Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 1-19 rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. 					Regarding claim 1, lines 10,11, and 14 contain the term “hidden”. The prior art of record fails to explicitly teach having “hidden” files and scanning for “hidden” data. The specification does not show sufficient detail to show possession (as per MPEP 2163) for  “scanning … for hidden files”. Paragraph 2 of the instant application’s specification merely states “This presents a problem to users who wish to conclusively know that data from a deleted data object has been destroyed, especially when such data is sensitive or confidential”. All Corresponding and Dependent claims are rejected similarly. 										
Claims 1-19 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.					Regarding claim 1, line 11 contains “that are not readily obvious to a user”, this language is indefinite. The examiner is not sure how to interpret something being readily obvious or not. Paragraph 17 of the instant application’s specification states “[0017] For example, a file may be backed up in a deeply-nested directory or on a drive, such as an external drive. The presence of such a file would not be readily obvious to a user.”. The examiner is still not sure what exactly makes file readily obvious or not readily obvious. All Corresponding and Dependent claims are rejected similarly. The examiner recommends bringing in more clear language such as “a file may be backed up in a deeply-nested directory or on a drive, such as an external drive” like paragraph 17 of the instant application states. All Corresponding and Dependent claims are rejected similarly.

	Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim 1,7,8 and 17-19 are rejected under 35 U.S.C. 103 as being unpatentable over US 20160171241 A1; YUN; Geun Yong (hereinafter Yun) in view of US 20080222216 A1 Jorden; Michael Philip et al. (hereinafter Jorden) and US 20170214701 A1 HASAN; SYED KAMRAN (hereinafter Syed). 
Regarding claim 1, Yun teaches A secure data deletion device, comprising: an enclosure; a connector for communicatively coupling to a computing device; a storage medium disposed within the enclosure and communicatively coupled to the connector; ( Yun [FIG. 1 & 2] show the system with a enclosure, connection for communication between a computing device and corresponding storage and the corresponding deletion unit  [0061] If the file system deletes a file stored on a storage device of the terminal (e.g., a hard disk, RAM, ROM, etc.), a mobile storage apparatus (e.g., a universal serial bus ( USB) memory thumb drive, an externally connected storage drive, etc.), and/or a networked storage apparatus (e.g., a cloud storage drive, a networked drive, a distributed file system, etc.), the file system may not delete the file from the physical storage region that stores the file,[52-55 and 59-61] further describe the hardware components in detail including connections and corresponding storages)										self-contained software disposed on the storage medium and comprising instructions configured to execute, by a processor, the steps of selecting for deletion files disposed on storage media accessible on the computing device, and performing a secure deletion action on the files. (Yun [0003] One or more example embodiments relate to apparatuses, methods, systems, and/or computer programs stored on non-transitory computer readable media for providing a secure file -deletion function. More particularly to, apparatuses, methods, systems, and/or computer programs stored on non-transitory for providing a secure file -deletion function that makes file recovery more difficult and/or impossible. [0012] According to one or more example embodiments, a method of securely deleting a file may include receiving, using at least one processor, a file deletion request, the file deletion request including file information for a file to be deleted that is stored on a storage device of an apparatus, deleting, using the at least one processor, the file associated with the file information, and overwriting, using the at least one processor, a storage region of the storage device, the storage region including a location that stores the file with a desired value [56 and 69-73] further elaborate on the selection and deletion process [FIG. 1 & 2] show the system with a enclosure, connection for communication between a computing device and corresponding storage and the corresponding deletion unit(s) [45-47] detail in on the computer readable and software of the system)									Yun lacks explicitly and orderly teaching performing a deep scan for each file of the files selected for deletion, the deep scan comprising scanning the storage media accessible on the computing device for hidden files similar to the files selected for deletion that are not readily obvious, wherein the hidden files comprise reformatted, duplicate, edited, changed, or modified versions of the files selected for deletion, and performing a secure deletion action on the hidden files.						Jordon teaches performing a deep scan for each file of the files selected for deletion, the deep scan comprising scanning the storage media accessible on the computing device for [hidden] files similar to the files selected for deletion that are not readily obvious, wherein the [hidden] files comprise reformatted, duplicate, edited, changed, or modified versions of the files selected for deletion (Jordan [0025] utilized for a deep scanning of selected files to allow the user or administrator to perform actions (deletion) on selected files.. files or documents contain multiple edited versions of the files or documents that are not compatible with a currently in-use software application, data may be applied to such files by the scanner module 105 and subsequently stored in the database 125 to cause such files to be reported via the reporting module 130 as requiring corrective action before such files may be utilized by the currently in-use software application... multiple versions of a given document  [FIG.1] shows visual flow of the system ) 		Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to take all prior methods and make the addition of Jordon's scanning methods in order to improve the user experience and system accuracy by allowing the user to perform corrective actions on files  (Jordan [0025] utilized for a deep scanning of selected files to allow the user or administrator to perform actions on selected files.. files or documents contain multiple edited versions of the files or documents that are not compatible with a currently in-use software application, data may be applied to such files by the scanner module 105 and subsequently stored in the database 125 to cause such files to be reported via the reporting module 130 as requiring corrective action before such files may be utilized by the currently in-use software application... multiple versions of a given document [FIG.1] shows visual flow of the system )						the combination still lacks explicitly teaching deep scan for hidden files and performing a secure deletion action on the hidden files.						