DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 03/04/2021 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 3, 5-8, 11-12, 14, 16-19 and 22 are rejected under 35 U.S.C. 103 as being unpatentable over Teranishi et al. (Pub. No.: US 2012/0124092, hereinafter Teranishi) in view of Surampudi et al. (Patent No.: US 8,930,423, hereinafter Surampudi).
Regarding claim 1: Teranishi discloses A system comprising an actor authorization node, an access right storage node (Teranishi - [0061]: Fig. 1, the file access control unit 62), a file record node (Teranishi - [0062]: The user account management table 64) and one or more processors, memory storing program instructions for execution on the one or more processors (Teranishi - [0049]: The file sharing service to the client 2 is provided as a result of the file storage control CPU 31 executing the file system program stored in the file storage control memory 32), the computer program instructions, when executed by the processor causing the system to:
receive, from a computing device, a request to access a file, the request comprising information identifying an actor making the request and a file to be accessed (Teranishi - [0156]: Subsequently, the user operates the client 2 and selects the intended access target file from the file list. Consequently, an access request to the selected file is notified from the client 2 to the file storage system 5 (SP41));
obtain an indication from the actor authorization node whether or not the identified actor is recorded on the actor authorization node as trustworthy (Teranishi - [0157]: The workspace-side file access control unit 93 of the file storage system 5 that received the foregoing access request acquires the workspace file access ID code of that user for accessing that file from the workspace file operation ID map 100 (FIG. 13) corresponding to that user (SP42));
obtain an indication from the access right storage node of the access right the identified actor has to the identified file (Teranishi - [0161]: The file system-side file access control unit 62 that received the foregoing access processing request thereby refers to the access right assigned to the respective files based on the account of that user for accessing that file, and determines whether that user has the access right for accessing that file (SP44));
if the identified actor has been indicated by the actor authorization node as being trustworthy and by the access right storage node as having access rights, [obtain file storage and access details from the file record node; and send the file storage and access details to the computing device or using the file storage and access details to access the stored file] and sending the accessed file to the computing device (Teranishi - [0162]: The file system-side file access control unit 62 thereafter executes the access processing based on the foregoing determination result (SP45). [0065]: If the file system-side file access control unit 62 obtains a positive result in the foregoing determination, it reads the file data of the corresponding file from the storage unit 6 (FIG. 1), and sends the read file data to the corresponding client 2 (SP51));
However Teranishi doesn’t explicitly teach “the file storage and access details” that is obtained and used to retrieve the file, but Surampudi discloses:
obtain file storage and access details from the file record node (Surampudi - [Claim 1]: accessing a file table record for the encrypted file), 
send the file storage and access details to the computing device or using the file storage and access details to access the stored file (Surampudi - [Claim 1]: retrieving the plurality of file segments of the encrypted file from the virtual machine image);
wherein the file storage and access details comprise at least one of a file storage location, a file encryption key, a calculated characteristic of the stored file and a calculated characteristic of an encrypted version of the stored file (Surampudi - [Claim 1]: the file table record comprises an encrypted file stream and extent information identifying a location of each of the plurality of file segments of the encrypted file in the virtual machine image).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Teranishi with Surampudi so that a file table record with file location can be obtained and used to retrieve the file. The modification would have allowed the system to retrieve the file based on the obtained file location information. 
Regarding claim 3: Teranishi as modified discloses wherein the file is fragmented and wherein individual file fragments are stored in different storage locations (Surampudi - [Claim 1]: the encrypted file is divided into a plurality of file segments, and the file table record comprises an encrypted file stream and extent information identifying a location of each of the plurality of file segments of the encrypted file in the virtual machine image).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Teranishi with Surampudi so that the file is divided into a plurality of file segments that is stored at different locations. The modification would have allowed the system to partition the file into plural segments to achieve efficient storage. 
Regarding claim 5: Teranishi as modified discloses further configured to, based on file access details received from the file record node, send requests for cryptographic information to a plurality of computing devices;
receive requested cryptographic information from the plurality of computing devices; and access the file using joint cryptographic information based on the received cryptographic information (Surampudi - [Claim 1]: retrieving the plurality of file segments of the encrypted file from the virtual machine image, and storing a consecutive data stream, wherein the storing the consecutive data stream comprises encapsulating the encrypted file stream and the plurality of file segments of the encrypted file).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Teranishi with Surampudi so that the file can be restored from plurality of file segments using the file table with segment locations. The modification would have allowed the system to restore divided original file.
Regarding claim 6: Teranishi as modified discloses the file comprises a plurality of file fragments stored in a plurality of different storage locations (Surampudi - [Claim 1]: the encrypted file is divided into a plurality of file segments, and the file table record comprises an encrypted file stream and extent information identifying a location of each of the plurality of file segments of the encrypted file in the virtual machine image).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Teranishi with Surampudi so that the file is divided into a plurality of file segments that is stored at different locations. The modification would have allowed the system to partition the file into plural segments to achieve efficient storage. 
Regarding claim 7: Teranishi as modified discloses wherein the entire file and/or the file fragments are encrypted (Surampudi - [Col. 8, Line 57-58]: Fig. 5, If it is determined that the file is encrypted, the process proceeds to operation 510).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Teranishi with Surampudi so that the file is encrypted for security.
