DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
Claims 1, 12 and 18 have been amended. Claims 1-20 are currently pending. Applicant’s amendments, with respect to claims 1 and 12, overcome §102 rejections to the claims. The 102 rejections have been withdrawn.

Response to Arguments
Applicant’s arguments, filed on 06/28/2022, with respect to the rejection(s) of claim(s) 1, 12 and 18 under 35 USC 102 and 103 indicate that Fujii ‘543 does not disclose "receiving, from a main service, random number generation information indicating a number of fragments". This has been fully considered and are persuasive. Therefore, the rejections have been withdrawn. However, upon further consideration, a new ground(s) of rejection has been made in view of Fujii ‘543 and Perlman ‘227.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1-3, 10 and 12-13 is/are rejected under 35 U.S.C. 103 as being unpatentable over Fujii et al., US-20090144543-A1 (hereinafter “Fujii ‘543”) in view of Perlman, US-5901227-A (hereinafter “Perlman ‘227”).
Per claim 1 (independent):
Fujii ‘543 discloses: A method comprising: receiving random number generation information indicating a number of fragments into which data stored by a client device is to be fragmented; fragmenting the data according to the number of fragments as a set of fragments (FIG. 1, [0040], a secret sharing system … one client device 100 and n-1 storage servers 200, 300, ..., n00 (a set of entities) mutually connected through a network NW such as the Internet; [0042], The client device 100 is to realize a secret sharing device of the (k, n) threshold scheme in which n items (where n≥k≥2) of shared information D(0), ... , D(n-1) (a number of fragments) obtained by dividing the secret information S (data stored by a client device) are individually delivered to the n devices 100, 200, ... , n00 and the secret information S can be recovered from any k items of shared information, of the n items of shared information; [0013], a random number data creating device configured to create (k-1)(n-1) items of random number data R(1), ... , R((k-1)(n-1)) having the same size as that of said each divided secret data (indicating a number of fragments); a shared partial data calculating device configured to calculate a product of matrices with the random number data …  to create n items of header information H(1), ..., H(j), ..., H(n) (including random number information R via the product of matrices); a shared information delivering device configured to individually deliver the n items of shared information D(1), ... , D(j), ... , D(n), each formed by the header information H(j) … to the n storage units.);
incorporating authentication data with the set of fragments; identifying a set of entities capable of storing the set of fragments with the authentication data (FIG. 14, [0079], The check is made by comparison between the hash value calculated from the header information H(j) and the input hash value h(H(j)) and in the case of agreement, the header information H(j) is judged to be valid; [0080], The header information H(j) is considered to have … hash algorithm information (option) (authentication data); [0081], The hash algorithm information is added in the case of authenticating the originality of the header information after calculating the hash value of the header information; Note that the shared information D(j)(including the set of fragments) in FIG. 14 delivered to the n devices identified by j corresponding to a set of entities comprises each header information H(j) including the hash algorithm information, i.e., the authentication data.); 
storing the set of fragments with the authentication data across the set of entities, wherein a first fragment is stored at a first entity of the set of entities and a second fragment is stored at a second entity of the set of entities (FIG. 1, [0085], (f109-2) The function of delivering (storing) the n items of shared information D(1), ..., D(j),..., D(n) … to the devices 100, 200, ... , n00 through the communication unit 111; [0041], For example, j= 1 is assigned to the client device 100 and j=2 is assigned to the storage server 200. The number j=3 is assigned to the storage server 300, ..., and j=n is assigned to the storage server n00.).
Fujii ‘543 teaches that “random number generation information indicating a number of fragments” is generated from one client device rather than received from an external entity but Perlman ‘227 discloses: receiving, from a main service, information indicating a number of fragments into which data stored by a client device is to be fragmented (FIG. 1, [Col. 3], ll. 59 – [Col. 4], ll. 52, a plurality of computer nodes, such as user nodes 102a-n and various server nodes 104a-n … the KG 104a … either generates or accepts … an encryption key used to encrypt the private key … the KG must reliably communicate the generated public key to a certification authority (CA) 104b (a main service), so that the CA may cryptographically bind the public key and principal's name in a signed certificate; [Col. 5], ll. 21-50, A common technique for implementing key escrow involves encrypting a secret key (which is initially used to encrypt some information) … The encryption key may be further divided into discrete "pieces" (a number of fragments) and provided to a set of escrow agents (a client device) having a predetermined quorum for key recovery; FIG. 4, [Col. 6], ll. 10-50, a certificate 400. As noted, the certificate is a message … of a CA stating that a specified public key belongs to a particular principal with a specified name … the entries 412 of the (e.g., table) structure (information indicating a number of fragments); Note that the encryption key encrypting a secret key is divided and provided to a set of escrow agents based on the entries 412 including the public key (agent) list and the escrow group.).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Fujii ‘543 with the implementation of key escrow involving encrypting a secret key based on the certificate issued by a certification authority as taught by Perlman ‘227 because it would improve the reliability of an encrypting principal about an escrow authority requiring access to a secret key used to encrypt information since the CA’s signature cannot be forged [Col. 2], ll. 45 – [Col. 3], ll.20. Additionally, Perlman ‘227 is analogous to the claimed invention because it teaches a key escrow technique reliably notifying an encrypting principal about escrow authorities requiring access to a secret key used to encrypt information [Abstract].