Syed teaches deep scan for hidden files and performing a secure deletion action on the hidden files (Syed [0248] FIG. 34 shows more details to the Long-Term/Deep Scan 230 which uses Big Data 231. Deep Scan 230...With Anomaly Detection 237 ... the Deep Scan module to determine any potential risk events, like a Sensitive Filed [0250] find the Sensitive File 241, quarantines it, sends its exact state back to the Trusted Platform 10, and then attempts to secure erase it from the Criminal Computer 229. [FIG. 34] shows the visual deep scan for hidden files and then performing actions (deletion) )							Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to take all prior methods and make the addition of Syed's computer security methods in order to create a safer and more secure system via secure deletion (not a regular deletion) of the sensitive/hidden file (Syed [0248] FIG. 34 shows more details to the Long-Term/Deep Scan 230 which uses Big Data 231. Deep Scan 230...With Anomaly Detection 237 the Event Index and Security Behavior are used in accordance with the intermediate data provided by the Deep Scan module to determine any potential risk events, like a Sensitive File being transferred by an unauthorized agent to an Arbitrary System outside of the Enterprise Network. Arbitrary Computer 238 is shown as the resultant Destination server involved in the breach is highlighted, defined by any known characteristics such as MAC Address/last known IP address 239, country and uptime patterns etc. Such an analysis primarily involves the Foreign Entities Management 232 module. The system is then able to determine the likelihood [0250] The Exploit 253 then attempts to find the Sensitive File 241, quarantines it, sends its exact state back to the Trusted Platform 10, and then attempts to secure erase it from the Criminal Computer 229. )
Regarding claim 7, Yun, Jordan, and Syed teach The device of claim 1, wherein storage media accessible on the computing device comprise local storage media. (Yun [0069] Primary storage device 104 may be dedicated or shared. In some cases, each primary storage device 104 is dedicated to an associated client computing device 102, e.g., a local disk drive. In other cases, one or more primary storage devices 104 can be shared by multiple client computing devices 102, e.g., via a local network, in a cloud storage implementation, etc. As one example, primary storage device 104 can be a storage array shared by a group of client computing devices 102, such as EMC Clariion, EMC Symmetrix, EMC Celerra, Dell EqualLogic, IBM XIV, NetApp FAS, HP EVA, and HP 3PAR. [0123] As noted, off-loading certain responsibilities from client computing devices 102 to intermediate components such as secondary storage computing device(s) 106 and corresponding media agent(s) 144 can provide a number of benefits including improved performance of client computing device 102, faster and more reliable information management operations, and enhanced scalability. In one example which will be discussed further below, media agent 144 can act as a local cache of recently-copied data and/or metadata stored to secondary storage device(s) 108, thus improving restore capabilities and performance for the cached data.  [0127] Each media agent 144 may maintain an associated media agent database 152. Media agent database 152 may be stored to a disk or other storage device (not shown) that is local to the secondary storage computing device 106 on which media agent 144 executes.[0294] In some embodiments, the media agent 332 may maintain an associated media agent database, which may be stored to a disk or other storage device (not shown) that is local to the secondary storage computing device 306 on which the media agent 332 executes. )
Regarding claim 8, Yun ,Jordan, and Syed teach The device of claim 1, wherein storage media accessible on the computing device comprise cloud storage media. (Yun [0053] In the present specification, a physical storage region is a part of a memory apparatus and/or storage device, such as a hard disk drive, a solid state drive, a rewriteable optical disk, a tape storage device, a floppy disk, a read-only memory (ROM), a random access memory (RAM), a flash memory, a networked drive and/or networked storage device (e.g., a cloud computing drive, a distributed file system, etc.), etc., in which data is actually stored. The physical storage region may be usually accessed via an address allocated to the region. [0059] The file system is configured to control how data (e.g., files, information, materials, etc.) is stored, organized, and/or retrieved from the terminal via the OS. The file system may manage physical locations (and/or logical locations) of files and/or data stored on a physical storage apparatus, such as a hard disk, a solid state drive, a rewriteable optical disk, a tape storage device, a floppy disk, a read-only memory (ROM), a random access memory (RAM), a flash memory, etc., and may include providing access to materials on a file server, cloud computing system[0061]If the file system deletes a file stored on a storage device of the terminal (e.g., a hard disk, RAM, ROM, etc.), a mobile storage apparatus (e.g., a universal serial bus (USB) memory thumb drive, an externally connected storage drive, etc.), and/or a networked storage apparatus (e.g., a cloud storage drive, a networked drive, a distributed file system, etc.[0066] implemented as one or more processors, one or more processor cores, a distributed processing system, a network processing system, a cloud processing system, etc. )
Regarding claim 17, the combination of Yun, Jordan, and Syed teach The device of claim 1, wherein the deep scan locates all storage devices connected to the computing device. (Jordan [0014] the control module 110 is operative to navigate through one or more file storage locations on a given local computing device or on a remote computing device accessed via a distributed computing network.)
Regarding claim 18, the combination of Yun, Jordan, and Syed teach The device of claim 1, wherein the deep scan extends to connected remote drives. (Jordan [0014] the control module 110 is operative to navigate through one or more file storage locations on a given local computing device or on a remote computing device accessed via a distributed computing network.)
Regarding claim 19, the combination of Yun, Jordan, and Syed teach The device of claim 18, wherein the deep scan extends to cloud storage. (Syed [0248] FIG. 34 shows more details to the Long-Term/Deep Scan 230 which uses Big Data 231. Deep Scan 230 contributes to and engages with Big Data 231... a local database and a shared cloud database ...Local storage of such entries is pushed to the cloud database for the benefit of other enterprises. In return, useful event information is received for the benefit of local analysis)

Claim 2 is rejected under 35 U.S.C. 103 as being unpatentable over Yun in view of Jordan, Syed and US 20180124174 A; SWALLOW; Douglas Cary et al. (hereinafter Swallow). 
