information pieces indicating the second time sections involving execution of encryption with the respective second common keys, and 3Application No. 17/600,613 Reply to Office Action of February 4, 2022 in each of the second time sections indicated by the second time-section information pieces stored in the storage, the receiver decrypts data pieces with the second common key associated with the corresponding second time-section information piece.
However, in an analogous art, Tanabe discloses wherein the storage is further configured to store the first common keys and first time- section information pieces in association with each other, and the second common keys and second time-section information pieces in association with each other, the first time-section information pieces indicating the first time sections involving execution of encryption with the respective first common keys, the second time-section information pieces indicating the second time sections involving execution of encryption with the respective second common keys, and 3Application No. 17/600,613 Reply to Office Action of February 4, 2022 in each of the second time sections indicated by the second time-section information pieces stored in the storage, the receiver decrypts data pieces with the second common key associated with the corresponding second time-section information piece (Tanabe, page 4, lines 18-23, “The message authentication unit 12A refers to the second common key table 14 and extracts the second common key 14b corresponding to the acquired reference number 14a (step T23). Then, by using the second common key 14b, the encrypted value obtained by decrypting the MAC (the encrypted value obtained in Step T4A) is decrypted to calculate the second secret value (Step T24). Specifically, it is an inverse function of a predetermined second bijection function used at the time of generating the encryption value, and the encryption value is converted to another 1-byte value (second secret value) using the second common key 14b.“).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Tanabe with the data management apparatus/ method/ non-transitory computer readable medium of Sayers and Moriguchi to include wherein the storage is further configured to store the first common keys and first time- section information pieces in association with each other, and the second common keys and second time-section information pieces in association with each other, the first time-section information pieces indicating the first time sections involving execution of encryption with the respective first common keys, the second time-section information pieces indicating the second time sections involving execution of encryption with the respective second common keys, and 3Application No. 17/600,613 Reply to Office Action of February 4, 2022 in each of the second time sections indicated by the second time-section information pieces stored in the storage, the receiver decrypts data pieces with the second common key associated with the corresponding second time-section information piece.
One would have been motivated to provide users with the benefits of making it difficult for data to be altered or spoofed (Tanabe: abstract).
Regarding claim 4, Sayers and Moriguchi disclose the data management apparatus according to claim 3.  Moriguchi discloses wherein the first time-section information piece relates to at least one of start or end of the first time section (Moriguchi, page 12, lines 28-32, “As described above, in the third embodiment, the information management server 100 extracts a common key whose generation date / time column 133 has passed for a predetermined period or more. The cryptographic processing server 200 generates a new common key and re-encrypts the management target information using the common key. Thereby, the re-encryption process accompanying the update of the common key (encryption key / decryption key) can be automated, and the burden on the administrator can be reduced.”).  The motivation is the same as that of the claim from which this claim depends.
Claim 5 is rejected under 35 U.S.C. 103 under 35 U.S.C. 103 as being unpatentable over Sayers (US2019081936), filed April 24, 2017, in view of Moriguchi (JP2011164907), published August 25, 2011, and further in view of Wakita (JP2017169017), published September 21, 2017.
Regarding claim 5, Sayers and Moriguchi disclose the data management apparatus according to claim 1.