Per claim 2 (dependent on claim 1):
Fujii ‘543 in view of Perlman ‘227 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference.
Fujii ‘543 discloses: The method of claim 1, wherein the fragmenting comprises: utilizing a chunking process to create a first block into which the first fragment is stored, wherein the first block comprises the first fragment and at least one of an entity identifier, a block identifier of the first block, a random identifier, a signature corresponding to the authentication data, or padding (FIG. 14, [0080], The header information H(j) is considered to have data identifier indicating the row number j, header size indicating the size of header, … , processing bit length a indicating the processing bit of the shared partial data D(j, i), random number data size a indicating the data size of the random number R(j) … padding algorithm … hash algorithm information; Note that the shared information D(j) (a first block) includes both the header information H(j) and the shared partial data D(j, n-1)(the first fragment).).

Per claim 3 (dependent on claim 1):
Fujii ‘543 in view of Perlman ‘227 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference.
Fujii ‘543 discloses: The method of claim 1, wherein the fragmenting comprises: utilizing a chunking process to create a first block associated with the first fragment, wherein the first block comprises a fragment pointer to a location at which the first fragment is stored and at least one of an entity identifier, a block identifier of the first block, a random identifier, a signature corresponding to the authentication data, or padding (FIG. 14, [0080], The header information H(j) is considered to have data identifier indicating the row number j, header size indicating the size of header, … , processing bit length a indicating the processing bit of the shared partial data D(j, i) (a fragment pointer), random number data size a indicating the data size of the random number R(j) … padding algorithm … hash algorithm information; Note that the shared information D(j) (a first block) includes both the header information H(j) and the shared partial data D(j, n-1)(the first fragment).).

Per claim 10 (dependent on claim 1):
Fujii ‘543 in view of Perlman ‘227 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference.
Fujii ‘543 discloses: The method of claim 1, wherein the fragmenting comprises: utilizing a Shamir's Secret Sharing (SSS) algorithm to fragment the data ([0005], in 1979, Shamir proposed a secret sharing method called a (k, n) threshold scheme (see, for example, A. Shamir; "How to Share a secret", Communications of the ACM, 22, 11, pp.612-613[1979]); [0006], In the (k, n) threshold scheme, when the secret information is divided (fragmented) into n items of shared information, the original secret information can be recovered from k out of the n items of shared information but cannot be recovered at all from the k-1 items of shared information; Note that Fujii ‘543 refers to the 1979 paper of Shamir as background information since the invention of Fujii ‘543 is to improve it without using polynomial interpolation.).