Regarding claim 2, Yun ,Jordan, and Syed teach The device of claim 1, wherein the instructions are further configured to execute the steps of:				but lacks explicitly and orderly teaching scanning all files disposed on storage media accessible on the computing device;	generating a scan result list of files; and selecting desired files from the result list of files							However Shallow helps teach scanning all files disposed on storage media accessible on the computing device; generating a scan result list of files; and selecting desired files from the result list of files (Swallow [0021] FIG. 4 is a block diagram illustrating some salient portions of a system 400 for scanning a network storage system to identify files [274]a storage system may be scanned or analyzed to identify files  [0303] At block 514, the data agent 142 receives scan result from the network storage system 302. The scan result may include a list of files to be backed up, the location of the files to be backed up, and any other metadata associated with the files that may be used to facilitate the backup of the files. For instance, in some embodiments, different types of files may be backed up two different locations or systems within the secondary storage subsystem 118. In such embodiments, the scan result may include a type of each of the files. In some embodiments, the scan results may be received in a distributed manner from a plurality of scanning threads 406. For example, each of the scanning threads 406 may separately provide, or cause to be provided, the scan result or portion of the scan result to the scanning agent 402 or the data agent 142. In some cases, each of the scanning threads 406 may establish a separate communication channel with the data agent 142. Alternatively, the network storage manager 404 may aggregate the results from each of the scanning threads 406 the scan the network storage repository 304. In some such embodiments, the network storage manager 404 may provide the aggregated scan result to the data agent 142. In some embodiments, the scan results may be provided via plurality of packets to the data agent 142, which may then aggregate received packets to generate a scan results file. In some cases, the data agent 142 may provide the scan results to a storage manager 140. [0304] At block 516, the data agent 142 initiates a backup of the network storage system 302 based at least in part on the receive scan result. Alternatively, or in addition, the storage manager 140 may initiate the backup of the network storage system 302. Initiating the back up the network storage system 302 may include identifying to the network storage manager 404 the list of files to be backed up. The identification of this list of files may be determined based at least in part on the scan result received at the block 514. Further, the data agent 142 may receive the files to be backed up from the network storage system 302 and may provide the files to one or more media agents at the secondary storage subsystem 118. Alternatively, or in addition, the data agent 142 may identify to the network storage system 302 the media agents to receive the files for backup. In some such cases, the network storage system 302 may provide the files for backup to the identified media agents without providing the files to the data agent 142.[325-333] further elaborate )						Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to take all Yun's methods and make the addition of Swallow in order to create a more efficient system for searching and presenting data (Shallow [0003]For instance, data analysis capabilities, information management, improved data presentation and access features, and the like, are in increasing demand.  [0008] Embodiments disclosed herein address the need to more efficiently [0299] In some embodiments, the number of scanning threads selected may be one. However, typically, a plurality of scanning threads is selected. Advantageously, in certain embodiments, by selecting a plurality of scanning threads to perform a scanning process, the scanning process may be completed more quickly compared to other processes for identifying files for backup. [0303] At block 514, the data agent 142 receives scan result from the network storage system 302. The scan result may include a list of files to be backed up, the location of the files to be backed up, and any other metadata associated with the files that may be used to facilitate the backup of the files. For instance, in some embodiments, different types of files may be backed up two different locations or systems within the secondary storage subsystem 118. In such embodiments, the scan result may include a type of each of the files. In some embodiments, the scan results may be received in a distributed manner from a plurality of scanning threads 406. For example, each of the scanning threads 406 may separately provide, or cause to be provided, the scan result or portion of the scan result )						
Claim 4 and 6 are rejected under 35 U.S.C. 103 as being unpatentable over Yun, Jordan, Syed in view of US 20060143476 A1; McGovern; William P. (hereinafter McGovern).
Regarding claim 4, Yun ,Jordan, and Syed teach The device of claim 1, wherein the secure deletion action 										but lacks explicitly teaching wherein the secure deletion action is a multi-pass random overwrite process										McGovern however helps teach wherein the secure deletion action is a multi-pass random overwrite process (McGovern [0006] Several different "patterns" have been developed to perform media overwrite sanitization. A pattern is the sequence of bits (ones and zeros) that is written to the drive in order to prevent recovery of deleted data. The " Guttman" pattern is an example of a pattern used by many hard drive sanitization applications. Using a multiple pass overwrite, different patterns may be used for each pass. For example, the first pass may use a particular pattern, where the second pass may use the pattern's complement, and the third pass may use random data. [0039] In operation 608, the first encryption key is deleted, and the blocks 504c-504e representing the file are marked as available, so that they may be overwritten. The first encryption key is deleted by overwriting the key in the cryptographic key database. The first encryption key may be overwritten using any one of several known techniques, including using any one of the well-known patterns (such as a " Guttman" pattern), writing zeroes over the key ("zeroing" the key), etc. According to one embodiment, the first encryption key may be overwritten only once, since the data that comprises an encryption key must be completely intact to be useful. Therefore, more robust sanitization techniques may not be necessary. Further, the cryptographic key database is encrypted using the master key 316 (see FIG. 3). The master key 316 is physically located within the system 300 of FIG. 3, and therefore a user or client must have access to the system 300 to gain access to the first encryption key. If a malicious user only has access to the disk 500 (see FIG. 5), the user will be unable to decrypt the cryptographic key database, and therefore will be unable to obtain the first encryption key. Once the first encryption key is discarded, the file `A` has been sanitized, even though the blocks 504c-504e may not have been overwritten, since the data stored in the disk region 502a is unreadable without the first encryption key. )					Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to take all Yun's methods and make the addition of McGovern in order to create a strong method of preventing data recovery after deletion (McGovern [0006] Several different "patterns" have been developed to perform media overwrite sanitization. A pattern is the sequence of bits (ones and zeros) that is written to the drive in order to prevent recovery of deleted data. The "Guttman" pattern is an example of a pattern used by many hard drive sanitization applications. Using a multiple pass overwrite, different patterns may be used for each pass. For example, the first pass may use a particular pattern, where the second pass may use the pattern's complement, and the third pass may use random data.  [0009] A shortcoming of known sanitization techniques and system 100 is that they sanitize only at a disk-wide level of granularity. When a hard drive or other storage device is being retired or removed from use, the entire device (e.g., the entire disk drive) is sanitized to protect the data.)
