DETAILED ACTION
This notice is in response to the amended claims filed on 02/14/2022 for examination, as well as the claim set alterations indicated to be entered following the applicant interview of 05/13/2022 and correspondence 05/26/2022.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The text of those sections of the Title 35 U.S. Code not included in this section can be found in the prior office action.
The prior office actions are incorporated herein by reference. In particular, the observations with respect to claim language, and response to previously presented arguments.
Claims 1, 3, 6, 8-9, 11, 14, 16-17, and 20 have been amended.
Claims 21-25 are new.
Claims 2, 4, 10, 12, and 18 are cancelled.
Claims 1, 3, 5-9, 11, 13-17, and 19-25 are pending.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 02/10/2022 has been considered by the examiner. 

Interview Summary
Examiner initiated an Examiner Interview on 05/13/2022. Applicant and Examiner discussed the previously cited disclosure of Shankar et al. (US8601263) in view of Mutescu (US10979403), and the newly cited, e.g., Stoops et al. (US20160337403) regarding formation of the wrapped key and unwrapping the key, as well as to using location data as additional authenticated data (“AAD”), and further to the potential amendment regarding the incorporation of an AAD tenancy comparison into the independent claim and clarification of antecedent basis. Specific proposed amendments were agreed upon, and Applicant subsequently indicated Examiner proceed with entering an Examiner’s Amendment on 05/18/2022 and 05/26/2022 as below.

Examiner’s Amendment
An Examiner’s Amendment to the record appears below. Should the changes and/or additions be unacceptable to the applicant, an amendment may be filed as provisioned by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for examiner’s amendment was given in email received from applicant on May 18 and May 26 to amend claims 1, 3, 6, 8-9, 11, 14, 16-17, and 20-22, to cancel claims 2, 10, and 18, and to add claims 23-25 as herein.
The application has been amended as follows:

CLAIMS:
1. (Currently Amended) A method of managing cryptographic keys in a multitenant cloud based system, the method comprising: 
receiving from a client a wrapping request for a wrapped data encryption key (DEK); generating a random key; 
fetching additional authentication data (AAD) that corresponds to the client, the AAD comprising a first location of the client and a first tenancy of the multi-tenant cloud based system; 
generating the wrapped DEK comprising the random key and the AAD encoded in the wrapped DEK, wherein the wrapped DEK comprises a header and the AAD is encoded in the header; and 
returning the wrapped DEK to the client; 
receiving a unwrapping request from the client to unwrap the wrapped DEK, the unwrapping request comprising a second location from which the client is making the unwrapping request and is directed to a second tenancy of the multi-tenant cloud based system; 
before unwrapping the DEK, using the encoded AAD in the header to compare the first location to the second location and compare the first tenancy to the second tenancy to determine whether the client is authorized to unwrap the wrapped DEK; and 
unwrapping the DEKand the first tenancy matches the second tenancy. 

2. (Canceled). 

3. (Currently Amended) The method of claim 1, further comprising embedding tags in the wrapped DEK, the tags used for enforcing policy decisions in response to the unwrapping request to unwrap. 

6. (Currently Amended) The method of claim 1, further comprising: 
receiving the unwrapping request to unwrap the wrapped DEK; parsing the wrapped DEK; 
validating the encoded AAD; 
validating a master encryption key (MEK) presence in a hardware security module (HSM); and 
returning an unwrapped DEK. 

8. (Currently Amended) The method of claim 1, wherein the unwrapping request comprises a representational state transfer (REST) application program interface (API). 

