Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Detailed Action
This is a reply to the application filed on 12/23/2020, in which, claim(s) 1, 10, and 17 are independent. Claim(s) 1-20 are pending.
Information Disclosure Statement
The information disclosure statement (IDS) was submitted on [12/24/2020 and  02/03/2022]. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.

Drawings
Drawings filed on 12/23/2020 are accepted.

Claim Objections
Claims below objected to because of the following informalities: 
Claim 5, line 4, the claim cited “that a new client device”, it should be read as “a new client device”.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims (1, 2, 4-8, 10, 11, 14, 16, 17, 19, and 20) is/are rejected under 35 U.S.C. 103 as being unpatentable over HOWELL et al. (US-20200162440-A1, HOWELL referred to as “HOWELL”) in view of  GLOVER et al. (US-20130254536-A1, GLOVER referred to as “GLOVER”).



Referring to claim 1, Howell discloses a non-transitory computer readable storage medium comprising instructions that, when executed by at least one processor ([¶0017]“ The invention can be implemented in numerous ways, including as a process; an apparatus; a system; a composition of matter; a computer program product embodied on a computer readable storage medium; and/or a processor, such as a processor configured to execute instructions stored on and/or provided by a memory coupled to the processor.”), cause a content management system to ( [¶0019]“ a “digital security bubble” (DSB), described in more detail below, encapsulates or is otherwise provided around a message. The DSB allows information such as encryption information, hardware binding information, message security controls, and decryption information—for multiple recipients—to securely travel with the message. Further, the DSB provides cross-platform support.”):
provide the public key set to an initial client device associated with an account of the content management system (Howell, [¶0024]“ Once Alice's tablet 106 has obtained a copy of the messaging app, the app is installed, and Alice {i.e., client} is able to register for an account. An instance of a messaging app usable in conjunction with the techniques described herein is depicted in FIG. 1 as app 116 (installed on device 106)”, [¶0027]“ Once Alice has selected an available username, she is asked to supply a password.”, [¶0029]“ Alice's {i.e., the client} public key, deviceID, and appID are sent to platform 102 in a secure manner”); and
receive, from the initial client device for storage within the shared folder, an encrypted payload comprising a set of passwords and a shared encryption key that is utilized to encrypt the set of passwords and is encrypted in the shared folder utilizing the public key set ([¶0028]” the appID is created by hashing Alice's selected password and other information such as device information. “, [¶0039]” Alice sending a message is illustrated as process 400”, [¶0040]” The process begins at 402 when the public key, deviceID, and appID of a recipient are obtained from platform 102. As will be explained in more detail below, the recipient's public key, deviceID and appID are used in the encryption of the symmetric key used to encrypt data, and in the DSB encapsulation of the message for the hardware/appID binding of the message“, [¶0041]” At 404, a random symmetric encryption key is generated (e.g., by app 116 on device 106). As one example, the symmetric key is an AES 256 bit key. At 406, the symmetric encryption key is used to encrypt the message body, any attachments, and any message control options”, [¶0041]” at 408, the symmetric key is encrypted with the public key of each recipient.“).
However, Howell does not explicitly disclose retrieve a public key set comprising one or more public encryption keys associated with one or more additional client devices in connection with providing access to a shared folder.
	Wherein, GLOVER suggests retrieve a public key set comprising one or more public encryption keys associated with one or more additional client devices in connection with providing access to a shared folder (GLOVER, [¶0033]” The user secret key may be derived from a passphrase entered by the user“, [¶0042] “The server re-encrypts the item key with using the public key of the user with whom the item is to be shared”, [¶0043]” his newly encrypted copy of the item key is stored (typically alongside a permission record granting access to the item to the shared to user).“). 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified HOWELL to incorporate the teaching of GLOVER to utilize the above feature, with the motivation of creating a public keys and shared them with authorized users, as recognized by (GLOVER [0041]).

Referring to claim 2, (HOWELL in view of GLOVER) suggests the non-transitory computer readable storage medium as recited in claim 1. 
Wherein, HOWELL further discloses further comprising instructions that, when executed by the at least one processor, cause the content management system to retrieve the public key set by: determining an additional account of the content management system according to a sharing membership for the shared folder (HOWELL, [¶0025]” process 400 is performed on a client device, such as Alice's client device 106. The process begins at 402 when the public key, deviceID, and appID of a recipient are obtained from platform 102. As will be explained in more detail below, the recipient's public key, deviceID and appID are used in the encryption of the symmetric key used to encrypt data, and in the DSB encapsulation of the message for the hardware/appID binding of the message. As one example, app 116 can request the information from platform 102 via an API (e.g., interface 118). In some embodiments, the information is retrieved when Alice enters the recipient's name into region 302. In other embodiments, the information is retrieved when Alice clicks send button 314, or at any other appropriate time (e.g., while she is composing a message). In the example shown in FIG. 3, Alice is only sending a message to Bob {i.e., additional account}. If she also desires to send the message to other recipients {i.e., additional accounts}, she can enter their names in region 302 as well, and their respective public keys, deviceIDs, and appIDs will also be retrieved at 402. “); and 
However, HOWELL does not explicitly disclose requesting a public encryption key for a registered client device associated with the additional account of the content management system.
Wherein, GLOVER suggests requesting a public encryption key for a registered client device associated with the additional account of the content management system (GLOVER, [¶0040]” The owner of the content item sends a share request to the server, accompanied by their user Secret key“, [¶0076]“ The server re-encrypts the item key with using the public key of the user with whom the item is to be shared”).