Regarding claim 6, Yun , Jordan, and Syed teach The device of claim 1, wherein the secure deletion action										but lacks explicitly teaching wherein the secure deletion action is a Guttman algorithm.													However McGovern teaches wherein the secure deletion action is a Guttman algorithm (McGovern [0006] Several different "patterns" have been developed to perform media overwrite sanitization. A pattern is the sequence of bits (ones and zeros) that is written to the drive in order to prevent recovery of deleted data. The " Guttman" pattern is an example of a pattern used by many hard drive sanitization applications. Using a multiple pass overwrite, different patterns may be used for each pass. For example, the first pass may use a particular pattern, where the second pass may use the pattern's complement, and the third pass may use random data. [0039] In operation 608, the first encryption key is deleted, and the blocks 504c-504e representing the file are marked as available, so that they may be overwritten. The first encryption key is deleted by overwriting the key in the cryptographic key database. The first encryption key may be overwritten using any one of several known techniques, including using any one of the well-known patterns (such as a " Guttman" pattern), writing zeroes over the key ("zeroing" the key), etc. According to one embodiment, the first encryption key may be overwritten only once, since the data that comprises an encryption key must be completely intact to be useful. Therefore, more robust sanitization techniques may not be necessary. Further, the cryptographic key database is encrypted using the master key 316 (see FIG. 3). The master key 316 is physically located within the system 300 of FIG. 3, and therefore a user or client must have access to the system 300 to gain access to the first encryption key. If a malicious user only has access to the disk 500 (see FIG. 5), the user will be unable to decrypt the cryptographic key database, and therefore will be unable to obtain the first encryption key. Once the first encryption key is discarded, the file `A` has been sanitized, even though the blocks 504c-504e may not have been overwritten, since the data stored in the disk region 502a is unreadable without the first encryption key. )							Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to take all Yun's methods and make the addition of McGovern in order to create a strong method of preventing data recovery after deletion (McGovern [0006] Several different "patterns" have been developed to perform media overwrite sanitization. A pattern is the sequence of bits (ones and zeros) that is written to the drive in order to prevent recovery of deleted data. The "Guttman" pattern is an example of a pattern used by many hard drive sanitization applications. Using a multiple pass overwrite, different patterns may be used for each pass. For example, the first pass may use a particular pattern, where the second pass may use the pattern's complement, and the third pass may use random data.  [0009] A shortcoming of known sanitization techniques and system 100 is that they sanitize only at a disk-wide level of granularity. When a hard drive or other storage device is being retired or removed from use, the entire device (e.g., the entire disk drive) is sanitized to protect the data.)
Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Yun ,Jordan, and Syed in view of “Everything You Need to Know About the DoD 5220.22-M Wiping Standard & Its Applications Today”, Richard Stiennon, March 28, 2019 (hereinafter Richard)
Regarding claim 5, Yun ,Jordan, and Syed teach The device of claim 1, wherein the secure deletion action										but lacks explicitly teaching wherein the secure deletion action is a DOD Standard 5250.22M algorithm										However Richard helps teach wherein the secure deletion action is a DOD Standard 5250.22M algorithm (Richard [page 1]The DoD 5220.22-M method for data erasure first appeared in the early days of the data sanitization industry. When it was published by the U.S. Department of Defense (DoD) in the National Industrial Security Program Operating Manual (also known as“NISPOM,” or Department of Defense document #5220.22-M), it specified a process of overwriting hard disk drives (HDDs) with patterns of ones and zeros. The process required three secure overwriting passes and verification at the end of the final pass.This was in 1995, before the debut of smartphones and the widespread use of flash-based storage technologies.[page 2] Erasing an HDD using the DoD 5220.22-M (https://www.dss.mil/ma/ctp/io/fcb/nisp/) data sanitization method will prevent all software-based file recovery methods, as well as hardware-based recovery methods, from recovering meaningful data from the drive)						Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to take all Yun's methods and make the addition of Stiennon in order to create a stronger method of preventing data recovery after deletion and henceforth improve data protection.			
