DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Regarding claims rejected under 35 USC 103:
Applicant’s arguments have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of Biddle (US 2008/0141040 A1) and Jueneman (US 2008/0263363 A1).

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-20 rejected on the ground of nonstatutory double patenting as being unpatentable over 1, 13, and 18 of U.S. Patent No. 9,882,888 B2 in view of Auradukar and Shankaranarayanan. The claims of the patent lack disclosure of “separately,” but at least FIG. 23 and [0218] of Auradakar disclose such. Therefore, it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of the patent to include support for separate encryption because the substitution of one known element for another would have yielded predictable results to one of ordinary skill in the art at the time of the invention. The claims further lack disclosure of “receiving authorization permission to authorize a restore request from one or more authorized sources” and “in response to receiving the authorization permission.” However, at least the abstract, FIG. 4, [0007], and [0055]-[0059] of Shankaranarayanan disclose password recovery via third party user authorization. Therefore, it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of the patent to include support for authorization via additional users for at least the purpose of increasing security and reducing the chance of successful account compromise (e.g., [0062] of Shankaranarayanan).

Instant Application
US 9,882,888 B2
1. (Currently Amended) A computer implemented method, comprising: encrypting a cryptographic key with a restore key; providing metadata comprising first information associated with the cryptographic key and second information associated with the restore key; separately encrypting the metadata with the restore key to generate encrypted metadata; sending the encrypted cryptographic key and the encrypted metadata; receiving a copy of the encrypted cryptographic key and a copy of the encrypted metadata; receiving authorization permission to authorize a restore request from one or more authorized sources, the restore request including the copy of the cryptographic key as encrypted under the restore key and the copy of the metadata as encrypted under the restore key; and determining, in response to receiving the authorization permission, whether to authorize the restore request based at least in part on comparing the copy of the encrypted metadata with the encrypted metadata.
Claim 1.
A computer implemented method for managing a cryptographic key, comprising:
storing, in a data store managed by a key management service, a cryptographic key for use in encrypting data for a customer of a service provider associated with the cryptographic key, the key management service being operated in a service provider environment of the service provider, the cryptographic key associated with metadata;
receiving a suspend request to suspend storage of the cryptographic key by the key management service; generating a restore key to be associated with the customer;
encrypting the cryptographic key with the restore key and the metadata with the restore key; retaining a copy of the metadata as encrypted under the restore key;
sending, to the customer, the cryptographic key as encrypted under the restore key;
sending to the customer the metadata as encrypted under the restore key;
destroying any copy of the cryptographic key stored by the key management service;
receiving a restore request to cause to the key management service to store a copy of the cryptographic key, the restore request including a copy of the cryptographic key as encrypted under the restore key and a copy of the metadata as encrypted under the restore key; comparing the copy of the metadata as encrypted under the restore key received with the restore request with the copy of the metadata as encrypted under the restore key; and authorizing the restore request based at least in part on the comparing.
7. (Currently Amended) A computing system, comprising: at least one processor; and memory including instructions that, when executed by the at least one processor, cause the computing system to: encrypt a cryptographic key with a restore key; provide metadata comprising first information associated with the cryptographic key and second information associated with the restore key; Page 3 of 18 \\NORTHCA - 020346/043803 - 3710606 v1Appl. No. 15/878,957separately encrypt the metadata with the restore key to generate encrypted metadata; send the encrypted cryptographic key and the encrypted metadata; receive a copy of the encrypted cryptographic key and a copy of the encrypted metadata; receiving authorization permission to authorize a restore request from one or more authorized sources, the restore request including the copy of the cryptographic key as encrypted under the restore key and the copy of the metadata as encrypted under the restore key; and determine, in response to receiving the authorization permission, whether to authorize the restore request based at least in part on comparing the copy of the encrypted metadata with the encrypted metadata.
Claim 13.
A computing system, comprising:
at least one processor; and
memory including instructions that, when executed by the at least one processor, cause the computing system to: store, on behalf of a customer, a local copy of a secret usable by a key management service; receive a request to suspend storage of the local copy of the secret, the local copy of the secret associated with metadata; encrypt the local copy of the secret with information usable to obtain the local copy of the secret and the metadata with the information; provide the customer with the local copy of the secret encrypted with the information; provide the customer with the metadata encrypted with the information; destroy the local copy of the secret; receive a restore request to store a copy of the secret, the restore request including the local copy of the secret as encrypted under the information and a copy of the metadata as encrypted under the information; compare the metadata as encrypted under the information received with the restore request with the metadata as encrypted under the information; and decrypt the copy of the secret encrypted under the information using the information.
14. (Currently Amended) A non-transitory computer-readable storage medium including instructions that, when executed by at least one processor of a computing device, cause the computing device to: encrypt a cryptographic key with a restore key; provide metadata comprising first information associated with the cryptographic key and second information associated with the restore key; separately encrypt the metadata with the restore key to generate encrypted metadata; send the encrypted cryptographic key and the encrypted metadata; receive a copy of the encrypted cryptographic key and a copy of the encrypted metadata; receiving authorization permission to authorize a restore request from one or more authorized sources, the restore request including the copy of the cryptographic key as encrypted under the restore key and the copy of the metadata as encrypted under the restore key; and determine, in response to receiving the authorization permission, whether to authorize the restore request based at least in part on comparing the copy of the encrypted metadata with the encrypted metadata.
Claim 18.
A non-transitory computer readable storage medium storing one or more sequences of instructions executable by one or more processors to perform a set of operations comprising: storing, on behalf of a customer, a local copy of a secret; receiving a request at a key management service to suspend storage of the local copy of the secret, the secret associated with metadata; encrypting the local copy of the secret with a restore key and the metadata with a restore key; providing the customer with the restore key encrypted with the restore key; providing the customer with the metadata encrypted with the restore key; destroying the restore key; receiving a restore request to store a copy of the secret, the restore request including a copy of the restore key encrypted with the restore key and the metadata encrypted with the restore key; comparing the metadata as encrypted under the restore key received with the restore request with the metadata as encrypted under the restore key; and decrypting the copy of the secret encrypted under the restore key using the restore key based at least in part on the comparing.