Referring to claim 4, (HOWELL in view of GLOVER) suggests the non-transitory computer readable storage medium as recited in claim 1.
Wherein, HOWELL further discloses comprising instructions that, when executed by the at least one processor, cause the content management system to receive the encrypted payload by receiving, as part of the encrypted payload, the shared encryption key encrypted utilizing the one or more public encryption keys associated with the one or more additional client devices  (HOWELL, [¶0041]“ At 404, a random symmetric encryption key is generated (e.g., by app 116 on device 106). As one example, the symmetric key is an AES 256 bit key. At 406, the symmetric encryption key is used to encrypt the message {i.e., shared service} body, any attachments, and any message control options. In some embodiments, Alice's own information (e.g., her public key, deviceID(s), and appID(s) are included in the DSB {i.e., digital security bubble} as well. Finally, at 408, the symmetric key is encrypted with the public key {i.e., public encryption keys associated client devices } of each recipient . A DSB encapsulation is then generated, and contains the aforementioned components.”).

Referring to claim 5, (HOWELL in view of GLOVER) suggests the non-transitory computer readable storage medium as recited in claim 1. further comprising instructions that, when executed by the at least one processor, cause the content management system to:
determine that a new client device associated with the account of the content
management system is added to a sharing membership for the shared folder (HOWELL, [¶0043]“ The generated DSB {i.e., digital security bubble} is securely transmitted to platform 102 (e.g., by being encrypted with a symmetric key shared by the app and platform 102, and also encapsulated by TLS as an additional security layer). Irrespective of how many recipients Alice designates for her message (and, e.g., how many recipients there are or how many devices Bob has), only one DSB will be created and transmitted to platform 102. Upon receipt of the DSB, processing engine 134 opens the DSB and determines the recipients of the message. “, [¶0043]” Processing engine 134 also creates an entry for the received DSB {i.e., digital security bubble}  in message table 132 and notifies the recipient(s) that a new message is available. “);
provide, to the initial client device, a new public encryption key associated with the new client device (HOWELL, [¶0040]” Alice is only sending a message to Bob. If she also desires to send the message to other recipients, she can enter their names in region 302 as well, and their respective public keys, deviceIDs, and appIDs will also be retrieved at 402“);
receive, from the initial client device, the shared encryption key encrypted in the shared folder utilizing the new public encryption key (HOWELL, [¶0046]” DSB 500 also includes, for each message recipient 1-n, the key Ek1,1 encrypted by each of the recipient's respective public keys (as shown in region 508). Further, DSB 500 includes a combination of each recipient's respective deviceID, hashed username, and appID (collectively denoted HWk1-n) in region 510.“, [¶0048]” part 800 includes the shared symmetric key, encrypted to each of the recipients' respective public keys. Further, the collection of encrypted keys (802-806) is encrypted using symmetric key SK1“); and
provide to the new client device, the encrypted payload comprising the set of passwords and the shared encryption key encrypted in the shared folder utilizing the new public encryption key (HOWELL ,[¶0040]” process 400 is performed on a client device, such as Alice's client device 106.“, [¶0051]“  At 404, a random symmetric encryption key is generated (e.g., by app 116 on device 106). As one example, the symmetric key is an AES 256 bit key. At 406, the symmetric encryption key is used to encrypt the message body, any attachments, and any message control options. In some embodiments, Alice's own information (e.g., her public key, deviceID(s), and appID(s) are included in the DSB as well. Finally, at 408, the symmetric key is encrypted with the public key of each recipient. A DSB encapsulation is then generated, and contains the aforementioned components. Examples of the DSB format are provided in Section D below.”, {i.e., examiner interprets the process of encrypting the payload or encapsulation is done locally, within the first client device without interception of the second client device}).

Referring to claim 6, (HOWELL in view of GLOVER) suggests the non-transitory computer readable storage medium as recited in claim 1, further comprising instructions that, when executed by the at least one processor, cause the content management system to:
detect a key rotation event for changing the shared encryption key (HOWELL, [¶0048, FIG. 8]” FIG. 8 illustrates part 800 of DSB 600. In particular, part 800 includes the shared symmetric key, encrypted to each of the recipients' respective public keys. Further, the collection of encrypted keys (802-806) {i.e., encrypted keys change based on the user} is encrypted using symmetric key SK1. FIG. 9 illustrates part 900 of DSB 600. In particular, part 900 includes encrypted message parameters. Part 900 is encrypted using symmetric key SK2”, [¶0050]” Since Alice has sent a message to Bob since he last used app 138, a flag is set in database 120, indicating to app 138 that one or messages are available for download “);
in response to the key rotation event, send an indication of the key rotation event to a plurality of client devices having current membership access to the shared folder (HOWELL ,[¶0050]“ Since Alice has sent a message to Bob since he last used app 138, a flag is set in database 120, indicating to app 138 that one or messages are available for download”).
retrieve an updated public key set from a plurality of client devices (HOWELL, [¶0045]” DSB 500 is an example of output that can be generated by app 116 as a result of executing process 400. In the example shown, DSB 500 includes a message and optional attachments (502), and one or more message controls (504) encrypted with a key Ek1,1 (encrypted portion 506). In some embodiments, key Ek1,1 is generated by app 116 at portion 404 of process 400. Additional detail regarding portion 506 is shown in FIG. 7, where SSK in FIG. 7 is Ek1,1 of FIG. 5 and represents the sender's symmetric shared key used to encrypt the message and attachments. “, [¶0046]” DSB 500 also includes, for each message recipient 1-n, the key Ek1,1 encrypted by each of the recipient's respective public keys (as shown in region 508). Further, DSB 500 includes a combination of each recipient's respective deviceID, hashed username, and appID (collectively denoted HWk1-n) in region 510.“);
provide the updated public key set to the plurality of client devices (HOWELL, [¶0046]” DSB 500 also includes, for each message recipient 1-n, the key Ek1,1 encrypted by each of the recipient's respective public keys (as shown in region 508). Further, DSB 500 includes a combination of each recipient's respective deviceID, hashed username, and appID (collectively denoted HWk1-n) in region 510.“); and
However, HOWELL does not disclose receive, from an initiator device of the plurality of client devices for storage within the shared folder, an updated encrypted payload comprising the set of passwords and a modified shared encryption key that is utilized to re-encrypt the set of passwords and is encrypted in the shared folder utilizing the updated public key set .
Wherein, GLOVER suggests receive, from an initiator device of the plurality of client devices for storage within the shared folder, an updated encrypted payload comprising the set of passwords and a modified shared encryption key that is utilized to re-encrypt the set of passwords and is encrypted in the shared folder utilizing the updated public key set  (GLOVER, [¶0040]” The owner of the content item sends a share request to the server, accompanied by their user Secret key “, [¶0042]” The server re-encrypts the item key with using the public key of the user with whom the item is to be shared”, [¶0043]” this newly encrypted copy of the item key is stored (typically alongside a permission record granting access to the item to the shared to user).”, [¶0059]” encrypt the symmetric key using the public key cryptography. The stored data then includes the symmetric key encrypted using the file public key and the document data encrypted using the symmetric key.“, [¶0059]” When each user is registered with the system they must provide a unique piece of information (the user secret) which will be used as the basis of all encryption for that user. The user secret may be based on a text passphrase (which would be distinct from the user's logon password) or may be derived from some other source. The user secret can be transformed by the server into a symmetric encryption key (the user secret key) by a process such as a one way cryptographic hash.“).