Claims 9,15 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Yun in view of Jordan, Syed and US 20210034244 A1; AUSARKAR; Amit Bhaskar et al. (hereinafter Amit)
Regarding claim 9, Yun ,Jordan, and Syed teach A method for secure data deletion, comprising: … a data deletion device to a computing device, the data deletion device comprising an enclosure, a connector for communicatively coupling the data deletion device to the computing device, ( Yun [FIG. 1 & 2] show the system with a enclosure, connection for communication between a computing device and corresponding storage and the corresponding deletion unit  [0061] If the file system deletes a file stored on a storage device of the terminal (e.g., a hard disk, RAM, ROM, etc.), a mobile storage apparatus (e.g., a universal serial bus ( USB) memory thumb drive, an externally connected storage drive, etc.), and/or a networked storage apparatus (e.g., a cloud storage drive, a networked drive, a distributed file system, etc.), the file system may not delete the file from the physical storage region that stores the file,[52-55 and 59-61] further describe the hardware components in detail including connections and corresponding storages)			and a storage medium on which a self- contained secure data deletion software is stored; selecting for deletion files disposed on storage media accessible on the computing device; performing a secure deletion action on the selected files; (Yun [0003] One or more example embodiments relate to apparatuses, methods, systems, and/or computer programs stored on non-transitory computer readable media for providing a secure file -deletion function. More particularly to, apparatuses, methods, systems, and/or computer programs stored on non-transitory for providing a secure file -deletion function that makes file recovery more difficult and/or impossible. [0012] According to one or more example embodiments, a method of securely deleting a file may include receiving, using at least one processor, a file deletion request, the file deletion request including file information for a file to be deleted that is stored on a storage device of an apparatus, deleting, using the at least one processor, the file associated with the file information, and overwriting, using the at least one processor, a storage region of the storage device, the storage region including a location that stores the file with a desired value [56 and 69-73] further elaborate on the selection and deletion process [FIG. 1 & 2] show the system with a enclosure, connection for communication between a computing device and corresponding storage and the corresponding deletion unit(s) [45-47] detail in on the computer readable and software of the system)													Yun lacks explicitly teaching coupling and decoupling the secure data deletion device from the computing device.									However Amit helps teach coupling and decoupling the secure data deletion device from the computing device ( Amit [0056] System 100 includes computing devices and computing technologies. For instance, system 100 can include one or more client computing devices 102 and secondary storage computing devices 106, as well as storage manager 140 or a host computing device for it. Computing devices can include, without limitation, one or more: workstations, personal computers, desktop computers, or other types of generally fixed computing systems such as mainframe computers, servers, and minicomputers. Other computing devices can include mobile or portable computing devices, such as one or more laptops, tablet computers, personal data assistants, mobile phones (such as smartphones), and other mobile or portable computing devices such as embedded computers, set top boxes, vehicle-mounted devices, wearable computers, etc. Servers can include mail servers, file servers, database servers, virtual machine servers, and web servers. Any given computing device comprises one or more processors  [0064] Client computing devices 102 and other components in system 100 can be connected to one another via one or more electronic communication pathways 114. For example, a first communication pathway 114 may communicatively couple client computing device 102 and secondary storage computing device 106; a second communication pathway 114 may communicatively couple storage manager 140 and client computing device 102; and a third communication pathway 114 may communicatively couple storage manager 140 and secondary storage computing device 106, etc. (see, e.g., FIG. 1A and FIG. 1C). A communication pathway 114 can include one or more networks or other connection types including one or more of the following  [0264] By moving specialized software associated with system 200 such as data agent 242 off the client computing devices 202, the architecture effectively decouples the client computing devices 202 from the installed components of system 200, improving both scalability and plug -ability of system 200. Indeed, the secondary storage subsystem 218 in such environments can be treated simply as a read/write NFS target for primary storage subsystem 217, without the need for information management software to be installed on client computing devices 202. As one example, an enterprise implementing a cloud production computing environment can add VM client computing devices 202 without installing and configuring specialized information management software on these VMs. Rather, backups and restores are achieved transparently, where the new VMs simply write to and read from the designated NFS path.)				Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to take all and make the addition of Amit in order to improve scalability, adaptability and plug-ability of the system ( Amit [0056] System 100 includes computing devices and computing technologies. For instance, system 100 can include one or more client computing devices 102 and secondary storage computing devices 106, as well as storage manager 140 or a host computing device for it. Computing devices can include, without limitation, one or more: workstations, personal computers, desktop computers, or other types of generally fixed computing systems such as mainframe computers, servers, and minicomputers. Other computing devices can include mobile or portable computing devices, such as one or more laptops, tablet computers, personal data assistants, mobile phones (such as smartphones), and other mobile or portable computing devices such as embedded computers, set top boxes, vehicle-mounted devices, wearable computers, etc. Servers can include mail servers, file servers, database servers, virtual machine servers, and web servers. Any given computing device comprises one or more processors  [0064] Client computing devices 102 and other components in system 100 can be connected to one another via one or more electronic communication pathways 114. For example, a first communication pathway 114 may communicatively couple client computing device 102 and secondary storage computing device 106; a second communication pathway 114 may communicatively couple storage manager 140 and client computing device 102; and a third communication pathway 114 may communicatively couple storage manager 140 and secondary storage computing device 106, etc. (see, e.g., FIG. 1A and FIG. 1C). A communication pathway 114 can include one or more networks or other connection types including one or more of the following [0264] By moving specialized software associated with system 200 such as data agent 242 off the client computing devices 202, the architecture effectively decouples the client computing devices 202 from the installed components of system 200, improving both scalability and plug -ability of system 200. Indeed, the secondary storage subsystem 218 in such environments can be treated simply as a read/write NFS target for primary storage subsystem 217, without the need for information management software to be installed on client computing devices 202. As one example, an enterprise implementing a cloud production computing environment can add VM client computing devices 202 without installing and configuring specialized information management software on these VMs. Rather, backups and restores are achieved transparently, where the new VMs simply write to and read from the designated NFS path.)											the combination lacks explicitly and orderly teaching performing a deep scan for each file of the files selected for deletion, the deep scan comprising scanning the storage media accessible on the computing device for hidden files similar to the files selected for deletion that are not readily available, wherein the hidden files comprise reformatted, duplicate, edited, changed, or modified versions of the files selected for deletion, and performing a secure deletion action on the hidden files.				