Claims 1-20 rejected on the ground of nonstatutory double patenting as being unpatentable over 1, 4, and 14, and 19 of U.S. Patent No. 9,071,429 B1 in view of Auradukar and Shankaranarayanan. The claims of the patent lack disclosure of “separately,” but at least FIG. 23 and [0218] of Auradakar disclose such. Therefore, it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of the patent to include support for separate encryption because the substitution of one known element for another would have yielded predictable results to one of ordinary skill in the art at the time of the invention. The claims further lack disclosure of “receiving authorization permission to authorize a restore request from one or more authorized sources” and “in response to receiving the authorization permission.” However, at least the abstract, FIG. 4, [0007], and [0055]-[0059] of Shankaranarayanan disclose password recovery via third party user authorization. Therefore, it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of the patent to include support for authorization via additional users for at least the purpose of increasing security and reducing the chance of successful account compromise (e.g., [0062] of Shankaranarayanan).

Instant Application
US 9,071,429 B1
1. (Currently Amended) A computer implemented method, comprising: encrypting a cryptographic key with a restore key; providing metadata comprising first information associated with the cryptographic key and second information associated with the restore key; separately encrypting the metadata with the restore key to generate encrypted metadata; sending the encrypted cryptographic key and the encrypted metadata; receiving a copy of the encrypted cryptographic key and a copy of the encrypted metadata; receiving authorization permission to authorize a restore request from one or more authorized sources; and determining, in response to receiving the authorization permission, whether to authorize the restore request based at least in part on comparing the copy of the encrypted metadata with the encrypted metadata.
Claim 1.
A computer implemented method for managing a cryptographic key, comprising: storing, in a data store managed by a key management service, a cryptographic key for use in encrypting data for a customer of a service provider associated with the cryptographic key, the key management service being operated in a service provider environment of the service provider; receiving a suspend request to suspend storage of the cryptographic key by the key management service; generating a restore key to be associated with the customer; encrypting the cryptographic key with the restore key; encrypting at least a portion of metadata associated with the cryptographic key under the restore key to generate encrypted metadata, the at least a portion of metadata being associated with the restore key; updating the at least a portion of metadata with audit information and retaining a copy of the encrypted metadata at the key management service; sending, to the customer, the cryptographic key as encrypted under the restore key; destroying any copy of the cryptographic key stored by the key management service; receiving a restore request to cause to the key management service to store a copy of the cryptographic key, the restore request including a copy of the cryptographic key as encrypted under the restore key; comparing at least a copy of metadata received with the restore request with the copy of the encrypted metadata at the key management service; authorizing the restore request based at least in part on the comparing; and decrypting the copy of the cryptographic key as encrypted under the restore key using the restore key and storing the copy of the cryptographic key and a copy of the encrypted metadata in the key management service on behalf of the customer.