9. (Currently Amended) A non-transitory computer readable medium having instructions stored thereon that, when executed by a processor, cause the processor to manage cryptographic keys in a multi-tenant cloud based system, the managing comprising: 
receiving from a client a wrapping request for a wrapped data encryption key (DEK); 
generating a random key; 
fetching additional authentication data (AAD) that corresponds to the client, the AAD comprising a first location of the client and a first tenancy of the multi-tenant cloud based system; 
generating the wrapped DEK comprising the random key and the AAD encoded in the wrapped DEK, wherein the wrapped DEK comprises a header and the AAD is encoded in the header; and 
returning the wrapped DEK to the client; 
receiving a unwrapping request from the client to unwrap the wrapped DEK, the unwrapping request comprising a second location from which the client is making the unwrapping request and is directed to a second tenancy of the multi-tenant cloud based system; 
before unwrapping the DEK, using the encoded AAD in the header to compare the first location to the second location and compare the first tenancy to the second tenancy to determine whether the client is authorized to unwrap the wrapped DEK; and 
unwrapping the DEK  and the first tenancy matches the second tenancy. 

10. (Canceled). 

11. (Currently Amended) The computer readable medium of claim 9, further comprising embedding tags in the wrapped DEK, the tags used for enforcing policy decisions in response to the unwrapping request to unwrap. 

14. (Currently Amended) The computer readable medium of claim 9, the managing further comprising: 
receiving the unwrapping request to unwrap the wrapped DEK; 
parsing the wrapped DEK; validating the encoded AAD; 
validating a master encryption key (MEK) presence in a hardware security module (HSM); and returning an unwrapped DEK.
 
16. (Currently Amended) The computer readable medium of claim 9, wherein the unwrapping request comprises a representational state transfer (REST) application program interface (API). 

17. (Currently Amended) A multi-tenant cloud based key management system comprising: 
a mid-tier comprising one or more microservices, each of the one or more microservices comprising a hardware processor executing instructions; and 
a data tier coupled to the mid-tier and comprising one or more databases and one or more hardware security modules; 
the one or more microservices: 
receiving from a client a wrapping request for a wrapped data encryption key (DEK); 
generating a random key; 
fetching additional authentication data (AAD) that corresponds to the client, the AAD comprising a first location of the client and a first tenancy of the multi-tenant cloud based system; 
generating the wrapped DEK comprising the random key and the AAD encoded in the wrapped DEK, wherein the wrapped DEK comprises a header and the AAD is encoded in the header; and 
returning the wrapped DEK to the client; 
receiving a unwrapping request from the client to unwrap the wrapped DEK, the unwrapping request comprising a second location from which the client is making the unwrapping request and is directed to a second tenancy of the multi-tenant cloud based system; 
before unwrapping the DEK, using the encoded AAD in the header to compare the first location to the second location and compare the first tenancy to the second tenancy to determine whether the client is authorized to unwrap the wrapped DEK; and 
unwrapping the DEKand the first tenancy matches the second tenancy. 

18. (Canceled). 

20. (Currently Amended) The multi-tenant cloud based key management system of claim 17, the one or more microservices further: 
receiving the unwrapping request to unwrap the wrapped DEK; 
parsing the wrapped DEK; 
validating the encoded 
validating a master encryption key (MEK) presence in a hardware security module (HSM); and 
returning an unwrapped DEK. 

22. (Currently Amended) The multi-tenant cloud based key management system of claim 17, wherein the unwrapping request comprises a representational state transfer (REST) application program interface (API). 

23. (New) The multi-tenant cloud based key management system of claim 17, the one or more microservices further comprising embedding tags in the wrapped DEK, the tags used for enforcing policy decisions in response to the unwrapping request to unwrap. 

24. (New) The method of claim 3, the tags comprising a service instance identifier. 

25. (New) The computer readable medium of claim 11, the tags comprising a service instance identifier.