Per claim 12 (independent):
Fujii ‘543 discloses: A non-transitory computer-readable medium storing instructions that when executed perform a method comprising: fragmenting data stored by a client device into a set of fragments, wherein the set of fragments comprises a number of fragments specified by random number generation information (FIG. 1, [0042], The client device 100 is to realize a secret sharing device of the (k, n) threshold scheme in which n items (where n≥k≥2) of shared information D(0), ... , D(n-1) (a number of fragments) obtained by dividing the secret information S (data stored by a client device) are individually delivered to the n devices 100, 200, ... , n00 and the secret information S can be recovered from any k items of shared information, of the n items of shared information; [0013], a random number data creating device configured to create (k-1)(n-1) items of random number data R(1), ... , R((k-1)(n-1)) having the same size as that of said each divided secret data (specifying g a number of fragments); a shared partial data calculating device configured to calculate a product of matrices with the random number data …  to create n items of header information H(1), ..., H(j), ..., H(n) (including random number generation information R via the product of matrices); a shared information delivering device configured to individually deliver the n items of shared information D(1), ..., D(j), ..., D(n), each formed by the header information H(j) … to the n storage units.);
incorporating authentication data with the set of fragments to create a set of blocks, wherein a first block comprises the authentication data and a first fragment and a second block comprises the authentication data and a second fragment; identifying a set of entities capable of storing the set of blocks (FIG. 14, [0079], The check is made by comparison between the hash value calculated from the header information H(j) and the input hash value h(H(j)) and in the case of agreement, the header information H(j) is judged to be valid; [0080], The header information H(j) is considered to have … hash algorithm information (option) (authentication data); [0081], The hash algorithm information is added in the case of authenticating the originality of the header information after calculating the hash value of the header information; Note that the shared information D(j) (a set of blocks) includes both the header information H(j)(including authentication data) and the shared partial data D(j, n-1)( a set of fragments), where they are indexed by j representing a set of entities.);
storing the set of blocks across the set of entities, wherein the first block is stored at a first entity of the set of entities and the second block is stored at a second entity of the set of entities (FIG. 1, [0085], (f109-2) The function of delivering (storing) the n items of shared information D(1), ..., D(j),..., D(n) … to the devices 100, 200, ... , n00 through the communication unit 111; [0041], For example, j= 1 is assigned to the client device 100 and j=2 is assigned to the storage server 200. The number j=3 is assigned to the storage server 300, ..., and j=n is assigned to the storage server n00.).
Fujii ‘543 discloses that “random number generation information” specifying “a number of fragments” is generated from one client device rather than received from an external entity but Perlman ‘227 discloses: information specifying a number of fragments is received from a main service (FIG. 1, [Col. 3], ll. 59 – [Col. 4], ll. 52, a plurality of computer nodes, such as user nodes 102a-n and various server nodes 104a-n … the KG 104a … either generates or accepts … an encryption key used to encrypt the private key … the KG must reliably communicate the generated public key to a certification authority (CA) 104b (a main service), so that the CA may cryptographically bind the public key and principal's name in a signed certificate; [Col. 5], ll. 21-50, A common technique for implementing key escrow involves encrypting a secret key (which is initially used to encrypt some information) … The encryption key may be further divided into discrete "pieces" (a number of fragments) and provided to a set of escrow agents having a predetermined quorum for key recovery; FIG. 4, [Col. 6], ll. 10-50, a certificate 400. As noted, the certificate is a message … of a CA stating that a specified public key belongs to a particular principal with a specified name … the entries 412 of the (e.g., table) structure (information specifying a number of fragments); Note that the encryption key encrypting a secret key is divided and provided to a set of escrow agents based on the entries 412 including the public key (agent) list and the escrow group.).

Per claim 13 (dependent on claim 12):
Fujii ‘543 in view of Perlman ‘227 discloses the elements detailed in the rejection of claim 12 above, incorporated herein by reference.
Fujii ‘543 discloses: The non-transitory computer-readable medium of claim 12, wherein the method comprises: utilizing a plurality of bodyguard accounts as the set of entities, wherein the plurality of bodyguard accounts are hosted across multiple platforms (FIG. 1, [0093], The communication unit 202 (a plurality of bodyguard accounts) may have an authentication function of the client device 100 from the viewpoint of preventing leakage of the shared information D(2), in which case it is designed to return the shared information D(2) to the device 100 after the authentication of the client device 100).