Jordon teaches performing a deep scan for each file of the files selected for deletion, the deep scan comprising scanning the storage media accessible on the computing device for … files similar to the files selected for deletion that are not readily available, wherein the … files comprise reformatted, duplicate, edited, changed, or modified versions of the files selected for deletion (Jordan [0025] utilized for a deep scanning of selected files to allow the user or administrator to perform actions (deletion) on selected files.. files or documents contain multiple edited versions of the files or documents that are not compatible with a currently in-use software application, data may be applied to such files by the scanner module 105 and subsequently stored in the database 125 to cause such files to be reported via the reporting module 130 as requiring corrective action before such files may be utilized by the currently in-use software application... multiple versions of a given document [FIG.1] shows visual flow of the system ) 						Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to take all prior methods and make the addition of Jordon's scanning methods in order to improve the user experience and system accuracy by allowing the user to perform corrective actions on files  (Jordan [0025] utilized for a deep scanning of selected files to allow the user or administrator to perform actions on selected files.. files or documents contain multiple edited versions of the files or documents that are not compatible with a currently in-use software application, data may be applied to such files by the scanner module 105 and subsequently stored in the database 125 to cause such files to be reported via the reporting module 130 as requiring corrective action before such files may be utilized by the currently in-use software application... multiple versions of a given document [FIG.1] shows visual flow of the system )						the combination still lacks explicitly teaching deep scan …for hidden files and performing a secure deletion action on the hidden files.						Syed teaches deep scan … for hidden files and performing a secure deletion action on the hidden files (Syed [0248] FIG. 34 shows more details to the Long-Term/Deep Scan 230 which uses Big Data 231. Deep Scan 230...With Anomaly Detection 237 ... the Deep Scan module to determine any potential risk events, like a Sensitive Filed [0250] find the Sensitive File 241, quarantines it, sends its exact state back to the Trusted Platform 10, and then attempts to secure erase it from the Criminal Computer 229. [FIG. 34] shows the visual deep scan for hidden files and then performing actions (deletion) )							Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to take all prior methods and make the addition of Syed's computer security methods in order to create a safer and more secure system (Syed [0248] FIG. 34 shows more details to the Long-Term/Deep Scan 230 which uses Big Data 231. Deep Scan 230...With Anomaly Detection 237 the Event Index and Security Behavior are used in accordance with the intermediate data provided by the Deep Scan module to determine any potential risk events, like a Sensitive File being transferred by an unauthorized agent to an Arbitrary System outside of the Enterprise Network. Arbitrary Computer 238 is shown as the resultant Destination server involved in the breach is highlighted, defined by any known characteristics such as MAC Address/last known IP address 239, country and uptime patterns etc. Such an analysis primarily involves the Foreign Entities Management 232 module. The system is then able to determine the likelihood [0250] The Exploit 253 then attempts to find the Sensitive File 241, quarantines it, sends its exact state back to the Trusted Platform 10, and then attempts to secure erase it from the Criminal Computer 229.
	Regarding claim 15, the combination of Yun, Jorden, Syed and Amit teach The method of claim 9, wherein storage media accessible on the computing device comprise local storage media (Yun [0069] Primary storage device 104 may be dedicated or shared. In some cases, each primary storage device 104 is dedicated to an associated client computing device 102, e.g., a local disk drive. In other cases, one or more primary storage devices 104 can be shared by multiple client computing devices 102, e.g., via a local network, in a cloud storage implementation, etc. As one example, primary storage device 104 can be a storage array shared by a group of client computing devices 102, such as EMC Clariion, EMC Symmetrix, EMC Celerra, Dell EqualLogic, IBM XIV, NetApp FAS, HP EVA, and HP 3PAR. [0123] As noted, off-loading certain responsibilities from client computing devices 102 to intermediate components such as secondary storage computing device(s) 106 and corresponding media agent(s) 144 can provide a number of benefits including improved performance of client computing device 102, faster and more reliable information management operations, and enhanced scalability. In one example which will be discussed further below, media agent 144 can act as a local cache of recently-copied data and/or metadata stored to secondary storage device(s) 108, thus improving restore capabilities and performance for the cached data.  [0127] Each media agent 144 may maintain an associated media agent database 152. Media agent database 152 may be stored to a disk or other storage device (not shown) that is local to the secondary storage computing device 106 on which media agent 144 executes.[0294] In some embodiments, the media agent 332 may maintain an associated media agent database, which may be stored to a disk or other storage device (not shown) that is local to the secondary storage computing device 306 on which the media agent 332 executes. )
Regarding claim 16, the combination of Yun, Jorden, Syed and Amit teach the method of claim 9, wherein storage media accessible on the computing device comprise cloud storage media. (Yun [0053] In the present specification, a physical storage region is a part of a memory apparatus and/or storage device, such as a hard disk drive, a solid state drive, a rewriteable optical disk, a tape storage device, a floppy disk, a read-only memory (ROM), a random access memory (RAM), a flash memory, a networked drive and/or networked storage device (e.g., a cloud computing drive, a distributed file system, etc.), etc., in which data is actually stored. The physical storage region may be usually accessed via an address allocated to the region. [0059] The file system is configured to control how data (e.g., files, information, materials, etc.) is stored, organized, and/or retrieved from the terminal via the OS. The file system may manage physical locations (and/or logical locations) of files and/or data stored on a physical storage apparatus, such as a hard disk, a solid state drive, a rewriteable optical disk, a tape storage device, a floppy disk, a read-only memory (ROM), a random access memory (RAM), a flash memory, etc., and may include providing access to materials on a file server, cloud computing system[0061]If the file system deletes a file stored on a storage device of the terminal (e.g., a hard disk, RAM, ROM, etc.), a mobile storage apparatus (e.g., a universal serial bus (USB) memory thumb drive, an externally connected storage drive, etc.), and/or a networked storage apparatus (e.g., a cloud storage drive, a networked drive, a distributed file system, etc.[0066] implemented as one or more processors, one or more processor cores, a distributed processing system, a network processing system, a cloud processing system, etc. )
Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Yun in view of Jorden, Syed, Amit and Swallow.