Referring to claim 7, (HOWELL in view of GLOVER) discloses the non-transitory computer readable storage medium as recited in claim 6, further comprising instructions that, when executed by the at least one processor, cause the content management system to detect the key rotation event by:
Wherein, HOWELL further discloses detecting a change in a sharing membership for the shared folder  (HOWELL, [¶0051]“ The process begins at 1002 when a DSB is received. As one example, a DSB is received at 1002 when app 138 contacts platform 102, determines a flag associated with Bob's account has been set, and downloads the DSB from platform 102.”, [¶0050]“ Bob is also a user of platform 102. When Bob loads his copy of the messaging app on his smartphone (i.e., app 138 on device 114), the app communicates with platform 102 (e.g., via interface 118) to determine whether Bob has any new messages. Since Alice has sent a message to Bob since he last used app 138, a flag is set in database 120, indicating to app 138 that one or messages are available for download.”);
receiving a command from a client device of the plurality of client devices to change the shared encryption key, or detecting a time threshold associated with the shared folder ([¶0043]“ platform 102 can be configured to keep track of which recipients have downloaded a copy of the DSB, and remove it once all recipients have successfully downloaded it”).

Referring to claim 8, (HOWELL in view of GLOVER) discloses the non-transitory computer readable storage medium as recited in claim 6, further comprising instructions that, when executed by the at least one processor, cause the content management system to:
Wherein, HOWELL further discloses receive the updated encrypted payload for upload to the shared folder from a first client device of the plurality of client devices before or without receiving the updated encrypted payload a second client device of the plurality of client devices (HOWELL ,[¶0040]” process 400 is performed on a client device, such as Alice's client device 106.“, [¶0051]“  At 404, a random symmetric encryption key is generated (e.g., by app 116 on device 106). As one example, the symmetric key is an AES 256 bit key. At 406, the symmetric encryption key is used to encrypt the message body, any attachments, and any message control options. In some embodiments, Alice's own information (e.g., her public key, deviceID(s), and appID(s) are included in the DSB as well. Finally, at 408, the symmetric key is encrypted with the public key of each recipient. A DSB encapsulation is then generated, and contains the aforementioned components. Examples of the DSB format are provided in Section D below.”, {i.e., examiner interprets the process of encrypting the payload or encapsulation is done locally, within the first client device without interception of the second client device});
in response to receiving the updated encrypted payload from the first client device before or without receiving the updated encrypted payload from the second client device, determine that the first client device is the initiator device and the second client device is a follower device (HOWELL, [¶0051]“ When Bob loads his copy of the messaging app on his smartphone (i.e., app 138 on device 114), the app communicates with platform 102 (e.g., via interface 118) to determine whether Bob has any new messages. Since Alice has sent a message to Bob since he last used app 138, a flag is set in database 120, indicating to app 138 that one or messages are available for download.”, {i.e., examiner interpreter the second client (Bob) device is a follower device and the first client which is (Alice) send message or attachment  is initiator device}); and
send the updated encrypted payload comprising the set of passwords and the modified shared encryption key to the second client device (HOWELL ,[¶0040]” process 400 is performed on a client device, such as Alice's client device 106.“, [¶0051]“  At 404, a random symmetric encryption key is generated (e.g., by app 116 on device 106). As one example, the symmetric key is an AES 256 bit key. At 406, the symmetric encryption key is used to encrypt the message body, any attachments, and any message control options. In some embodiments, Alice's own information (e.g., her public key, deviceID(s), and appID(s) are included in the DSB as well. Finally, at 408, the symmetric key is encrypted with the public key of each recipient. A DSB encapsulation is then generated, and contains the aforementioned components. Examples of the DSB format are provided in Section D below.”, {i.e., examiner interprets the process of encrypting the payload or encapsulation is done locally, within the first client device without interception of the second client device}). 

Claim 10 is a system claim reciting similar limitations as a non-transitory computer readable storage medium claim 1, therefore claim 10 is rejected based on the same rational as the non-transitory computer readable storage medium claim 1.