Sayers and Moriguchi do not explicitly disclose further comprising: a setting receiver configured to receive setting for the first time sections, wherein the encryptor is further configured to encrypt data pieces with the first common keys that are different among the first time sections, the first time sections being defined in accordance with the setting received by the setting receiver
However, in an analogous art, Wakita discloses further comprising: a setting receiver configured to receive setting for the first time sections, wherein the encryptor is further configured to encrypt data pieces with the first common keys that are different among the first time sections, the first time sections being defined in accordance with the setting received by the setting receiver  (Wakita, page 3, lines 4-5, “The encryption communication setting unit 28 includes an information table 48, a common key table 50, an index update unit 52, an information setting unit 54, and a common key setting unit 56”; page 11, lines 30-33, “That is, the first device 12 generates the encrypted data Ed3 by encrypting the held second information D2 by the encryption algorithm using the held first common key K1. The second device 14 encrypts the stored second information D2 by the encryption algorithm using the stored second common key K2 to generate the encrypted data  Ed4, and the generated fourth encrypted data  Ed4 is the first device 12. Send to. Then, the first device 12 verifies whether the received encrypted data Ed4 matches the stored encrypted data Ed3.”).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Wakita with the data management apparatus/ method/ non-transitory computer readable medium of Sayers and Moriguchi to include further comprising: a setting receiver configured to receive setting for the first time sections, wherein the encryptor is further configured to encrypt data pieces with the first common keys that are different among the first time sections, the first time sections being defined in accordance with the setting received by the setting receiver.
One would have been motivated to provide users with the benefits of establishing communication circumventing leakage of a common key, while increasing utilization efficiency of data (Wakita: abstract).
Claim 6 is rejected under 35 U.S.C. 103 under 35 U.S.C. 103 as being unpatentable over Sayers (US2019081936), filed April 24, 2017, in view of Moriguchi (JP2011164907), published August 25, 2011, and further in view of Doi (JP2000209256), published July 28, 2000.
Regarding claim 6, Sayers and Moriguchi disclose the data management apparatus according to claim 1.
Sayers and Moriguchi do not explicitly disclose wherein the encryptor is further configured to encrypt data pieces to be transmitted respectively to the processors with 
However, in an analogous art, Doi discloses wherein the encryptor is further configured to encrypt data pieces to be transmitted respectively to the processors with  (Doi, page 33, lines 16-25, “During the decryption processing of the character strings described in the body parts MB4 and MB2 of the second and external transfer mails MA4 and MA2, the decryption units 69 and 76 of the mails MA4 and MA2 perform the encryption described in the header parts MH4 and MH2 of the mails MA4 and MA2. Refers to the activation control information. As a result, the decryption units 69 and 76 can easily and reliably recognize the common key used for encrypting the character string. As a result, the decryption units 69 and 76 simultaneously receive a plurality of transfer e-mails including e-mails encrypted using mutually different common key, and when the transfer control units 33 and 34 When the e-mail is received in a different order from the order in which the e-mail was transmitted from the proxy and transfer control units 34 and 33, the e-mail was used for encrypting the character string described in the body part of each e-mail for transfer. The common key can be reliably recognized.”).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Wakita with the data management apparatus/ method/ non-transitory computer readable medium of Sayers and Moriguchi to include wherein the encryptor is further configured to encrypt data pieces to be transmitted respectively to the processors with 
One would have been motivated to provide users with the benefits of easy and reliable recognition of the common key by decryption units (Doi: page 33, lines 16-25).
Claim 9 and 11-13 are rejected under 35 U.S.C. 103 under 35 U.S.C. 103 as being unpatentable over Sayers (US2019081936), filed April 24, 2017, in view of Moriguchi (JP2011164907), published August 25, 2011, and Sakemi (US20150134964), filed January 20, 2015.