Allowable Subject Matter
Claims 1, 3, 5-9, 11, 13-17, and 19-25 are allowed. The following is an examiner’s statement of reasons for allowance (in accordance with MPEP 1302.14): The primary reason for allowance of the foregoing claims in the inclusion of a limitation in the independent claim which is not found in prior art references. Specifically, amended claim 1 recites, inter alia, “fetching additional authentication data (AAD) that corresponds to the client, the AAD comprising a first location of the client and a first tenancy of the multi-tenant cloud based system; receiving a unwrapping request from the client to unwrap the wrapped DEK, the unwrapping request comprising a second location from which the client is making the unwrapping request and is directed to a second tenancy of the multi-tenant cloud based system; before unwrapping the DEK, using the encoded AAD in the header to compare the first location to the second location and compare the first tenancy to the second tenancy to determine whether the client is authorized to unwrap the wrapped DEK; and unwrapping the DEK when the first location matches the second location and the first tenancy matches the second tenancy.”
Art found of record, e.g., the combination of Shankar et al. (US8601263) and Mutescu et al. (US10979403) teach a method of managing cryptographic keys in a multi- tenant cloud based system, the method comprising: receiving from a client a wrapping request for a wrapped data encryption key (DEK); generating a random key; fetching additional authentication data (AAD) that corresponds to the client; generating the wrapped DEK comprising the random key and the AAD encoded in the wrapped DEK, wherein the wrapped DEK comprises a header and the AAD is encoded in the header; and returning the wrapped DEK to the client; receiving a unwrapping request from the client to unwrap the wrapped DEK, the unwrapping request comprising user provided AAD; and before unwrapping the DEK, using the encoded AAD in the header in comparison to the user provided AAD to determine whether the client is authorized to unwrap the wrapped DEK (see as particularly presented in non-Final Office Action dated 11/15/2022), however fails to teach fetching additional authentication data (AAD) that corresponds to the client, the AAD comprising a first location of the client and a first tenancy of the multi-tenant cloud based system; receiving a unwrapping request from the client to unwrap the wrapped DEK, the unwrapping request comprising a second location from which the client is making the unwrapping request and is directed to a second tenancy of the multi-tenant cloud based system; before unwrapping the DEK, using the encoded AAD in the header to compare the first location to the second location and compare the first tenancy to the second tenancy to determine whether the client is authorized to unwrap the wrapped DEK; and unwrapping the DEK when the first location matches the second location and the first tenancy matches the second tenancy. 
Other prior art, e.g., Stoops et al. (US20160337403) further teaches a system for using location data as additional authentication data for permitting an action (see, e.g., abstract, [0043]), yet fails to further determining to unwrap the key accordingly to tenancy information stored in the AAD of the wrapped key. Lindemann et al. (US20180041503) similarly teaches a system for using additional authentication data for permitting an action (see, e.g., [0180-181], [0226]), yet similarly fails to remedy the aforementioned deficiency. Mehr (US10623186) teaches protecting sensitive data by requiring provided AAD information to be matched with encoded AAD information in the header before decryption (see, e.g., abstract, Fig. 2, and column 14, lines 16-50), yet similarly fails to remedy the aforementioned deficiency. Le Saint et al. (US20160241389) discloses a method of wrapping and transmitting encryption keys to a client using JSON web encryption, additional authenticated information, and a hardware security module (see, e.g., Le Saint at [0261]-[0269], , yet similarly fails to remedy the aforementioned deficiency.
None of the prior art of record, either taken by itself or in any combination, would have anticipated or made obvious all features of the invention of the present application claim 1 at or before the time it was filed. Independent claims 9 and 17 similarly have been amended to recite language directed to the aforementioned subject matter. Dependent claims 3, 5-8, 24 (of claim 1) 11, 13-16, 25 (of claim 9), and 19-23 (of claim 17) incorporate the limitations of their parent claim, and are allowable for at least the same rationale.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance”.

Conclusion
21. Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOSHUA RAYMOND WHITE whose telephone number is (571)272-4365.  The examiner can normally be reached on Monday-Thursday, & Alternate Fridays.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on 5712723787.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/J.R.W./Examiner, Art Unit 2438                                                                                                                                                                                                                                                                                                                                                                                                          /TAGHI T ARANI/Supervisory Patent Examiner, Art Unit 2438