Regarding claim 10, the combination of Yun, Jorden, Syed and Amit teach The method of claim 9, wherein selecting files further comprises				but lack scanning all files disposed on storage media accessible on the computing device; generating a scan result list of file and selecting desired files from the result list of files.											However Swallow helps teach scanning all files disposed on storage media accessible on the computing device; generating a scan result list of file and selecting desired files from the result list of files. (Swallow  [0021] FIG. 4 is a block diagram illustrating some salient portions of a system 400 for scanning a network storage system to identify files [274]a storage system may be scanned or analyzed to identify files  [0303] At block 514, the data agent 142 receives scan result from the network storage system 302. The scan result may include a list of files to be backed up, the location of the files to be backed up, and any other metadata associated with the files that may be used to facilitate the backup of the files. For instance, in some embodiments, different types of files may be backed up two different locations or systems within the secondary storage subsystem 118. In such embodiments, the scan result may include a type of each of the files. In some embodiments, the scan results may be received in a distributed manner from a plurality of scanning threads 406. For example, each of the scanning threads 406 may separately provide, or cause to be provided, the scan result or portion of the scan result to the scanning agent 402 or the data agent 142. In some cases, each of the scanning threads 406 may establish a separate communication channel with the data agent 142. Alternatively, the network storage manager 404 may aggregate the results from each of the scanning threads 406 the scan the network storage repository 304. In some such embodiments, the network storage manager 404 may provide the aggregated scan result to the data agent 142. In some embodiments, the scan results may be provided via plurality of packets to the data agent 142, which may then aggregate received packets to generate a scan results file. In some cases, the data agent 142 may provide the scan results to a storage manager 140. [0304] At block 516, the data agent 142 initiates a backup of the network storage system 302 based at least in part on the receive scan result. Alternatively, or in addition, the storage manager 140 may initiate the backup of the network storage system 302. Initiating the back up the network storage system 302 may include identifying to the network storage manager 404 the list of files to be backed up. The identification of this list of files may be determined based at least in part on the scan result received at the block 514. Further, the data agent 142 may receive the files to be backed up from the network storage system 302 and may provide the files to one or more media agents at the secondary storage subsystem 118. Alternatively, or in addition, the data agent 142 may identify to the network storage system 302 the media agents to receive the files for backup. In some such cases, the network storage system 302 may provide the files for backup to the identified media agents without providing the files to the data agent 142.[325-333] further elaborate )						Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to take all Yun's methods and make the addition of Swallow in order to create a more efficient system for searching and presenting data (Shallow [0003]For instance, data analysis capabilities, information management, improved data presentation and access features, and the like, are in increasing demand.  [0008] Embodiments disclosed herein address the need to more efficiently [0299] In some embodiments, the number of scanning threads selected may be one. However, typically, a plurality of scanning threads is selected. Advantageously, in certain embodiments, by selecting a plurality of scanning threads to perform a scanning process, the scanning process may be completed more quickly compared to other processes for identifying files for backup. [0303] At block 514, the data agent 142 receives scan result from the network storage system 302. The scan result may include a list of files to be backed up, the location of the files to be backed up, and any other metadata associated with the files that may be used to facilitate the backup of the files. For instance, in some embodiments, different types of files may be backed up two different locations or systems within the secondary storage subsystem 118. In such embodiments, the scan result may include a type of each of the files. In some embodiments, the scan results may be received in a distributed manner from a plurality of scanning threads 406. For example, each of the scanning threads 406 may separately provide, or cause to be provided, the scan result or portion of the scan result )
Claim 12 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Yun in view of Amit ,Jordan, Syed and US 20060143476 A1; McGovern; William P. (hereinafter McGovern). 
 Regarding claim 12, the combination of Yun, Jordan, Syed, McGovern and Amit teach the method of claim 9, wherein the secure deletion action				But lack explicitly teaching the secure deletion action is a multi-pass random overwrite process.											McGovern helps teach wherein the secure deletion action is a multi-pass random overwrite process. (McGovern [0006] Several different "patterns" have been developed to perform media overwrite sanitization. A pattern is the sequence of bits (ones and zeros) that is written to the drive in order to prevent recovery of deleted data. The " Guttman" pattern is an example of a pattern used by many hard drive sanitization applications. Using a multiple pass overwrite, different patterns may be used for each pass. For example, the first pass may use a particular pattern, where the second pass may use the pattern's complement, and the third pass may use random data. [0039] In operation 608, the first encryption key is deleted, and the blocks 504c-504e representing the file are marked as available, so that they may be overwritten. The first encryption key is deleted by overwriting the key in the cryptographic key database. The first encryption key may be overwritten using any one of several known techniques, including using any one of the well-known patterns (such as a " Guttman" pattern), writing zeroes over the key ("zeroing" the key), etc. According to one embodiment, the first encryption key may be overwritten only once, since the data that comprises an encryption key must be completely intact to be useful. Therefore, more robust sanitization techniques may not be necessary. Further, the cryptographic key database is encrypted using the master key 316 (see FIG. 3). The master key 316 is physically located within the system 300 of FIG. 3, and therefore a user or client must have access to the system 300 to gain access to the first encryption key. If a malicious user only has access to the disk 500 (see FIG. 5), the user will be unable to decrypt the cryptographic key database, and therefore will be unable to obtain the first encryption key. Once the first encryption key is discarded, the file `A` has been sanitized, even though the blocks 504c-504e may not have been overwritten, since the data stored in the disk region 502a is unreadable without the first encryption key. )							Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to take all Yun's methods and make the addition of McGovern in order to create a strong method of preventing data recovery after deletion (McGovern [0006] Several different "patterns" have been developed to perform media overwrite sanitization. A pattern is the sequence of bits (ones and zeros) that is written to the drive in order to prevent recovery of deleted data. The "Guttman" pattern is an example of a pattern used by many hard drive sanitization applications. Using a multiple pass overwrite, different patterns may be used for each pass. For example, the first pass may use a particular pattern, where the second pass may use the pattern's complement, and the third pass may use random data.  [0009] A shortcoming of known sanitization techniques and system 100 is that they sanitize only at a disk-wide level of granularity. When a hard drive or other storage device is being retired or removed from use, the entire device (e.g., the entire disk drive) is sanitized to protect the data.)					