Regarding claim 9, Sayers discloses a collection processor to collect machine data pieces repetitively transmitted from the machine; and an execution controller to (i) relay data transmitted and received between the collection processor and a first processor[[,]] of processors[[,]] that are each configured to execute any one of subprocesses involved in a processing flow, on the machine data pieces in an order in accordance with the processing flow, wherein  (Sayers, FIG. 3 and paragraph 0032, data management system with a sensor that collects data, data is encrypted with an IOT access node which stores and provides the received encrypted device data; and a secure site which receives and decodes the encrypted device data from the IOT access node “The Overall System Architecture (FIG. 2) considers implementation of two types of sensors/devices 200: the reporter and the controller. The reporter sensor/device normally transmits information to the network and typically does not receive data from the network although it is possible that it may receive data in other embodiments of this invention. In one possible embodiment of the controller sensor/device, it can receive command data information from the Secure Database Storage 203 and/or the Secure Site 209 and act upon the received command data to perform local functions (e.g. turn on an alarm buzzer). In addition the controller sensor/device can also send command data or information (FIG. 4) 403 to the IOT Access Node (IAN) 405 (it is not clear whether the network refers to Controller Sensor 400 or the act of sending encrypted data by the Controller Sensor 403). Both types of sensor/device transmit at intervals determined during the manufacturing process. The transmissions can typically be time based, application/data based or condition threshold based. Other transmissions schemes are possible and can be envisioned in other embodiments of this invention.”; paragraph 0034, “In one embodiment of the invention when the IOT Access Node (IAN) 201, 302, 405, 505 first accesses the network, the onboard security processor should provide the IOT Access Node (IAN) 201, 302, 405, 505 main processor with a registration message packet pre-encrypted. This packet should be encrypted with a randomly selected cipher key from the cipher keys stored in the IOT Access Node (IAN)'s 201, 302, 405, 505 security processor.”; paragraph 0048, are each configured to encompasses both sides of the link encrypt and decrypt messages);
the execution controller comprises (Sayers, paragraph 0050, microcontrollers; paragraph 0051, processors);
a storage to store data pieces encrypted by the encryptor and data pieces encrypted by the processors from which the corresponding data pieces are transmitted (Sayers, paragraph 0056, “In one embodiment of the invention when the IOT Access Node (IAN) 201, 302, 405, 505 first accesses the network, the onboard security processor should provide the IOT Access Node (IAN) 201, 302, 405, 505 main processor with a registration message packet pre-encrypted. This packet should be encrypted with a randomly selected cipher key from the cipher keys stored in the IOT Access Node (IAN)'s 201, 302, 405, 505 security processor.”);
a provider to provide data pieces stored in the storage (Sayers, paragraph 0056, “The packet may typically contain one or more of the following: a timestamp, random number, CRC, a sequence number, secure serialized identity/MD5 hash of the flash memory contents. The packet is forwarded to the IOT Equipment Registry (IER) 204, 306, 410, 511 database with the IOT Access Node (IAN) 201, 302, 405, 505 unique visible serialized identity added to the data packet in clear text 508. The IOT Equipment Registry (IER) 204, 306, 410, 511 database will attempt to decode the IOT Access Node (IAN) 201, 302, 405, 505 registration packet with all the cipher keys 512 available for the identified IOT Access Node (IAN) 201, 302, 405, 505. If the decryption succeeds then the IOT Equipment Registry (IER) 204, 511 database will check the contents are valid, if so then the packet has been successfully deciphered. A successfully deciphered message will indicate that the IOT Access Node (IAN) 201, 302, 405, 505 is genuine. “).
Sayers does not explicitly disclose non-transitory computer-readable recording medium storing a program, the program causing a computer to be connected to a machine to function as: a common key generator to generate first common keys that are different among predetermined first time sections, an encryptor to encrypt data pieces to be transmitted to the processors with the respective first common keys, a receiver to receive, from the providers, data pieces encrypted by the processors with respective second common keys that are different among predetermined second time sections and decrypt the received data pieces, the encryptor encrypts the first common keys with a public key for the processors, the storage stores the first common keys encrypted by the encryptor and the second common keys encrypted by the processors with a public key for the receiver, and the receiver acquires the second common keys stored in the storage and decrypts the acquired second common keys with a secret key for the receiver.
