DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The present application, filed on October 30, 2020, is accepted.
Claims 1 – 20 are being considered on the merits.

Drawings
The drawings, filed on October 30, 2020, are accepted.

Specification
The specification, filed on October 30, 2020, is accepted.

Claim Objections
Claims 3-4, 7-10, 13-14 and 17-20 are objected to because of the following informalities:  Claims  3-4, 7-10, 13-14 and 17-20  recite the acronyms TPM and/or LRU. All acronyms should be spelled out on their first occurrence.  Appropriate correction is required.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1 – 2, 5 – 6 and 11 – 12 are rejected under 35 U.S.C. 103 as being unpatentable over US 20200184086 A1 to Bishop et al., (hereinafter, “Bishop”) in view of US 20180351928 A1 to Yoo.
Regarding claim 1, Bishop teaches a method, comprising: receiving clear text data at a storage system; [Bishop, para. 31 discloses the process begins in S400 and the data handling system receives data in S410. The data handling system segments the data in S420.] generating, at the storage system, a clear text data encryption key; [Bishop, para. 31 discloses a key management server of the encryption/decryption system generates independent keys and the envelope encryption engine encrypts the segmented data using the independent keys in S430] encrypting, at the storage system, the clear text data with the clear text data encryption key to create encrypted data; [Bishop, para. 31 discloses a key management server of the encryption/decryption system generates independent keys and the envelope encryption engine encrypts the segmented data using the independent keys in S430] and storing, together, the encrypted data and the encrypted data encryption key. [Bishop, para. 31 discloses the data handling system stores the encrypted independent keys alongside the corresponding segmented data in a designated data storage area. In some embodiments, the data and independent keys can be spread across multiple cloud providers.], but Bishop does not teach requesting a key management system to encrypt the clear text data encryption key with a master key to create an encrypted data encryption key, and the requesting is performed by the storage system; receiving, at the storage system, the encrypted data encryption key from the key management system;
However, Yoo does teach requesting a key management system to encrypt the clear text data encryption key with a master key to create an encrypted data encryption key, and the requesting is performed by the storage system; [Yoo, para. 42 discloses the key access server 120 may request the master key management server 140 to provide a master key using an identifier of the master key and may receive the master key corresponding to the identifier. The master key is used to encrypt or decrypt a service key as described above. Para. 41 the key access server 120 may encrypt and manage a service key using a corresponding master key. More specifically, the key access server 120 may encrypt a service key using a corresponding master key and store the encrypted service key in the service key management DB 160 by matching the encrypted service key with an identifier of the corresponding master key. Here, once the service key is encrypted, the master key may be removed from the key access server 120.] receiving, at the storage system, the encrypted data encryption key from the key management system; [Yoo, para. 47 discloses the service key management DB 160 is a DB that stores a service key encrypted using a master key. More specifically, the service key management DB 160 may store an encrypted service key received from the key access server 100 and/or an identifier of a master key corresponding to the encrypted service key.]
	Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Yoo’s system with Bishop’s system, with a motivation to secure the confidentiality of cloud data may be encrypted and managed using a master key, and the master key may be stored in a distributed manner in the form of a plurality of key fragments. Moreover, since the master key is not stored in any server or device, the confidentiality of the service key and the master key can be ensured. [Yoo, para. 132]

Regarding claim 2, modified Bishop teaches the method as recited in claim 1, but Bishop does not teach wherein the master key is an unexportable key that is stored only at the key management system and not at the storage system.
However, Yoo does teach wherein the master key is an unexportable key that is stored only at the key management system and not at the storage system. [Yoo, para. 43 discloses The master key management server 140 manages master keys used to ensure the confidentiality of service keys and provides a corresponding master key to the key access server 120 in response to a master key request from the key access server 120. Para. 44 discloses in the first embodiment, the master key management server 140 may extract a plurality of key fragments from a master key and store the key fragments in the master key management DB 170 in a distributed manner. Once the key fragments are extracted, the master key may be removed. Para. 46 discloses not only a plurality of key fragments are stored in a distributed manner, but also a master key is removed once the key fragments are extracted. Therefore, the master key is not stored in any device within the system 10. Hence, according to the current embodiment, the confidentiality of the master key can be ensured.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Yoo’s system with Bishop’s system, with a motivation to secure the confidentiality of cloud data may be encrypted and managed using a master key, and the master key may be stored in a distributed manner in the form of a plurality of key fragments. Moreover, since the master key is not stored in any server or device, the confidentiality of the service key and the master key can be ensured. [Yoo, para. 132]

As per claim 5, modified Bishop teaches the method as recited in claim 1, further comprising receiving a read request at the storage system and, in response to receipt of the read request, reading out, at the storage system, the encrypted data and the encrypted data encryption key. [Bishop, para. 40 discloses A client or participant sends a download request in 5712 and the system validates the request in S722 and S732. In S734, the system reads the file metadata, including the count of file chunks, from the DAL storage. In S736, in parallel for multiple chunks, the system reads the encrypted key and compressed data from the DAL storage and requests decryption of independent keys in S738. In S742, the key management server checks to determine if a master key exists for the requested file.]