Referring to claim 11, (HOWELL in view of GLOVER) discloses the system as recited in claim 10, further comprising instructions that, when executed by the at least one processor, cause the system to: 
and 
provide the public key set to the initial client device by providing, as part of the public key set, the public encryption key from the registered client device to the initial client device to cause the initial client device to encrypt the shared encryption key utilizing the public key set including the public encryption key from the registered client device( HOWELL, [¶0024]“ Once Alice's tablet 106 has obtained a copy of the messaging app, the app is installed, and Alice {i.e., client} is able to register for an account. An instance of a messaging app usable in conjunction with the techniques described herein is depicted in FIG. 1 as app 116 (installed on device 106)”, [¶0027]“ Once Alice has selected an available username, she is asked to supply a password.”, [¶0029]“ Alice's {i.e., the client} public key, deviceID, and appID are sent to platform 102 in a secure manner”, [¶0041]“ At 404, a random symmetric encryption key is generated (e.g., by app 116 on device 106). As one example, the symmetric key is an AES 256 bit key. At 406, the symmetric encryption key is used to encrypt the message body, any attachments, and any message control options. In some embodiments, Alice's own information (e.g., her public key, deviceID(s), and appID(s) are included in the DSB as well. Finally, at 408, the symmetric key is encrypted with the public key of each recipient. A DSB encapsulation is then generated, and contains the aforementioned components.”).
However, HOWELL does not explicitly disclose retrieve the public key set by requesting a public encryption key for a registered client device associated with a sharing membership for the shared folder.
Wherein, GLOVER suggests retrieve the public key set by requesting a public encryption key for a registered client device associated with a sharing membership for the shared folder (GLOVER, [¶0033]” The user secret key may be derived from a passphrase entered by the user“, [¶0042] “The server re-encrypts the item key with using the public key of the user with whom the item is to be shared”, [¶0043]” his newly encrypted copy of the item key is stored (typically alongside a permission record granting access to the item to the shared to user).“).

Referring to claim 14, (HOWELL in view of GLOVER) discloses the system as recited in claim 10, further comprising instructions that, when executed by the at least one processor, cause the system to: 
Wherein, HOWELL further discloses detect a change in a sharing membership for the shared folder (HOWELL, [¶0027]” At 210 … an available username, she is asked to supply a password“, ([¶0051]“ The process begins at 1002 when a DSB is received. As one example, a DSB is received at 1002 when app 138 contacts platform 102, determines a flag associated with Bob's account has been set, and downloads the DSB from platform 102.”, [¶0050]“ Bob is also a user of platform 102. When Bob loads his copy of the messaging app on his smartphone (i.e., app 138 on device 114), the app communicates with platform 102 (e.g., via interface 118) to determine whether Bob has any new messages. Since Alice has sent a message to Bob since he last used app 138, a flag is set in database 120, indicating to app 138 that one or messages are available for download.”); 
in response to the detected change in the sharing membership: determine an updated sharing membership for the shared folder including a plurality of accounts of the content management system corresponding to a plurality of client devices (HOWELL,[¶0033]” Security platform also includes a database 120. Included in database 120 is a record for each user of platform 102. Each record has associated with it information such as the user's public key, deviceID(s), appID(s), {i.e., deviceID(s) and appID(s) associated with member devices only} and messages. “, [¶0043]“ The generated DSB {i.e., digital security bubble} is securely transmitted to platform 102 (e.g., by being encrypted with a symmetric key shared by the app and platform 102, and also encapsulated by TLS as an additional security layer). Irrespective of how many recipients Alice designates for her message (and, e.g., how many recipients there are or how many devices Bob has), only one DSB will be created and transmitted to platform 102. Upon receipt of the DSB, processing engine 134 opens the DSB and determines the recipients of the message. “, [¶0043]” Processing engine 134 also creates an entry for the received DSB {i.e., digital security bubble}  in message table 132 and notifies the recipient(s) that a new message is available. “); and 
send an indication of a key rotation event to the plurality of client devices ([¶0050]“ Bob is also a user of platform 102. When Bob loads his copy of the messaging app on his smartphone (i.e., app 138 on device 114), the app communicates with platform 102 (e.g., via interface 118) to determine whether Bob has any new messages. Since Alice has sent a message to Bob since he last used app 138, a flag is set in database 120, indicating to app 138 that one or messages are available for download.”); 
retrieve a plurality of public encryption keys from the plurality of client devices (HOWELL, [¶0045]” DSB 500 is an example of output that can be generated by app 116 as a result of executing process 400. In the example shown, DSB 500 includes a message and optional attachments (502), and one or more message controls (504) encrypted with a key Ek1,1 (encrypted portion 506). In some embodiments, key Ek1,1 is generated by app 116 at portion 404 of process 400. Additional detail regarding portion 506 is shown in FIG. 7, where SSK in FIG. 7 is Ek1,1 of FIG. 5 and represents the sender's symmetric shared key used to encrypt the message and attachments. “, [¶0046]” DSB 500 also includes, for each message recipient 1-n, the key Ek1,1 encrypted by each of the recipient's respective public keys (as shown in region 508). Further, DSB 500 includes a combination of each recipient's respective deviceID, hashed username, and appID (collectively denoted HWk1-n) in region 510.“); 
provide an updated public key set comprising the plurality of public encryption keys to the plurality of client devices (HOWELL, [¶0046]” DSB 500 also includes, for each message recipient 1-n, the key Ek1,1 encrypted by each of the recipient's respective public keys (as shown in region 508). Further, DSB 500 includes a combination of each recipient's respective deviceID, hashed username, and appID (collectively denoted HWk1-n) in region 510.“); and 
However, HOWELL does not explicitly discloses receive, from an initiator device of the plurality of client devices for storage within the shared folder, an updated encrypted payload comprising the set of passwords and a modified shared encryption key that is utilized to re-encrypt the set of passwords and is encrypted in the shared folder utilizing the updated public key set.
wherein, GLOVER suggests receive, from an initiator device of the plurality of client devices for storage within the shared folder, an updated encrypted payload comprising the set of passwords and a modified shared encryption key that is utilized to re-encrypt the set of passwords and is encrypted in the shared folder utilizing the updated public key set (GLOVER, [¶0040]” The owner of the content item sends a share request to the server, accompanied by their user Secret key “, [¶0042]” The server re-encrypts the item key with using the public key of the user with whom the item is to be shared”, [¶0043]” this newly encrypted copy of the item key is stored (typically alongside a permission record granting access to the item to the shared to user).”, [¶0059]” encrypt the symmetric key using the public key cryptography. The stored data then includes the symmetric key encrypted using the file public key and the document data encrypted using the symmetric key.“, [¶0059]” When each user is registered with the system they must provide a unique piece of information (the user secret) which will be used as the basis of all encryption for that user. The user secret may be based on a text passphrase (which would be distinct from the user's logon password) or may be derived from some other source. The user secret can be transformed by the server into a symmetric encryption key (the user secret key) by a process such as a one way cryptographic hash.“).