7. (Currently Amended) A computing system, comprising: at least one processor; and memory including instructions that, when executed by the at least one processor, cause the computing system to: encrypt a cryptographic key with a restore key; provide metadata comprising first information associated with the cryptographic key and second information associated with the restore key; Page 3 of 18 \\NORTHCA - 020346/043803 - 3710606 v1Appl. No. 15/878,957separately encrypt the metadata with the restore key to generate encrypted metadata; send the encrypted cryptographic key and the encrypted metadata; receive a copy of the encrypted cryptographic key and a copy of the encrypted metadata; receiving authorization permission to authorize a restore request from one or more authorized sources; and determine, in response to receiving the authorization permission, whether to authorize the restore request based at least in part on comparing the copy of the encrypted metadata with the encrypted metadata.
Claim 14.
A computing system, comprising:
at least one processor; and memory including instructions that, when executed by the at least one processor, cause the computing system to: store, on behalf of a customer, a local copy of a secret usable by a key management service; receive a request at the key management service to suspend storage of the local copy of the secret; encrypt the local copy of the secret with information usable to obtain the local copy of the secret; encrypt at least a portion of metadata associated with the secret under the information to generate encrypted metadata, the at least a portion of metadata being associated with the information;
update the at least a portion of metadata with audit information and retain a copy of the encrypted metadata at the key management service; provide the customer with one of the encrypted secret or the information usable to reconstruct the local copy of the secret; destroy at least one copy of the local copy of the secret; in response to store a copy of the secret, the restore request including a copy of the secret encrypted under the information, comparing a copy of metadata received with the restore request with the copy of the encrypted metadata; authorizing the restore request based at least in part on the comparing; and decrypting the copy of the secret key as encrypted under the secret using the restore key.

14. (Currently Amended) A non-transitory computer-readable storage medium including instructions that, when executed by at least one processor of a computing device, cause the computing device to: encrypt a cryptographic key with a restore key; provide metadata comprising first information associated with the cryptographic key and second information associated with the restore key; separately encrypt the metadata with the restore key to generate encrypted metadata; send the encrypted cryptographic key and the encrypted metadata; receive a copy of the encrypted cryptographic key and a copy of the encrypted metadata; receiving authorization permission to authorize a restore request from one or more authorized sources; and determine, in response to receiving the authorization permission, whether to authorize the restore request based at least in part on comparing the copy of the encrypted metadata with the encrypted metadata.
Claim 18.
A non-transitory computer readable storage medium storing one or more sequences of instructions executable by one or more processors to perform a set of operations comprising: storing, on behalf of a customer, a local copy of a secret; receiving a request at a key management service to suspend storage of the local copy of the secret; encrypting the local copy of the secret with a restore key; encrypting at least a portion of metadata associated with the secret under the restore key to generate encrypted metadata, the at least a portion of metadata being associated with the restore key; updating the at least a portion of metadata with audit information and retaining a copy of the encrypted metadata at the key management service;
providing the customer with the restore key;
destroying at least one copy of the local copy of the secret; in response to a request to store a copy of the secret, the restore request including a copy of the secret encrypted under the restore key, comparing a copy of metadata received with the restore request with the copy of the encrypted metadata; authorizing the restore request based at least in part on the comparing; and decrypting the copy of the secret key as encrypted under the secret using the restore key.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1-2, 4-5, 7-8, and 13-15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Biddle (US 2008/0141040 A1) in view of Jueneman (US 2008/0263363 A1).