Claim(s) 6-9, 11 and 17-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Fujii ‘543 in view of Perlman ‘227 and VALLADOLID et al., US-20220014354-A1 (hereinafter “VALLADOLID ‘354”).
Per claim 6 (dependent on claim 1):
Fujii ‘543 in view of Perlman ‘227 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference.
Fujii ‘543 in view of Perlman ‘227 does not disclose but VALLADOLID ‘354 discloses: The method of claim 1, wherein the data comprises a private key, and wherein the method comprises: storing the set of fragments of the private key with the authentication data into a plurality of placeholder keys stored across the set of entities (FIG. 1 and 5, [0170], at step 502, a user signs-up to use system 100 … to store and retrieve a secret (the data) on behalf of the user. The user registers this interest using client device 102; [0173], The user then provides their user information at step 506. The user information comprises a unique identifier generated from a username, a verifier corresponding to the identifier and generated from of a password or a biometric of the user (authentication data) … the secret is a private cryptographic key (private key); [0174], The randomly selected server then performs step 508 where it assesses the username and the corresponding password/biometric against predetermined criteria;[0176], client device 102 performs step 510, generating a cryptographic hash of the username and a cryptographic hash of the password or biometric. The cryptographic hash of the username (authentication data) will be used as the unique identifier stored (at the randomly selected server) in association with the share (fragments) of the secret; [0179], a 'share' of a cryptographic key (one of a plurality of placeholder keys) is deposited with each server 108 (the set of entities).).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Fujii ‘543 in view of Perlman ‘227 with the store of a plurality of shares of a private cryptographic key across a plurality of servers depending on a cryptographic hash of user credentials as taught by VALLADOLID ‘354 because the secret data such as cryptographic key can be stored remotely and returned to the owner upon request without having to store the whole secret in a single location that must be trusted and no sever has access to the user’s username [0014][0023]. Additionally, VALLADOLID ‘354 is analogous to the claimed invention because it teaches the system allowing for a user to operate a client device in order to store and retrieve a secret across a plurality of servers (See FIG. 1).

Per claim 7 (dependent on claim 1):
Fujii ‘543 in view of Perlman ‘227 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference.
Fujii ‘543 in view of Perlman ‘227 does not disclose but VALLADOLID ‘354 discloses: The method of claim 1, comprising: receiving an entity list specifying the set of entities across which the set of fragments are stored, wherein the entity list is provided in response to successful authentication (FIG. 1 and 5, [0170], at step 502, a user signs-up to use system 100 … to store and retrieve a secret on behalf of the user. The user registers this interest using client device 102; [0174], The randomly selected server then performs step 508 where it assesses (whether it is a successful authentication) the username and the corresponding password/biometric against predetermined criteria; [0176], client device 102 performs step 510, generating a cryptographic hash of the username and a cryptographic hash of the password or biometric. The cryptographic hash of the username (authentication data) will be used as the unique identifier stored in association with the share (fragments) of the secret; [0179], a 'share' of a cryptographic key is deposited with each server 108 (the set of entities); [0184], Step 512 of FIG. 5 requires the selection of a plurality of servers 108 (an entity list; after the assessment of user credentials) to act as RoS 104. There are a number of options available for selecting servers 108, each of which are designed to improve the robustness and/or security of system 100.).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Fujii ‘543 in view of Perlman ‘227 with the assessment of user credentials based on a cryptographic hash before the selection of servers storing the shares of the secret as taught by VALLADOLID ‘354 because it would improve the robustness and security of the system by providing an option of choosing servers after the assessment of user credentials.