Regarding claim 14, the combination of Yun, Jordan, Syed and Amit teach The method of claim 9, wherein the secure deletion action						the combination lack explicitly teaching wherein the secure deletion action is a Guttman algorithm											However McGovern helps teach wherein the secure deletion action is a Guttman algorithm (McGovern [0006] Several different "patterns" have been developed to perform media overwrite sanitization. A pattern is the sequence of bits (ones and zeros) that is written to the drive in order to prevent recovery of deleted data. The " Guttman" pattern is an example of a pattern used by many hard drive sanitization applications. Using a multiple pass overwrite, different patterns may be used for each pass. For example, the first pass may use a particular pattern, where the second pass may use the pattern's complement, and the third pass may use random data. [0039] In operation 608, the first encryption key is deleted, and the blocks 504c-504e representing the file are marked as available, so that they may be overwritten. The first encryption key is deleted by overwriting the key in the cryptographic key database. The first encryption key may be overwritten using any one of several known techniques, including using any one of the well-known patterns (such as a " Guttman" pattern), writing zeroes over the key ("zeroing" the key), etc. According to one embodiment, the first encryption key may be overwritten only once, since the data that comprises an encryption key must be completely intact to be useful. Therefore, more robust sanitization techniques may not be necessary. Further, the cryptographic key database is encrypted using the master key 316 (see FIG. 3). The master key 316 is physically located within the system 300 of FIG. 3, and therefore a user or client must have access to the system 300 to gain access to the first encryption key. If a malicious user only has access to the disk 500 (see FIG. 5), the user will be unable to decrypt the cryptographic key database, and therefore will be unable to obtain the first encryption key. Once the first encryption key is discarded, the file `A` has been sanitized, even though the blocks 504c-504e may not have been overwritten, since the data stored in the disk region 502a is unreadable without the first encryption key. )							 Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to take all Yun's methods and make the addition of McGovern in order to create a strong method of preventing data recovery after deletion (McGovern [0006] Several different "patterns" have been developed to perform media overwrite sanitization. A pattern is the sequence of bits (ones and zeros) that is written to the drive in order to prevent recovery of deleted data. The "Guttman" pattern is an example of a pattern used by many hard drive sanitization applications. Using a multiple pass overwrite, different patterns may be used for each pass. For example, the first pass may use a particular pattern, where the second pass may use the pattern's complement, and the third pass may use random data.  [0009] A shortcoming of known sanitization techniques and system 100 is that they sanitize only at a disk-wide level of granularity. When a hard drive or other storage device is being retired or removed from use, the entire device (e.g., the entire disk drive) is sanitized to protect the data.)
Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Yun in view of Amit, Yeager and Richard.
Regarding claim 13, the combination of Yun, Amit, Jorden, and Syed teaches The method of claim 9, wherein the secure deletion action						but lacks explicitly teaching wherein the secure deletion action is a DOD Standard 5250.22M algorithm										However Richard helps teach wherein the secure deletion action is a DOD Standard 5250.22M algorithm (Richard [page 1]The DoD 5220.22-M method for data erasure first appeared in the early days of the data sanitization industry. When it was published by the U.S. Department of Defense (DoD) in the National Industrial Security Program Operating Manual (also known as“NISPOM,” or Department of Defense document #5220.22-M), it specified a process of overwriting hard disk drives (HDDs) with patterns of ones and zeros. The process required three secure overwriting passes and verification at the end of the final pass.This was in 1995, before the debut of smartphones and the widespread use of flash-based storage technologies.[page 2] Erasing an HDD using the DoD 5220.22-M (https://www.dss.mil/ma/ctp/io/fcb/nisp/) data sanitization method will prevent all software-based file recovery methods, as well as hardware-based recovery methods, from recovering meaningful data from the drive)						Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to take all Yun's methods and make the addition of Stiennon in order to create a stronger method of preventing data recovery after deletion and henceforth improve data protection.
Response to Arguments
Applicant's arguments filed 7/14/2022 have been fully considered
35 USC § 102 & 35 USC § 103: 
Regarding Applicant’s Argument (page(s): 6-8): Examiner’s response:- Applicant’s arguments, filed 7/14/2022, with respect to the rejection(s) of under 35 USC § 102/103  have been fully considered and are persuasive. Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of  US 20080222216 A1 Jorden; Michael Philip et al. and  US 20170214701 A1 HASAN; SYED KAMRAN. T. The new claims are also rejected on a new ground(s) of rejection is made in view of US 20080222216 A1 Jorden; Michael Philip et al. and US 20170214701 A1 HASAN; SYED KAMRAN. The current scope of the claim is not interpreted by the examiner as the applicant argues it should be viewed in the arguments, the examiner believes the applicant is assuming and placing too much weight from instant applications specification. The examiner believes these limitations assumed from the specification are not clear and must be brought into the claim’s limitations for the claim to gain the scope the applicant wishes it to have. For example, "hidden files" and "not readily obvious" stated in the independent claims are very broad and the examiner in light of BRI has not place too much weight on these terms. The examiner recommends further elaborating those and bringing in any details that further shows what "hidden" and "not readily obvious/available" really entail. The examiner believes details as described above can help the applicant overcome the current prior arts.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ARYAN D TOUGHIRY whose telephone number is (571)272-5212. The examiner can normally be reached Monday - Friday, 9 am - 5 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Aleksandr Kerzhner can be reached on (571) 270-1760. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ARYAN D TOUGHIRY/Examiner, Art Unit 2165   

/William B Partridge/Primary Examiner, Art Unit 2183