Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after allowance or after an Office action under Ex Parte Quayle, 25 USPQ 74, 453 O.G. 213 (Comm'r Pat. 1935). Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, prosecution in this application has been reopened pursuant to 37 CFR 1.114.  Applicant's submission filed on 04/05/2022 has been entered.

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 04/05/2022 has been considered. The submission is in compliance with the provisions of 37 CFR 1.97. Form PTO-1449 is signed and attached hereto. 

4.	Claims 1-20 have been examined and are pending in this application. Claims 1, 10 and 16 are independent.

5.	Claims 1-20 are allowed.

Allowable Subject Matter
6.	Claims 1-20 are allowed. 
7.	The following is an examiner’s statements of reasons for allowance:
8. 	 The following references disclose the general subject matter recited in independent claims 1, 10 and 16. 

Hook et al. (Pub. No.: 2014/0325231 A1) provide the workspace key and community key are provided for defining access to content and user and the content is encrypted/decrypted using workspace and community keys such that the security of the content is improved. The certificate-based credentials are provided for encryption process. The need for transfer-based encryption process is avoided and revocation can be managed effectively by easily removing member from user groups. The user is allowed to establish own web of trust in secure way. The storage management of data can be performed at low cost.

Treinen et al. (Pub. No.: 2013/0191629 A1) provide The method involves encrypting documents using a public key and electronically storing encrypted documents on computer (110) through a network (140). A private key corresponding to public key is encrypted using each workgroup users personal public key. The encrypted documents and private key are provided to the user upon request from user so that user can decrypt private key and documents. The encrypted private key is downloaded and re-encrypted with changed membership's personal public keys, when membership of workgroup changes. 

Guccione et al. (Pub. No.: 2013/0266309 A1) the encrypted data key is retrieved from the vault service provider in response to confirmation of the user's identity via an attestation public key. The encrypted data key is received from the vault service provider and decrypted using the data decryption key. The data decryption key is a data private key (DPRIV) previously generated in a key pair with a data public key (DPUB), where the DPRIV key is stored in local storage.
Reasons for Allowance 
9.	The following is an examiner’s statement of reasons for allowance:
The prior art of record neither teach nor render obvious the instant application claimed invention as a whole, in particular, the prior art fails to teach “… when executed by the processor, cause the computer to control access to a vault storing encrypted secret data 1 generated by encrypting secret data 1 using a secret key 1, an encrypted secret key 1 generated by encrypting the secret key 1 using a vault key that is associated with a user group, and an encrypted vault key 1 generated by encrypting the vault key using a public key 1 of a first private-public key pair associated with a first identity of a first user of the user group, access for individual users to the vault is controlled based on a membership status with the user group; receive membership data configured to control communication between individual users of the user group in a communication session, the membership data indicating a second identity of a second user of the user group; in response to receiving the membership data indicating the addition of the second user of the group, communicating an update command to a client device associated with the first user, the update command causing the client device to generate an encrypted vault key 2 by encrypting the vault key using a public key 2 of a second private-public key pair associated with the second identity of the second user of the user group; and receive the encrypted vault key 2 for storage of the encrypted vault key 2 in the vault in association with the second identity of the second user, the vault configured to grant the second user access to the encrypted vault key 2 based on a membership status with the user group”, as recited in claim 1, “…  controlling access to a vault storing encrypted secret data 1 generated by encrypting secret data 1 using a secret key 1, an encrypted secret key 1 generated by encrypting the secret key 1 using a vault key that is associated with a user group, and an encrypted vault key 1 (104') generated by encrypting the vault key using a public key 1 of a first private-public key pair associated with a first identity of a first user of the user group, access for individual users to the vault is controlled based on a membership status with the user group; receiving membership data from a group manager configured to control communication between individual users of the user group in a communication session, the membership data indicating an addition of a second user of the user group; in response to receiving the membership data indicating the addition of the second user of the group, communicating an update command to a client device associated with the first user, the update command causing the client device to generate an encrypted vault key 2 by encrypting the vault key using a public key 2 of a second private-public key pair associated with the second user; and configure the vault to allow storage of encrypted data in association with the second user by associating a second identity with the vault, the vault configured to grant the second user permission to store the encrypted data while the second user is a current member of the user group”, as recited in claim 10 and “… an encrypted secret key 1 generated by encrypting the secret key 1 using a vault key that is associated with a user group, and an encrypted vault key 1 (104') generated by encrypting the vault key using a public key 1 of a first private-public key pair associated with a first identity of a first user of the user group, access for individual users to the vault is controlled based on a membership status with the user group; means for receiving membership data from a group manager configured to control communication between individual users of the user group in a communication session, the membership data indicating a second identity of a second user of the user group; in response to receiving the membership data indicating the addition of the second user of the group, communicating an update command to a client device associated with the first user, the update command causing the client device to generate an encrypted vault key 2 by encrypting the Serial No.: 16/702,332-8- Atty Docket No.: MS1-9415US Atty/Agent: Scott Y. ShigetaNewport IP, LLCvault key using a public key 2 of a second private-public key pair associated with the second identity of the second user of the user group; and receiving the encrypted vault key 2 for storage of the encrypted vault key 2 in the vault in association with the second identity of the second user, the vault configured to grant the second user access to the encrypted vault key 2 based on a membership status with the user group”, as recited in claim 16.

However, the above prior arts including the other references of the record either taken alone or in combination neither anticipates nor renders obvious the claimed subject matter of the instant application that is taken as a whole including the specific and particular features/steps recited in independent claims 1, 10 and 16. For this reason, the specific claim limitations recited in independent claims 1, 10 and 16 taken as whole are found to be novel and allowable.

10.	 The dependent claims 2-9,11-15 And 17-20 which are dependent on the above independent claim being further limiting to the independent claim, 1, 10 and 16 definite and enabled by the specification are also allowed.







Conclusion

11.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to ABIY GETACHEW whose telephone number is (571)272-6932. The examiner can normally be reached Mon.-Fri. 9:00 AM - 5:30 PM.

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571) 272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.

Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





A.G.
May 16, 2022
/ABIY GETACHEW/Primary Examiner, Art Unit 2434