Per claim 8 (dependent on claim 7):
Fujii ‘543 in view of Perlman ‘227 and VALLADOLID ‘354 discloses the elements detailed in the rejection of claim 7 above, incorporated herein by reference.
Fujii ‘543 discloses: The method of claim 7, comprising: utilizing the entity list to retrieve the set of fragments from the set of entities; and executing a reconstruction algorithm upon the set of fragments to reconstruct the data (FIG. 1, [0040], a secret sharing system … one client device 100 and n-1 storage servers 200, 300, ..., n00 (the entity list; a set of entities) mutually connected through a network NW such as the Internet; [0042], The client device 100 is to realize a secret sharing device of the (k, n) threshold scheme in which n items (where n≥k≥2) of shared information D(0), ... , D(n-1) (the set of fragments) obtained by dividing the secret information S are individually delivered to the n devices 100, 200, ... , n00 and the secret information S can be recovered (reconstructed) from any k items of shared information, of the n items of shared information; FIG. 17 (a reconstruction algorithm), [0125], The client device 100 starts the recovering process … collects any k items of shared information D(i_1), ..., D(i_j), ..., D(i_k), of the n items of shared information D(1) to D(n) delivered to the n devices 100, ..., n00).

Per claim 9 (dependent on claim 8):
Fujii ‘543 in view of Perlman ‘227 and VALLADOLID ‘354 discloses the elements detailed in the rejection of claim 8 above, incorporated herein by reference.
Fujii ‘543 in view of Perlman ‘227 does not disclose but VALLADOLID ‘354 discloses: The method of claim 8, comprising: utilizing the reconstruction algorithm to resolve hidden fragments (FIG. 8, [0214], At step 808, user device 102 receives shares from servers 108 … the servers 108 encrypts the shares using the owner's public key before providing them to the owner. In this case, the owner is able to decrypt (resolve) each share (encrypted share; hidden fragments) using the corresponding private key; [0215], Step 812 … the secret shared is reconstructed with the interpolation of a polynomial.).

Per claim 11 (dependent on claim 1):
Fujii ‘543 in view of Perlman ‘227 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference.
Fujii ‘543 in view of Perlman ‘227 does not disclose but VALLADOLID ‘354 discloses: The method of claim 1, wherein the storing comprises: utilizing a distributed storage distribution mechanism to distribute the set of fragments across the set of entities (FIG. 7, [0209], step 610 of method 514 is replaced in method 514' with step 610'. At step 610', the encrypted key fragments (the set of fragments) are deposited onto a distributed ledger or blockchain (a distributed storage distribution mechanism). Servers 108 (the set of entities) are then able to access the key fragments from the distributed ledger and decrypt them when required.).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Fujii ‘543 in view of Perlman ‘227 with the deposit of encrypted key fragments onto a distributed ledger for a plurality of servers to access them the as taught by VALLADOLID ‘354 because it would utilize the inherent properties of distributed ledgers, such as their accessibility and robustness to tampering and alteration in terms of accessing key fragments [0260].

Per claim 17 (dependent on claim 12):
Fujii ‘543 in view of Perlman ‘227 discloses the elements detailed in the rejection of claim 12 above, incorporated herein by reference.
Fujii ‘543 discloses: The non-transitory computer-readable medium of claim 12, wherein the method comprises: utilizing the entity list to retrieve the set of blocks from the set of entities; and executing a reconstruction algorithm upon the set of blocks to reconstruct the data (FIG. 1, [0040], a secret sharing system … one client device 100 and n-1 storage servers 200, 300, ..., n00 (the entity list; the a set of entities) mutually connected through a network NW such as the Internet; [0042], The client device 100 is to realize a secret sharing device of the (k, n) threshold scheme in which n items (where n≥k≥2) of shared information D(0), ... , D(n-1) (the set of blocks) obtained by dividing the secret information S are individually delivered to the n devices 100, 200, ... , n00 and the secret information S can be recovered (reconstructed) from any k items of shared information, of the n items of shared information; FIG. 17 (a reconstruction algorithm), [0125], The client device 100 starts the recovering process … collects any k items of shared information D(i_1), ..., D(i_j), ..., D(i_k), of the n items of shared information D(1) to D(n) delivered to the n devices 100, ..., n00);
Fujii ‘543 teaches receiving the entity list to reconstruct the data, but it does not suggest that the entity list is obtained in response to successful authentication. VALLADOLID ‘354 discloses: receiving an entity list specifying the set of entities across which the set of blocks are stored, wherein the entity list is provided in response to successful authentication (FIG. 1 and 5, [0170], at step 502, a user signs-up to use system 100 … to store and retrieve a secret on behalf of the user. The user registers this interest using client device 102; [0174], The randomly selected server then performs step 508 where it assesses (whether it is a successful authentication) the username and the corresponding password/biometric against predetermined criteria; [0176], client device 102 performs step 510, generating a cryptographic hash of the username and a cryptographic hash of the password or biometric. The cryptographic hash of the username (authentication data) will be used as the unique identifier stored in association with the share (the set of blocks) of the secret; [0179], a 'share' of a cryptographic key is deposited with each server 108 (the set of entities); [0184], Step 512 of FIG. 5 requires the selection of a plurality of servers 108 (an entity list; after the assessment of user credentials) to act as RoS 104. There are a number of options available for selecting servers 108, each of which are designed to improve the robustness and/or security of system 100.).