Referring to claim 16, (HOWELL in view of GLOVER) discloses the system as recited in claim 10, further comprising instructions that, when executed by the at least one processor, cause the system to: 
Wherein, HOWELL further discloses receive the shared encryption key encrypted by the one or more public encryption keys associated with the one or more additional client devices  (HOWELL, [¶0041]“ At 404, a random symmetric encryption key is generated (e.g., by app 116 on device 106). As one example, the symmetric key is an AES 256 bit key. At 406, the symmetric encryption key is used to encrypt the message {i.e., shared service} body, any attachments, and any message control options. In some embodiments, Alice's own information (e.g., her public key, deviceID(s), and appID(s) are included in the DSB {i.e., digital security bubble} as well. Finally, at 408, the symmetric key is encrypted with the public key {i.e., public encryption keys associated client devices } of each recipient . A DSB encapsulation is then generated, and contains the aforementioned components.”); and 
provide the shared encryption key encrypted by the one or more public encryption keys to the one or more additional client devices with the set of passwords encrypted utilizing the shared encryption key (HOWELL, [¶0041]“ At 404, a random symmetric encryption key is generated (e.g., by app 116 on device 106). As one example, the symmetric key is an AES 256 bit key. At 406, the symmetric encryption key is used to encrypt the message {i.e., shared service} body, any attachments, and any message control options. In some embodiments, Alice's own information (e.g., her public key, deviceID(s), and appID(s) are included in the DSB {i.e., digital security bubble} as well. Finally, at 408, the symmetric key is encrypted with the public key {i.e., public encryption keys associated client devices } of each recipient . A DSB encapsulation is then generated, and contains the aforementioned components.“).

Claim 17 is a method claim reciting similar limitations as a non-transitory computer readable storage medium claim 1, therefore claim 17 is rejected based on the same rational as the non-transitory computer readable storage medium claim 1.

Referring to claim 19, (HOWELL in view of GLOVER) discloses the method as recited in claim 17.
Wherein, HOWELL further discloses further comprising: detecting a key rotation event for changing shared encryption key (HOWELL, [¶0048, FIG. 8]” FIG. 8 illustrates part 800 of DSB 600. In particular, part 800 includes the shared symmetric key, encrypted to each of the recipients' respective public keys. Further, the collection of encrypted keys (802-806) {i.e., encrypted keys change based on the user} is encrypted using symmetric key SK1. FIG. 9 illustrates part 900 of DSB 600. In particular, part 900 includes encrypted message parameters. Part 900 is encrypted using symmetric key SK2”, [¶0050]” Since Alice has sent a message to Bob since he last used app 138, a flag is set in database 120, indicating to app 138 that one or messages are available for download “);
 in response to the detected key rotation event: determining an updated sharing membership for the shared folder (HOWELL, [¶0033]” Security platform also includes a database 120. Included in database 120 is a record for each user of platform 102. Each record has associated with it information such as the user's public key, deviceID(s), appID(s), {i.e., deviceID(s) and appID(s) associated with member devices only} and messages. “, [¶0043]“ The generated DSB {i.e., digital security bubble} is securely transmitted to platform 102 (e.g., by being encrypted with a symmetric key shared by the app and platform 102, and also encapsulated by TLS as an additional security layer). Irrespective of how many recipients Alice designates for her message (and, e.g., how many recipients there are or how many devices Bob has), only one DSB will be created and transmitted to platform 102. Upon receipt of the DSB, processing engine 134 opens the DSB and determines the recipients of the message. “, [¶0043]” Processing engine 134 also creates an entry for the received DSB {i.e., digital security bubble}  in message table 132 and notifies the recipient(s) that a new message is available. “); and 
sending an indication of the key rotation event to a plurality of client devices associated with the updated sharing membership (HOWELL, [¶0050]“ Bob is also a user of platform 102. When Bob loads his copy of the messaging app on his smartphone (i.e., app 138 on device 114), the app communicates with platform 102 (e.g., via interface 118) to determine whether Bob has any new messages. Since Alice has sent a message to Bob since he last used app 138, a flag is set in database 120, indicating to app 138 that one or messages are available for download.”);
retrieving an updated public key set from the plurality of client devices (HOWELL, [¶0045]” DSB 500 is an example of output that can be generated by app 116 as a result of executing process 400. In the example shown, DSB 500 includes a message and optional attachments (502), and one or more message controls (504) encrypted with a key Ek1,1 (encrypted portion 506). In some embodiments, key Ek1,1 is generated by app 116 at portion 404 of process 400. Additional detail regarding portion 506 is shown in FIG. 7, where SSK in FIG. 7 is Ek1,1 of FIG. 5 and represents the sender's symmetric shared key used to encrypt the message and attachments. “, [¶0046]” DSB 500 also includes, for each message recipient 1-n, the key Ek1,1 encrypted by each of the recipient's respective public keys (as shown in region 508). Further, DSB 500 includes a combination of each recipient's respective deviceID, hashed username, and appID (collectively denoted HWk1-n) in region 510.“); 
providing the updated public key set to the plurality of client devices (HOWELL, [¶0046]” DSB 500 also includes, for each message recipient 1-n, the key Ek1,1 encrypted by each of the recipient's respective public keys (as shown in region 508). Further, DSB 500 includes a combination of each recipient's respective deviceID, hashed username, and appID (collectively denoted HWk1-n) in region 510.“); and 
However, HOWELL does not disclose receiving, from an initiator device of the plurality of client devices for storage within the shared folder, an updated encrypted payload comprising the set of passwords and a modified shared encryption key that is utilized to encrypt the set of passwords and is encrypted in the shared folder utilizing the updated public key set
Wherein, GLOVER suggests receiving, from an initiator device of the plurality of client devices for storage within the shared folder, an updated encrypted payload comprising the set of passwords and a modified shared encryption key that is utilized to encrypt the set of passwords and is encrypted in the shared folder utilizing the updated public key set (GLOVER, [¶0040]” The owner of the content item sends a share request to the server, accompanied by their user Secret key “, [¶0042]” The server re-encrypts the item key with using the public key of the user with whom the item is to be shared”, [¶0043]” this newly encrypted copy of the item key is stored (typically alongside a permission record granting access to the item to the shared to user).”, [¶0059]” encrypt the symmetric key using the public key cryptography. The stored data then includes the symmetric key encrypted using the file public key and the document data encrypted using the symmetric key.“, [¶0059]” When each user is registered with the system they must provide a unique piece of information (the user secret) which will be used as the basis of all encryption for that user. The user secret may be based on a text passphrase (which would be distinct from the user's logon password) or may be derived from some other source. The user secret can be transformed by the server into a symmetric encryption key (the user secret key) by a process such as a one way cryptographic hash.“).