However, in an analogous art, Moriguchi discloses a non-transitory computer-readable recording medium storing a program, the program causing a computer to be connected to a machine to function as (Moriguchi, page 13, lines 29-32, “(FIG. 28: Step S2811) The cryptographic processing server 200 stores the public key ID received in step S2808 and the server side secret key generated in step S2809 in the server side secret key table 220. A data example of the server side private key table 220 after executing this step will be shown again in FIG.”);
a common key generator to generate first common keys that are different among predetermined first time sections (Moriguchi, page 7, lines 9, “generates a common key”; page 21, lines 14-15, “the process sequence which updates a common key automatically” discloses common keys that are different among time sections);
an encryptor to encrypt data pieces to be transmitted to the processors with the respective first common keys (Moriguchi, page 7, lines 8-10, “(FIG. 12: Step S1201) The information providing terminal 300 newly generates a common key for encrypting information to be managed by the information management system 1000.”; page 1, lines 30-33, “In general, when encrypting and transmitting confidential information such as personal information, the personal information is encrypted using a high-speed common key encryption method, and a common key is obtained using a public key encryption method that facilitates key management and distribution. A hybrid cryptosystem is often used for encryption.”);
a receiver to receive, from the providers, data pieces encrypted by the processors with respective second common keys that are different among predetermined second time sections and decrypt the received data pieces (Moriguchi, page 8, lines 11-13, “(FIG. 13: Step S1310) The cryptographic processing server 200 decrypts the information in the information list received in step S1304 using the updated common key decrypted in step S1309 as a decryption key.”);
the encryptor encrypts the first common keys with a public key for the processors (Moriguchi, page 10, line 33, “encrypts the common key using the public key”);
the storage stores the first common keys encrypted by the encryptor and the second common keys encrypted by the processors with a public key for the receiver (Moriguchi, page 6, lines 30-35, “The information management server 100 newly generates a common key ID and stores it in a new row of the common key ID column 131 of the common key table 130. In the same row as the newly stored common key ID column 131, the public key ID and the common key received in step S1103 are stored in the public key ID column 132 and the common key column 134, respectively. The generation date / time column 133 stores the reception date / time of step S1103, and the key update flag column 135 stores TRUE. The state of the common key table 130 after this step is executed is shown again in FIG.”);
the receiver acquires the second common keys stored in the storage and decrypts the acquired second common keys with a secret key for the receiver (Moriguchi, page 14, last four lines, “(FIG. 29: Step S2909).  The cryptographic processing server 200 decrypts the re-encrypted common key list received in step S2904 using the server-side secret key extracted in step S2906 and the terminal-side secret key received in step S2908 as a decryption key.”).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Moriguchi with the data management apparatus/ method/ non-transitory computer readable medium of Sayers to include non-transitory computer-readable recording medium storing a program, the program causing a computer to be connected to a machine to function as: a common key generator to generate first common keys that are different among predetermined first time sections, an encryptor to encrypt data pieces to be transmitted to the processors with the respective first common keys, a receiver to receive, from the providers, data pieces encrypted by the processors with respective second common keys that are different among predetermined second time sections and decrypt the received data pieces, the encryptor encrypts the first common keys with a public key for the processors, the storage stores the first common keys encrypted by the encryptor and the second common keys encrypted by the processors with a public key for the receiver, and the receiver acquires the second common keys stored in the storage and decrypts the acquired second common keys with a secret key for the receiver.
One would have been motivated to provide users with the benefits of reducing a possibility of the leakage of both encrypted information and an encryption key (Moriguchi: abstract).
Sayers and Moriguchi disclose an encryptor to encrypt data pieces to be transmitted to the processors with the respective first common keys, but do not explicitly disclose an encryptor to encrypt data pieces to be transmitted to the processors with the respective first common keys such that a different one of the first common keys is used to encrypt the data pieces to be transmitted to each of the processors.
However, in an analogous art, Sakemi discloses an encryptor to encrypt data pieces to be transmitted to the processors with the respective first common keys such that a different one of the first common keys is used to encrypt the data pieces to be transmitted to each of the processors (Sakemi, paragraph 0053, use of a common key which varies each session. Each of the processors for which an encrypted data piece is to be received encrypted by a different one of the first common keys encompasses use of a common key that varies in each session).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Sakemi with the data management apparatus/ method/ non-transitory computer readable medium of Sayers and Moriguchi to include an encryptor to encrypt data pieces to be transmitted to the processors with the respective first common keys such that a different one of the first common keys is used to encrypt the data pieces to be transmitted to each of the processors.