As per claim 6, modified Bishop teaches the method as recited in claim 5, further comprising obtaining the plain text data encryption key which was used to create the encrypted data encryption key, and decrypting the encrypted data with the plain text data encryption key. [Bishop, para. 41 discloses The decrypted independent keys can then be used to decrypt the respective individual data chunks, which can also be decompressed in S752. In S754, the system assembles the file from the decrypted and decompressed data chunks. The system streams the retrieved file in S756 and the request is successfully completed in S760.]

Regarding claim 11 – 12, they recite features similar to feature in claims 1 – 2, therefore, they are rejected in the same manner.

Regarding claim 15 – 16, they recite features similar to feature in claims 5 – 6, therefore, they are rejected in the same manner.

Claims 3 – 4, 7, 13 – 14, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over US 20200184086 A1 to Bishop et al., (hereinafter, “Bishop”) in view of US 20180351928 A1 to Yoo in further view of US 20200057859 A1 to Richards at al., (hereinafter, “Richards”).
Regarding claim 3, modified Bishop teaches the method as recited in claim 1, but modified Bishop does not teach further comprising using a TPM chip to wrap the encrypted data encryption key received from the key management system to create a TPM wrapped key.
	However, Richards does teach comprising using a TPM chip to wrap the encrypted data encryption key received from the key management system to create a TPM wrapped key. [Richards, para. 43 discloses The TPM, unlock protocol operates on a Trusted Platform Module, which is secure hardware that acts as a hardware root of trust and provides a secure protocol for storing encryption keys. Para. 44 discloses The lock operation (i.e., generate operation for the TPM protocol) begins by generating a random Unlock Key Encryption Key 405 and wraps the Unlock Key Encryption Key 405 using a public key of a Rivest-Shamir-Adleman (“RSA”) key pair generated by the TPM. The RSA Key Pair private key is wrapped using the SRK public key and protected using an SRK password and a platform configurable register (“PCR”) linked to the OVC state. The persistent state generated is the wrapped Unlock Key Encryption Key 405 and an encrypted RSA Key Pair.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Richards’s system with modified Bishop’s system, with a motivation to secure hardware that acts as a hardware root of trust and provides a secure protocol for storing encryption keys. [Richards, para. 43]

Regarding claim 4, modified Bishop teaches the method as recited in claim 3, but modified Bishop does not teaches further comprising storing the TPM wrapped key in a key table at the storage system.
However, Richards does teach further comprising storing the TPM wrapped key in a key table at the storage system. [Richards, para. 43 discloses TPM includes at least the following features: attestation (a secure hash chain for providing secure boot), binding (encryption using the TPM as a key store), and sealing (a secure key store that will decrypt if the TPM is in a specified state). If the host hardware supports TPMs and access to guests then the TPM can be used to protect the Node Key Encryption Key 205 by wrapping it under a key pair (not shown) protected by the Storage Root Key(“SRK”) on the TPM. In this manner, the Unlock Key Encryption Key 405 can only be retrieved if the original TPM hardware is used for decryption, the secure object store 115 is in a known state, and the VM 135 has access to the SRK password.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Richards’s system with modified Bishop’s system, with a motivation to secure hardware that acts as a hardware root of trust and provides a secure protocol for storing encryption keys. [Richards, para. 43]