Claim 20 is a method claim reciting similar limitations as a non-transitory computer readable claim 7, therefore claim 20 is rejected based on the same rational as the non-transitory computer readable claim 7.



Claims (3) is/are rejected under 35 U.S.C. 103 as being unpatentable over HOWELL et al. (US-20200162440-A1, HOWELL referred to as " HOWELL”) in view of  GLOVER et al. (US-20130254536-A1, GLOVER referred to as “GLOVER”) and further view of WILSON et al. (US-20060174003-A1, WILSON referred to as " WILSON”).

Referring to claim 3, (HOWELL in view of GLOVER) discloses the non-transitory computer readable storage medium as recited in claim 1.
However, (HOWELL in view of GLOVER) does not explicitly disclose further comprising instructions that, when executed by the at least one processor, cause the content management system to receive a request to generate the shared folder for the set of passwords by: determining a set of password permissions associated with the set of passwords ; and generating a folder structure for the shared folder with access permissions to one or more folders corresponding to the set of password permissions within the folder structure.
Wherein, WILSON teaches further comprising instructions that, when executed by the at least one processor, cause the content management system to receive a request to generate the shared folder for the set of passwords by: determining a set of password permissions associated with the set of passwords (WILSON [Abstract]“ The method comprises providing a level of access based on a username and/or password used to authenticate a user” ; and 
generating a folder structure for the shared folder with access permissions to one or more folders corresponding to the set of password permissions within the folder structure (WILSON [Abstract]“” The system comprises a memory, software resident in the memory, and a processor that executes the software. When executed, the software may generate a share that identifies the corresponding FAT partition. The user may be granted access to the share when the username and/or password is authenticated. Further, the appropriate level of access may be determined by the username and/or password.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified (HOWELL in view of GLOVER) to incorporate the teaching of WILSON to utilize the above feature, with the motivation of providing access to data that is stored using file allocation tables (FAT), as recognized by (WILSON [0010]).

Claims (9 and 15) is/are rejected under 35 U.S.C. 103 as being unpatentable over HOWELL et al. (US-20200162440-A1, HOWELL referred to as " HOWELL”) in view of  GLOVER et al. (US-20130254536-A1, GLOVER referred to as “GLOVER”) and further view of BROUWER et al. (US- 20160065548 -A1, BROUWER referred to as " BROUWER”).

Referring to claim 9, (HOWELL in view of GLOVER) discloses the non-transitory computer readable storage medium as recited in claim 8.
However, (HOWELL in view of GLOVER) does not explicitly discloses further comprising instructions that, when executed by the at least one processor, cause the content management system to: receive, prior to sending the updated encrypted payload to the second client device, an additional modified shared encryption key from the second client device (BROUWER, [¶0109]” the storages 310-330 are implemented as key-value stores in some embodiments. The key of some embodiments for data stored in the cloud services 305 (e.g., the storage 325) by a sending device that is intended for a receiving device is a concatenation of the name of the sync circle to which the first and second devices belong, an identifier of the sending device, and an identifier of the receiving device. In some embodiments, the receiving device registers with this key-value pair so that when the value of the key-value pair changes (e.g., a value is added, modified, deleted, etc.) by the sending device, the cloud services 305 notifies the receiving device (e.g., via a push notification service). “); 
detect a conflict between the modified shared encryption key received from the first client device and the additional modified shared encryption key received from the second client device (BROUWER, [¶0149]” When the process 1300 determines that a keychain item in the local keychain has a primary key that is the same as the primary key of the updated keychain item, the process 1300 resolves (at 1360) the conflict between the updated keychain item and the local keychain item and applies the result of the conflict resolution to the local keychain. The process 1300 of different embodiments resolve conflicts between conflicting keychain items differently. One such approach is described below by reference to FIG. 15.“, [¶0149, FIG. 13]” When the process 1300 determines that a keychain item in the local keychain has a primary key that is the same as the primary key of the updated keychain item, the process 1300 resolves (at 1360) the conflict between the updated keychain item and the local keychain item and applies the result of the conflict resolution to the local keychain. “); 
and reject the additional modified shared encryption key received from the second client device in response to detecting the conflict [¶0149, FIG. 13]” When the process 1300 determines that a keychain item in the local keychain has a primary key that is the same as the primary key of the updated keychain item, the process 1300 resolves (at 1360) the conflict between the updated keychain item and the local keychain item and applies the result of the conflict resolution to the local keychain. “).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified (HOWELL in view of GLOVER) to incorporate the teaching of BROUWER to utilize the above feature, with the motivation of synchronization a keychain between devices by synchronizing the individual items of the keychain, as recognized by (BROUWER [0040]).