Per claim 18 (independent):
Fujii ‘543 discloses: A system comprising: a processor coupled to memory, the processor configured to execute instructions to perform a method comprising: receiving authentication data from a client device; generating a list of participating entities across which the fragments are to be stored by the client device; transmitting the random number generation information and the list of participating entities to the client device (FIG. 1, [0013], a random number data creating device configured to create (k-1)(n-1) items of random number data R(1), ... , R((k-1)(n-1)) having the same size as that of said each divided secret data (fragments); a shared partial data calculating device configured to calculate a product of matrices with the random number data …  to create n items of header information H(1), ..., H(j), ..., H(n) (including random number information R via the product of matrices); FIG. 14, [0079], The hash value checking unit 108 (of a client device) … is provided with a function of checking the header information H(j) based on the hash value h(H(j)); [0080], The header information H(j) is considered to have … hash algorithm information (option) (authentication data); [0081], The hash algorithm information is added in the case of authenticating the originality of the header information after calculating the hash value of the header information; Note that the shared information D(j)(including the fragments) in FIG. 14 delivered (by the client device) to the n devices identified by j corresponding to the list of participating entities comprises each header information H(j) including the hash algorithm information, i.e. the authentication data and the random number generation information R via the product of matrices); 
Fujii ‘543 merely teaches generating authentication data, random number generation information, and a list of participating entities from a client device, but does not indicate the random number is generated when the data is successfully authenticated. VALLADOLID ‘354 discloses: in response to successfully authenticating the authentication data, generating random number generation information corresponding to a number of fragments into which the client device is to fragment data stored by the client device (FIG. 1 and 5, [0170], at step 502, a user signs-up to use system 100 … to store and retrieve a secret (data) on behalf of the user. The user registers this interest using client device 102; [0174], The randomly selected server then performs step 508 where it assesses (whether it is a successful authentication) the username and the corresponding password/biometric against predetermined criteria; [0179], a 'share' of a cryptographic key (a number of fragments) is deposited with each server 108; [0184], Step 512 of FIG. 5 requires the selection of a plurality of servers 108 (after the assessment of user credentials) to act as RoS 104. There are a number of options available for selecting servers 108, each of which are designed to improve the robustness and/or security of system 100; [0188], Randomly selecting one or more of the servers (random number generation information corresponding to a number of fragments).).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Fujii ‘543 with the random selection of servers to which a share of a cryptographic key is to be deposited after assessment of user credentials as taught by VALLADOLID ‘354 because it would improve the robustness and/or security of the system. 
Fujii ‘543 discloses that “the random number generation information and the list of participating entities to the client device” is generated from one client device rather than being transmitted by an external entity but Perlman ‘227 discloses: transmitting, from a main service, fragments generation information and the list of participating entities to the client device (FIG. 1, [Col. 3], ll. 59 – [Col. 4], ll. 52, a plurality of computer nodes, such as user nodes 102a-n and various server nodes 104a-n … the KG 104a … either generates or accepts … an encryption key used to encrypt the private key … the KG must reliably communicate the generated public key to a certification authority (CA) 104b (a main service), so that the CA may cryptographically bind the public key and principal's name in a signed certificate; [Col. 5], ll. 21-50, A common technique for implementing key escrow involves encrypting a secret key (which is initially used to encrypt some information) … The encryption key may be further divided into discrete "pieces" (a number of fragments) and provided to a set of escrow agents (the client device) having a predetermined quorum for key recovery; FIG. 4, [Col. 6], ll. 10-50, a certificate 400. As noted, the certificate is a message … of a CA stating that a specified public key belongs to a particular principal with a specified name … the entries 412 of the (e.g., table) structure; Note that the encryption key encrypting a secret key is divided and provided to a set of escrow agents based on the entries 412 including the public key (agent) list (fragments generation information) and the escrow group (the list of participating entities to the client device).).