Regarding claim 7, modified Bishop teaches the method as recited in claim 6, but modified Bishop does not teach where in obtaining the plain text data encryption key comprises one of: obtaining, from memory of the storage system, the plain text data encryption key; unwrapping a TPM wrapped key stored in a key table at the storage system, transmitting the resulting unwrapped key to the key management system and, receiving from the key management system, the plain text data encryption key; or obtaining, from an LRU memory cache of the key management system, the plain text data encryption key.
However, Yoo does teach where in obtaining the plain text data encryption key comprises one of: obtaining, from memory of the storage system, the plain text data encryption key; [Yoo, para. 32 discloses the cloud service provision system 20 may receive a service key from the encryption key management system 10 and encrypt or decrypt cloud data using the service key to provide the confidentiality of the data.] or obtaining, from an LRU memory cache of the key management system, the plain text data encryption key. [Yoo, para. 69 discloses A master key is cached because a relatively large amount of computing and time cost is required in the process of reconstructing the master key. For example, in order to reconstruct a master key, a plurality of key fragments must be retrieved from a plurality of DBs included in the master key management DB 170. This may cause multiple DB accesses, and a considerable amount of computing cost may be required to reconstruct the master key from the key fragments. Para. 68 disclose the cache server 150 may cache a master key according to a preset caching policy. The caching policy may be, but is not limited to, Least Recently Used (LRU).]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Yoo’s system with modified Bishop’s system, with a motivation to secure the confidentiality of cloud data may be encrypted and managed using a master key, and the master key may be stored in a distributed manner in the form of a plurality of key fragments. Moreover, since the master key is not stored in any server or device, the confidentiality of the service key and the master key can be ensured. [Yoo, para. 132]
However, Bishop in view of Yoo does not teach where in obtaining the plain text data encryption key comprises one of: unwrapping a TPM wrapped key stored in a key table at the storage system, transmitting the resulting unwrapped key to the key management system and, receiving from the key management system, the plain text data encryption key, but Richards does teach where in obtaining the plain text data encryption key comprises one of: unwrapping a TPM wrapped key stored in a key table at the storage system, transmitting the resulting unwrapped key to the key management system and, receiving from the key management system, the plain text data encryption key; [Richards, para. 45 discloses the unlock operation (i.e., the recovery operation for TPM) receives as input parameters the Encrypted Node Key Encryption Key 405 and the persistent state (i.e., the wrapped Unlock Key Encryption Key and an encrypted RSA Key Pair). To unlock the Node Key Encryption Key 205, the protocol loads the RSA key pair into the TPM so that the TPM can unwrap it using the SRK and pass the wrapped Unlock Key Encryption Key 405 to the TPM so that the TPM can unwrap it using the RSA key]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Richards’s system with modified Bishop’s system, with a motivation to secure hardware that acts as a hardware root of trust and provides a secure protocol for storing encryption keys. [Richards, para. 43]

Regarding claim 13 – 14, they recite features similar to feature in claims 3 – 4, therefore, they are rejected in the same manner.

Regarding claim 17, it recites features similar to feature in claims 7, therefore, it is rejected in the same manner.

Claims 8 – 10 and 18 – 20 are rejected under 35 U.S.C. 103 as being unpatentable over US 20200184086 A1 to Bishop et al., (hereinafter, “Bishop”) in view of US 20180351928 A1 to Yoo in further view of US 20110276744 A1 to Sengupta et al., (hereinafter, “Sengupta”).
Regarding claim 8, modified Bishop teaches the method as recited in claim 1, but modified Bishop does not teach further comprising performing a pre-fetch process to gather metadata relating to one or more containers and/or metadata relating to one or more keys, and populating an LRU cache at the key management system with the pre-fetched metadata.
	However, Sengupta does teach further comprising performing a pre-fetch process to gather metadata relating to one or more containers and/or metadata relating to one or more keys, and populating an LRU cache at the key management system with the pre-fetched metadata. [Sengupta, para. 66 discloses To implement such a container level prefetch and eviction policy, a RAM container metadata cache 642 (e.g., fixed-size) for the chunk metadata may be maintained for the containers whose chunk metadata is currently held in RAM; this cache 642 maps a container-id to the chunk-ids it contains. In one implementation, the size of this container cache 642 determines the size of the chunk metadata cache, as a container has 1024 chunks. For a RAM chunk metadata cache eviction strategy, the container metadata cache 642 in RAM may follow a least recently used (LRU) replacement policy. When a container is evicted from this cache, its containing chunk-ids are removed from the chunk metadata cache 612. Para. 67 discloses with respect to a prefetching strategy, the predictability of sequential chunk-id lookups during second and subsequent full backups may be used in a known manner. Because datasets do not change much across two backups, duplicate chunks in a current full backup are very likely to appear in the same order as they did in the previous backup. As a result, when the metadata for a chunk is fetched from flash (upon a miss in the chunk metadata cache 612 in RAM 602), the system prefetches the metadata for the chunks in that container into the chunk metadata cache 612 in RAM and adds the associated container's entry to the RAM container metadata cache 642. Because of this prefetching strategy, it is generally likely that the next several hundreds or thousands of chunk lookups will hit in the RAM chunk metadata cache 612.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Sengupta’s system with modified Bishop’s system, with a motivation to eliminate hard disk accesses for chunk-id lookup, the flash store 604 maintains metadata for chunks maintained in the system, indexed with the RAM hash table index 610. A cache 612 for chunk metadata is also maintained in the RAM 602. The fetch (prefetch) and eviction policies may be executed at the container level. [Sengupta, para. 65]