Referring to claim 15, (HOWELL in view of GLOVER) discloses the system as recited in claim 14.
However, (HOWELL in view of GLOVER) does not teach explicitly further comprising instructions that, when executed by the at least one processor, cause the system to: receive an additional modified shared encryption key from a follower device of the plurality of client devices after receiving the updated encrypted payload from the initiator device;   
in response to detecting a conflict between the modified shared encryption key received from the initiator device and the additional modified shared encryption key from the follower device, reject the additional modified shared encryption key received from the follower device; and 
send the updated encrypted payload comprising the set of passwords and the modified shared encryption key received from the initiator device to the follower device.
Wherein BROUWER teaches further comprising instructions that, when executed by the at least one processor, cause the system to: receive an additional modified shared encryption key from a follower device of the plurality of client devices after receiving the updated encrypted payload from the initiator device (BROUWER, [¶0109]” the storages 310-330 are implemented as key-value stores in some embodiments. The key of some embodiments for data stored in the cloud services 305 (e.g., the storage 325) by a sending device that is intended for a receiving device is a concatenation of the name of the sync circle to which the first and second devices belong, an identifier of the sending device, and an identifier of the receiving device. In some embodiments, the receiving device registers with this key-value pair so that when the value of the key-value pair changes (e.g., a value is added, modified, deleted, etc.) by the sending device, the cloud services 305 notifies the receiving device (e.g., via a push notification service). “);   
in response to detecting a conflict between the modified shared encryption key received from the initiator device and the additional modified shared encryption key from the follower device, reject the additional modified shared encryption key received from the follower device (BROUWER, [¶0149]” When the process 1300 determines that a keychain item in the local keychain has a primary key that is the same as the primary key of the updated keychain item, the process 1300 resolves (at 1360) the conflict between the updated keychain item and the local keychain item and applies the result of the conflict resolution to the local keychain. The process 1300 of different embodiments resolve conflicts between conflicting keychain items differently. One such approach is described below by reference to FIG. 15.“, [¶0149, FIG. 13]” When the process 1300 determines that a keychain item in the local keychain has a primary key that is the same as the primary key of the updated keychain item, the process 1300 resolves (at 1360) the conflict between the updated keychain item and the local keychain item and applies the result of the conflict resolution to the local keychain. “); and 
send the updated encrypted payload comprising the set of passwords and the modified shared encryption key received from the initiator device to the follower device  (BROUWER, [0157]” The process 1500 begins by identifying (at 1510) the timestamps of the conflicting updated keychain item and local keychain item. As noted above, the data structure of a keychain item in some embodiments includes a date field that indicates the time and date of the most recent modification to the keychain item.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified (HOWELL in view of GLOVER) to incorporate the teaching of BROUWER to utilize the above feature, with the motivation of resolving the encryption key conflicts, as recognized by (BROUWER [0157]).


Claims (12) is/are rejected under 35 U.S.C. 103 as being unpatentable over HOWELL et al. (US-20200162440-A1, HOWELL referred to as " HOWELL”) in view of  GLOVER et al. (US-20130254536-A1, GLOVER referred to as “GLOVER”) and further view of BHAT et al. (US- 20190097835-A1, BHAT referred to as " BHAT”).

Referring to claim 12, (HOWELL in view of GLOVER) discloses the system as recited in claim 10.
However, (HOWELL in view of GLOVER) does not disclose further comprising instructions that, when executed by the at least one processor, cause the system to receive a request to generate the shared folder for the set of passwords by: determining a hierarchy of folders within the shared folder; and
determining access permissions for each folder in the hierarchy of folders according to password permissions for a sharing membership for the shared folder.
Wherein, Bhat teaches determining a hierarchy of folders within the shared folder (BHAT, [¶0017]”  a system users application module configured to manage a user's access rights to the project data based at least on the user's credentials; a system project application module configured to manage a user's access to other application modules based at least on the user's credentials, and to allow a user to graphically explore the at least one project hierarchy, the exploration being limited at least by the user's credentials“); and
determining access permissions for each folder in the hierarchy of folders according to password permissions for a sharing membership for the shared folder (BHAT, [¶0055]” Users may be allowed varying levels of access privileges to System 100A depending on their designation (e.g. Installer, Administrator, Project Manager, Expert, Intaker, or End User). Other designations are also possible to specify. Users may be associated with particular buildings or with entire projects. User Management Application Module 150 may provide a variety of user interfaces that allows a credentialed individual or entity to access the Projects Database 170A, and create, update and delete users associated with a Project hierarchy or users associated with particular buildings/sites within a particular Project hierarchy. ”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified (HOWELL in view of GLOVER) to incorporate the teaching of BHAT to utilize the above feature, with the motivation of creating a user accounts for the cloud-based system for monitoring and controlling resources and environments, as recognized by (BHAT [0097]).


Claims (13) is/are rejected under 35 U.S.C. 103 as being unpatentable over HOWELL et al. (US-20200162440-A1, HOWELL referred to as " HOWELL”) in view of  GLOVER et al. (US-20130254536-A1, GLOVER referred to as “GLOVER”) and further view of BHAT et al. (US- 20190097835-A1, BHAT referred to as " BHAT”). and further view of SINHA et al. (US- 9773119-B2, SINHA referred to as " SINHA”).