Per claim 19 (dependent on claim 18):
Fujii ‘543 in view of Perlman ‘227 and VALLADOLID ‘354 discloses the elements detailed in the rejection of claim 18 above, incorporated herein by reference.
Fujii ‘543 discloses: The system of claim 18, wherein the method comprises: receiving a request to reconstruct the data utilizing the fragments; identifying the participating entities at which the fragments are stored (FIG. 1, [0040], a secret sharing system … one client device 100 and n-1 storage servers 200, 300, ..., n00 (the participating entities) mutually connected through a network NW such as the Internet; [0042], The client device 100 is to realize a secret sharing device of the (k, n) threshold scheme in which n items (where n≥k≥2) of shared information D(0), ... , D(n-1) (including the fragments) obtained by dividing the secret information S are individually delivered to the n devices 100, 200, ... , n00 and the secret information S (the data) can be recovered (reconstructed) from any k items of shared information, of the n items of shared information; FIG. 17, [0125], The client device 100 starts the recovering process … collects any k items of shared information D(i_1), ..., D(i_j), ..., D(i_k), of the n items of shared information D(1) to D(n) delivered to the n devices 100, ..., n00).
Fujii ‘543 teaches indicating the participating entities, but this is not preceded by successfully authenticating the reconstruction request. VALLADOLID ‘354 discloses: providing an indication of the participating entities in response to successfully authenticating the request (FIG. 8, [0211], At step 802, the owner makes a request to RoS 104 to return (reconstruct) the secret; [0212], A randomly selected server receives the request and uses the unique identifier as an index to identify (i.e. authenticating the request) which servers 108 were selected at step 512 when the owner enrolled. The randomly selected server returns the list 604 of servers (the participating entities) to device 102 at step 804.; [0215], Step 812 … the secret shared is reconstructed with the interpolation of a polynomial.).

Per claim 20 (dependent on claim 18):
Fujii ‘543 in view of Perlman ‘227 and VALLADOLID ‘354 discloses the elements detailed in the rejection of claim 18 above, incorporated herein by reference.
Fujii ‘543 discloses: The system of claim 18, wherein the method comprises: utilizing at least one of a signature or an entity identifier within a block comprising a fragment to identify a participating entity of the participating entities (FIG. 14, [0082], The data format of the shared information D(j) (a block) includes the header information H(j), the hash value h(H(j)), and the n-1 items of shared partial data D(j, 1), D(j, 1), ..., D(j, n-1)(a fragment); Note that each j represents a participating entity.).