Regarding claim 9, modified Bishop teaches the method as recited in claim 8, but modified Bishop does not teach wherein the pre-fetched metadata is read out from an LRU cache and/or from a TPM cache.
However, Sengupta does teach wherein the pre-fetched metadata is read out from an LRU cache and/or from a TPM cache. [Sengupta, para. 66 discloses For a RAM chunk metadata cache eviction strategy, the container metadata cache 642 in RAM may follow a least recently used (LRU) replacement policy. When a container is evicted from this cache, its containing chunk-ids are removed from the chunk metadata cache 612.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Sengupta’s system with modified Bishop’s system, with a motivation to eliminate hard disk accesses for chunk-id lookup, the flash store 604 maintains metadata for chunks maintained in the system, indexed with the RAM hash table index 610. A cache 612 for chunk metadata is also maintained in the RAM 602. The fetch (prefetch) and eviction policies may be executed at the container level. [Sengupta, para. 65]

Regarding claim 10, modified Bishop teaches the method as recited in claim 8, but Bishop does not teach wherein the storage system is operable to perform deduplication on the clear text data, and a garbage collection process avoids eviction of hot keys from the LRU memory cache by copying forward a batch of live data and sub-batching the live data together with a key-space specific to the batch of data.
However, Sengupta does teach wherein the storage system is operable to perform deduplication on the clear text data, [Sengupta, para. 59 discloses the deduplication system organizes chunk metadata in a log-structure on the flash store 604 to exploit fast sequential writes, while using an in-memory hash table index 610 to index them, with hash collisions resolved by the above-described variant of cuckoo hashing. Also similar to as described above, the in-memory hash table index 610 may store compact key signatures instead of full chunk hashes so as to balance tradeoffs between RAM usage and false flash reads. Further, by indexing a small fraction of chunks per container, the system can reduce RAM usage significantly with negligible loss in deduplication quality. One implementation of the system can index 6 TB of unique (deduplicated) data using 45 GB of flash.] and a garbage collection process avoids eviction of hot keys from the LRU memory cache by copying forward a batch of live data and sub-batching the live data together with a key-space specific to the batch of data. [Sengupta, para. 53 discloses Recovery using this method can take some time, however, depending on the total size of valid flash pages that need to be scanned and the read throughput of the flash memory. If crash recovery needs to be executed faster so as to support "near" real-time recovery, then the RAM hash table index may be occasionally/periodically checkpointed into flash (in a separate area from the key-value pair logs). For example, the recycling process treats the content stored in the secondary storage device (flash store) as a stream, and for each key-value pair in the flash store, checks if it is pointed by a pointer in the RAM-index. If pointed to, the key-value pair is copied into a new stream, and garbage collection is performed on at least a portion of a previous stream. The RAM index is periodically checkedpointed into a storage device in association with a current end position of the key-value store stream for use in crash recovery.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Sengupta’s system with modified Bishop’s system, with a motivation to eliminate hard disk accesses for chunk-id lookup, the flash store 604 maintains metadata for chunks maintained in the system, indexed with the RAM hash table index 610. A cache 612 for chunk metadata is also maintained in the RAM 602. The fetch (prefetch) and eviction policies may be executed at the container level. [Sengupta, para. 65]

Regarding claim 18 – 20, they recite features similar to feature in claims 8 – 10, therefore, they are rejected in the same manner.

Conclusion
Pertinent prior art made of record however not relied upon includes:
US 20210157904 A1 to Bursell et al. 
“The technology disclosed herein provides a proof-of-work key wrapping system for verifying device capabilities. An example method may include: accessing instructions, a wrapped key, and a cryptographic attribute for the wrapped key from an encrypted memory region, wherein the wrapped key encodes a cryptographic key; executing, by a processing device, the instructions to derive the cryptographic key in view of the wrapped key and the cryptographic attribute, wherein the executing consumes computing resources for a duration of time; using the cryptographic key to access program data; executing, by the processing device, the program data, wherein the executed program data evaluates a condition related to the duration of time; and transmitting a message comprising an indication of the evaluated condition.”
US 20200394317 A1 to White et al.
“A database system comprising a database having a dynamic schema and comprising a plurality of data storage nodes; and at least one processor configured to, using an encryption process: manage access to plaintext data stored in the plurality of data storage nodes by users employing at least one client-controlled resource in a client access layer; restrict access to the plaintext data by other users, wherein the other users include users with system administration privileges for the database and administrators of processing resources hosting the database; and manage access to encrypted copies of the plaintext data by the users with system administration privileges for the database such that the system administration privileges do not enable access to plaintext versions of the encrypted copies. A method for managing data security for a database. A database system with a dynamic schema architecture, a client access layer, and an operational database layer.”

Any inquiry concerning this communication or earlier communications from the examiner should be directed to Phuc Pham whose telephone number is (571)272-8893. The examiner can normally be reached Monday - Thursday 7:30 AM - 4:30 PM; Friday 8:00 AM - 12:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571)272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/P.P./Patent Examiner, Art Unit 2434                                                                                                                                                                                                        
/NOURA ZOUBAIR/Primary Examiner, Art Unit 2434