Referring to claim 13, (HOWELL in view of GLOVER and further view BHAT) teaches the system as recited in claim 12.
However, (HOWELL in view of GLOVER and further view BHAT) does not teach explicitly further comprising instructions that, when executed by the at least one processor, cause the system to: assign, to a first account of the content management system, a first set of access permissions for a first set of folders corresponding to a first set of passwords within the hierarchy of folders; and assign, to a second account of the content management system, a second set of access permissions for a second set of folders corresponding to a second set of passwords within the hierarchy of folders.
Wherein SINHA teaches further comprising instructions that, when executed by the at least one processor, cause the system to: assign, to a first account of the content management system, a first set of access permissions for a first set of folders corresponding to a first set of passwords within the hierarchy of folders (SINHA, [Claim 3]” access to an electronic file to a user, the electronic file having a plurality of sections, wherein at least two of the sections of the electronic file are encrypted using at least two different hierarchical cryptographic keys, wherein a higher level section is associated with a first level {i.e., first account} in an organizational hierarchy and is encrypted using a first hierarchical cryptographic key “); 
and assign, to a second account of the content management system, a second set of access permissions for a second set of folders corresponding to a second set of passwords within the hierarchy of folders  (SINHA, [Claim 3]”  lower level section is associated with a second level {i.e., second account} in an organizational hierarchy and is encrypted using a second hierarchical cryptographic key different than the first hierarchical cryptographic key, wherein the second hierarchical cryptographic key is encrypted by the first hierarchical cryptographic key, the second level in the organizational hierarchy is lower than the first level in the organizational hierarchy”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified (HOWELL in view of GLOVER and further view BHAT) to incorporate the teaching of SINHA to utilize the above feature, with the motivation of securing and protected the electronic document, as recognized by (SINHA [Col 8, Line 18-20]).

Claims (18) is/are rejected under 35 U.S.C. 103 as being unpatentable over HOWELL et al. (US-20200162440-A1, HOWELL referred to as " HOWELL”) in view of  GLOVER et al. (US-20130254536-A1, GLOVER referred to as “GLOVER”) in further view of KIM et al. (US- 20200381088-A1, KIM referred to as " KIM”) 

Referring to claim 18, (HOWELL in view of GLOVER) discloses the method as recited in claim 17.
Wherein, HOWELL further discloses wherein: retrieving the public key set comprises: requesting a first public encryption key from a first client device associated with a first additional account of the content management system  (HOWELL, [¶0027]” Alice enters “Alice” into the interface. A determination is made as to whether the username is available. As one example, app 116 can supply a cryptographic hash of “Alice” to platform 102 for checking. If platform 102 does not already have a record for that hash, the username “Alice” is available for Alice to use. If platform 102 already has a record of that hash, Alice is instructed by the interface to pick an alternate username. Once Alice has selected an available username, she is asked to supply a password “, [¶0029]“ at 214 Alice's public key, deviceID, and appID are sent to platform 102 in a secure manner.”); 
requesting a second public encryption key from a second client device associated with a second additional account of the content management system (HOWELL, [¶0051]“ When Bob loads his copy of the messaging app on his smartphone (i.e., app 138 on device 114), the app communicates with platform 102 (e.g., via interface 118) to determine whether Bob has any new messages. Since Alice has sent a message to Bob since he last used app 138, a flag is set in database 120, indicating to app 138 that one or messages are available for download.”, {i.e., examiner interpreter the second client (Bob) device is a follower device and the first client which is (Alice) send message or attachment  is initiator device} ); and 
However, (HOWELL in view of GLOVER) does not teach explicitly wherein providing the public key set to the initial client device comprises providing, as part of the public key set, the first public encryption key and the second public encryption key to the initial client device.
Wherein, KIM teaches wherein providing the public key set to the initial client device comprises providing, as part of the public key set, the first public encryption key and the second public encryption key to the initial client device (KIM, [Abstract]” allowing the server to register the information, and assign a first private key and a first public key to a set site device and transmit the assigned keys to the site device in response to a request from the organization device; allowing the server to complete applicant authentication using a second private key assigned to an applicant for a clinical trial; allowing the site device to confirm previous participation information of the applicant; and allowing the site device to perform the clinical trial based on the previous participation information, encrypt a performance result of the clinical trial using the first public key, a second public key corresponding to the second private key, and the second private key, and transmit the encrypted performance result to the server.“).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified (HOWELL in view of GLOVER) to incorporate the teaching of KIM to utilize the above feature, with the motivation of the site device is checking whether the applicant is contracted to participate in another clinical trial on the basis of the participation history information, and making the site device to check a date on which a drug was last administered for the applicant having participated in a previous clinical trial when the applicant is not contracted to another clinical trial, as recognized by (KIM [0006]).


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. JEWELL et al. (US- 20180150477-A1, JEWELL referred to as " JEWELL”) suggests (par. [0049]) “a user may attempt to access managed files in a variety of ways, including through the previously discussed web based interface or directly through an editing application, etc., though access to content may be restricted based on user credentials (e.g., username and password) and sharing permissions to provide both private storage (single user) and shared access to files.”).
Any inquiry concerning this communication or earlier communications from the
examiner should be directed to AHMED HUMADI whose telephone number is (571)272-2066.
The examiner can normally be reached (7:30 am - 4:00 pm) Monday to Thursday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at
http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw, can be reached on (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be
obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/AHMED HUMADI/Examiner, Art Unit 2497                                                                                                                                                                                                        
/JORGE L ORTIZ CRIADO/Supervisory Patent Examiner, Art Unit 2496