Regarding claim 8: Teranishi as modified discloses wherein information required to decrypt the file or the fragments is part of the file access details (Surampudi - [Col. 7, Line 41-48]: Encryption header 302 contains an encryption key 310, which is obtained from a utility stream, such as utility stream 222 b of FIG. 2 c. Encryption key 310 is used by an encryption and decryption engine, such as encryption and decryption engine 122 of FIG. 1, to encrypt an unencrypted file (such as unencrypted file 120 of FIG. 1) or decrypt an encrypted file 118 (such as encrypted file 118 of FIG. 1)).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Teranishi with Surampudi so that the file details include decrypt key for decrypt the file.
Regarding claim 11: this claim defines another system claim that corresponds to system claim 1 and does not define beyond limitations of claim 1. Therefore, claim 11 is rejected with the same rational as in the rejection of claim 1. Furthermore, Teranishi as modified discloses each computer devices is connected to each other via Network Interface Card (NIC) as illustrated in Fig. 1.
Regarding claims 12, 14 and 16-19: Claims are directed to method claims and do not teach or further define over the limitations recited in claims 1, 3 and 5-8. Therefore, claims 12, 14 and 16-19 are also rejected for similar reasons set forth in claims 1, 3 and 5-8. 
Regarding claim 22: Claim is directed to method claim and does not teach or further define over the limitations recited in claim 11. Therefore, claim 22 is also rejected for similar reasons set forth in claim 11. 

Claims 2, 4, 13 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Teranishi et al. (Pub. No.: US 2012/0124092, hereinafter Teranishi) in view of Surampudi et al. (Patent No.: US 8,930,423, hereinafter Surampudi) and RYSTEDT (Pub. No.: US 2022/0027342).
Regarding claims 2 and 13: Teranishi as modified discloses the system further configured to retrieve the stored file from a storage location identified by the file storage details (Surampudi - [Claim 1]: the file table record comprises an encrypted file stream and extent information identifying a location of each of the plurality of file segments of the encrypted file in the virtual machine image, retrieving the plurality of file segments of the encrypted file from the virtual machine image), 
However, Teranishi as modified doesn’t explicitly teach but RYSTEDT discloses calculate a characteristic of the retrieved file and compare the calculated characteristic to a version of the characteristic received from the file record node (RYSTEDT - [0081]: In an optional subsequent step S53, a current hash is calculated for the received digital media file. [0082]: In an optional following step S54, a previously calculated and stored hash for the received digital media file is retrieved from the first storage identified by the first storage ID. [0083]: In an optional next step S55, the current hash, which was calculated in step S53 for the received digital media file, is compared with the stored hash, which was retrieved in step S54 from the first storage).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Teranishi and Surampudi with RYSTEDT so that the current file hash is compared with stored one for validating the current file. The modification would have allowed the system to enhance security.
Regarding claims 4 and 15: Teranishi as modified doesn’t explicitly teach but RYSTEDT discloses wherein at least one of the actor authorization node, an access right storage node and a file record node comprise a chain of cryptographically linked blocks (RYSTEDT - [0045]: The storage may be an immutable storage, i.e. a storage in which the stored information cannot be erased or modified for a pre-determined length of time. Examples of immutable storages include storages based on blockchain technology).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Teranishi and Surampudi with RYSTEDT so that blockchain technology is used to storage node. The modification would have allowed the system to keep stored information.

Claims 9-10 and 20-21 are rejected under 35 U.S.C. 103 as being unpatentable over Teranishi et al. (Pub. No.: US 2012/0124092, hereinafter Teranishi) in view of Surampudi et al. (Patent No.: US 8,930,423, hereinafter Surampudi) and Li et al. (Pub. No.: US 2013/0010966, hereinafter Li).
Regarding claims 9 and 20: Teranishi as modified doesn’t explicitly teach but Li discloses wherein information required to decrypt the file or the fragments is stored outside the system (Li - [0039]: Each of the plurality of key fragment stores may be physically separated from each other, in some cases by large distances, such as hundreds of miles or even thousands of miles).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Teranishi and Surampudi with Li so that Each of the plurality of key fragment stores may be physically separated from each other for enhancing security.
Regarding claims 10 and 21: Teranishi as modified doesn’t explicitly teach but Li discloses wherein a key or keys required to decrypt the file or the fragments is fragmented and wherein key fragments are stored separate from each other (Li - [0007]: partitioning an encryption key provided by the customer into a number of encryption key fragments, and distributing the plurality of indexes and the number of encryption key fragments to the plurality of key fragment stores).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Teranishi and Surampudi with Li so that an encryption key provided by the customer is partitioned into a number of encryption key fragments and stored separately . The modification would have allowed the system to help provide information theoretic security (Li - [0028]).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Naraidoo et al. (Pub. No.: US 2012/0266239) - Method and system for secure storage of digital data
Bradley (Pub. No.: US 2012/0266239) - Authorized data access based on the rights of a user and a location
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MENG LI whose telephone number is (571)272-8729.  The examiner can normally be reached on M-F 8:30-5:30.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s acting supervisor, Kristine Kincaid can be reached on (571) 272-4063.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8729.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MENG LI/
Primary Examiner, Art Unit 2437