Claim(s) 14 and 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Fujii ‘543 in view of Perlman ‘227 and A. Ranjan and M. Bhonsle, "Advanced technics to shared & protect cloud data using multilayer steganography and cryptography," 2016 International Conference on Automatic Control and Dynamic Optimization Techniques (ICACDOT), 2016, pp. 35-41 (hereinafter “Ranjan ‘2016”).
Per claim 14 (dependent on claim 12):
Fujii ‘543 in view of Perlman ‘227 discloses the elements detailed in the rejection of claim 12 above, incorporated herein by reference.
Fujii ‘543 in view of Perlman ‘227 does not disclose but Ranjan ‘2016 discloses: The non-transitory computer-readable medium of claim 12, wherein the storing comprises: utilizing a steganography technique to hide the set of blocks within one or more images (FIG. 4, 4.3. Hash-LSB Encoding (a steganography technique) with AES Process, pg. 37-38, User need to pick two files which is your info file (the set of blocks) and image where you want to hide the info. AES will apply over the text. Uploaded image will broke into the each RGB pixel frame … Finally, System will generate the reconstructed image. At last, the generated image get stored into the cloud.).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Fujii ‘543 in view of Perlman ‘227 with the Hash-LSB encoding with AES process for hiding information in the cloud as taught by Ranjan ‘2016 because it would provide robust security over the stored data and user has full control over his/her created data (See 3.2-3.3). Additionally, Ranjan ‘2016 is analogous to the claimed invention because it teaches an effective and a unique approach to make sure information security in cloud computing by means of encrypting and concealing the info (See abstract).

Per claim 16 (dependent on claim 12):
Fujii ‘543 in view of Perlman ‘227 discloses the elements detailed in the rejection of claim 12 above, incorporated herein by reference.
Fujii ‘543 in view of Perlman ‘227 does not disclose but Ranjan ‘2016 discloses: The non-transitory computer-readable medium of claim 12, wherein the storing comprises: utilizing a superimposition technique to hide the set of blocks (FIG. 4, 4.3. Hash-LSB Encoding with AES Process, pg. 37-38, User need to pick two files which is your info file (the set of blocks) and image where you want to hide the info. AES will apply over the text. Uploaded image will break into the each RGB pixel frame (a superimposition technique) … Finally, System will generate the reconstructed image. At last, the generated image get stored into the cloud.).

Claim(s) 15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Fujii ‘543 in view of Perlman ‘227 and Jia et al., US-7487219-B1 (hereinafter “Jia ‘219”).
Per claim 15 (dependent on claim 12):
Fujii ‘543 in view of Perlman ‘227 discloses the elements detailed in the rejection of claim 12 above, incorporated herein by reference.
Fujii ‘543 in view of Perlman ‘227 does not disclose but Jia ‘219 discloses: The non-transitory computer-readable medium of claim 12, wherein the set of entities comprises a plurality of accounts such that the storing comprises: storing the set of blocks across the plurality of accounts (FIG. 1 and 2, [Col. 2], ll. 65 – [Col. 3], ll. 35, providing a virtual storage device … from a plurality of online storage accounts (103, 105, 107) (a plurality of accounts) … using a client-based driver (119) for aggregating the plurality of online storage accounts into the virtual storage device … The client-based driver (119) stores a data block (201) by automatically dividing the data block into multiple chunks (203) … sends (205) a first chunk of the multiple chunks and the topic to the first online storage account to store the data block (storing the set of blocks), maintaining a record in a table (207) for the topic, the first chunk, the first online storage account, and the dividing of the data block.).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Fujii ‘543 in view of Perlman ‘227 with the storing of multiple chunks of data into a plurality of online storage accounts as taught by Jia ‘219 because the storage capacity of the virtual data space can be dynamically sized by adding additional accounts and unauthorized access to one account will not result in access to the entire data set [Col. 1], ll.45-57. Additionally, Jia ‘219 is analogous to the claimed invention because it teaches that unauthorized access to one account will not result in access to the entire data set and further protection would be provided by having the table associated with data block information in an encrypted manner. 

Allowable Subject Matter
Claim(s) 4-5 is/are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SANGSEOK PARK whose telephone number is (571)272-4332. The examiner can normally be reached Monday-Thursday 7:30-5:30 and Alternate Fridays 8:30-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, PHILIP CHEA can be reached on (571)272-3951. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SANGSEOK PARK/Examiner, Art Unit 2499                                                                                                                                                                                                        /PHILIP J CHEA/Supervisory Patent Examiner, Art Unit 2499