One would have been motivated to provide users with the benefits of improving encrypted communications between noes in a network system (Sakemi: paragraphs 0002, 0018, 0019).
Regarding claim 11, Sayers and Moriguchi disclose the data management apparatus according to claim 1.
Sayers and Moriguchi do not explicitly disclose wherein the encryptor is further configured to encrypt the data pieces to be transmitted to the processors with the respective first common keys such that a different one of the first common keys is used to encrypt the data pieces to be transmitted to each of the processors.  
However, in an analogous art, Sakemi discloses wherein the encryptor is further configured to encrypt the data pieces to be transmitted to the processors with the respective first common keys such that a different one of the first common keys is used to encrypt the data pieces to be transmitted to each of the processors (Sakemi, paragraph 0053, use of a common key which varies each session. Each of the processors for which an encrypted data piece is to be received encrypted by a different one of the first common keys encompasses use of a common key that varies in each session).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Sakemi with the data management apparatus/ method/ non-transitory computer readable medium of Sayers and Moriguchi to include wherein the encryptor is further configured to encrypt the data pieces to be transmitted to the processors with the respective first common keys such that a different one of the first common keys is used to encrypt the data pieces to be transmitted to each of the processors.
One would have been motivated to provide users with the benefits of improving encrypted communications between noes in a network system (Sakemi: paragraphs 0002, 0018, 0019).
Regarding claim 12, Sayers and Moriguchi disclose the data management method according to claim 8.
Sayers and Moriguchi do not explicitly disclose wherein the encrypting uses a different one of the first common keys to encrypt the data pieces to be transmitted to each of the processors.
However, in an analogous art, Sakemi discloses wherein the encrypting uses a different one of the first common keys to encrypt the data pieces to be transmitted to each of the processors (Sakemi, paragraph 0053, use of a common key which varies each session. Each of the processors for which an encrypted data piece is to be received encrypted by a different one of the first common keys encompasses use of a common key that varies in each session).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Sakemi with the data management apparatus/ method/ non-transitory computer readable medium of Sayers and Moriguchi to include wherein the encrypting uses a different one of the first common keys to encrypt the data pieces to be transmitted to each of the processors.
One would have been motivated to provide users with the benefits of improving encrypted communications between noes in a network system (Sakemi: paragraphs 0002, 0018, 0019).
Regarding claim 13, Sayers and Moriguchi disclose the non-transitory computer-readable recording medium according to claim 9.
Sayers and Moriguchi do not explicitly disclose wherein the encryptor is further configured to encrypt the data pieces to be transmitted to the processors with the respective first common keys such that a different one of the first common keys is used to encrypt the data pieces to be transmitted to each of the processors.
However, in an analogous art, Sakemi discloses wherein the encryptor is further configured to encrypt the data pieces to be transmitted to the processors with the respective first common keys such that a different one of the first common keys is used to encrypt the data pieces to be transmitted to each of the processors (Sakemi, paragraph 0053, use of a common key which varies each session. Each of the processors for which an encrypted data piece is to be received encrypted by a different one of the first common keys encompasses use of a common key that varies in each session).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Sakemi with the data management apparatus/ method/ non-transitory computer readable medium of Sayers and Moriguchi to include wherein the encryptor is further configured to encrypt the data pieces to be transmitted to the processors with the respective first common keys such that a different one of the first common keys is used to encrypt the data pieces to be transmitted to each of the processors.
One would have been motivated to provide users with the benefits of improving encrypted communications between noes in a network system (Sakemi: paragraphs 0002, 0018, 0019).

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WALTER J MALINOWSKI whose telephone number is (571)272-5368. The examiner can normally be reached 8-6:30 MTWH.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, LUU PHAM can be reached on 5712705002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/W.J.M/Examiner, Art Unit 2439 


/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439