Regarding claim 1, Biddle discloses: A computer implemented method, comprising: 
encrypting a cryptographic key with a restore key;
Refer to at least FIG. 2 of Biddle with respect to an exemplary decryption key 220 protected by, e.g., encryption with a recovery key 250. 
providing metadata comprising first information associated with the cryptographic key and second information associated with the restore key; 
Refer to at least [0041], [0044] and [0056] of Biddle with respect to access information for the decryption key. The access information is interpreted to be a form of the claimed metadata.
sending the encrypted cryptographic key and the metadata; 
Refer to at least [0056] of Biddle with respect to sending “the protected decryption key and corresponding information needed to access the decryption key via the protected decryption key” to off-site storage.
receiving a copy of the encrypted cryptographic key and a copy of the metadata; 
Refer to at least [0052] of Biddle with respect to returning the protected decrypted key from off-site storage. Further refer to at least [0025] of Biddle, wherein “the information required to access at least one protected decryption key is likewise provided.”
receiving authorization permission to authorize a restore request from one or more authorized sources, the restore request including the copy of the cryptographic key as encrypted under the restore key [and the metadata]; and 
determining, in response to receiving the authorization permission, whether to authorize the restore request based at least in part on comparing the copy of the metadata with the metadata.
Refer to at least [0024] and [0050] of Biddle with respect to authorization. 
Refer to at least [0008], [0039], and [0061]-[0062] of Biddle with respect to allowing restoration of the decryption key via use of the access information; the provided access information being correct. 
Biddle does not disclose: separately encrypting the metadata with the restore key to generate encrypted metadata; the metadata further being encrypted metadata; the restore request including the copy of the metadata as encrypted under the restore key. However, Biddle in view of Jueneman discloses: separately encrypting the metadata with the restore key to generate encrypted metadata; the metadata further being encrypted metadata; the restore request including the copy of the metadata as encrypted under the restore key. 
Refer to at least [0017], [0020], [0041], and [0082] of Jueneman with respect to metadata being encrypted with the same key as its corresponding data. The metadata may be separately encrypted. 
Refer to at least [0164] of Jueneman with respect to verifying the metadata.
The teachings of both Biddle and Jueneman concern file encryption and recovery, and are considered to be within the same field of endeavor and combinable as such. 
Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Biddle to further separately encrypt access information for at least the purpose of increasing security by reducing the cleartext information available for use by an adversary.

Regarding claim 2, Biddle-Jueneman discloses: The computer implemented method of claim 1, further comprising: storing, in a data store managed by a key management service, the cryptographic key for use in encrypting data for a customer of a service provider associated with the cryptographic key, the key management service being operated in a service provider environment of the service provider, the cryptographic key associated with the metadata.
Refer to at least FIG. 1 of Biddle with respect to branch offices, central/web servers, and associated storages.
Refer to at least [0044] of Biddle with respect to the off-site storage being any storage associated with elements of FIG. 1.

Regarding claim 4, Biddle-Jueneman discloses: The computer implemented method of claim 1, further comprising: receiving a suspend request to suspend storage of the cryptographic key; generating the restore key; retaining a copy of the encrypted metadata; and destroying any copy of the cryptographic key.
Refer to at least [0007] and [0046] of Biddle with respect to removing decryption keys from storage during a disaster; the access information is not recited to be removed.

Regarding claim 5, it is rejected for substantially the same reasons as claims 1 and 5 above (i.e., the citations; a user recovers the decryption key encrypted with the restore key for, e.g., decrypting an encrypted volume).

Regarding independent claim 7, it is substantially similar to independent claim 1 above, and is therefore rejected for substantially the same reasons (i.e., the citations and obviousness rationale).

Regarding claim 8, it is rejected for substantially the same reasons as claim 7 above.

Regarding claim 13, it is substantially similar to claim 2 above, and is therefore likewise rejected.

Regarding independent claim 14, it is substantially similar to independent claim 1 above, and is therefore rejected for substantially the same reasons (i.e., the citations and obviousness rationale).

Regarding claim 15, it is substantially similar to claim 8 above, and is therefore likewise rejected.

Claim 3, 6, and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Biddle-Jueneman  as applied to claims 1-2, 4-5, 7-8, and 13-15 above, and further in view of Kohno (US 9,489,523 B2).

Regarding claim 3, Biddle-Jueneman  does not fully disclose all elements of: updating the metadata with audit information indicating at least one of a customer initiating a suspend request or a time of initiating the suspend request. However, Biddle-Jueneman  in view of Kohno discloses: updating the metadata with audit information indicating at least one of a customer initiating a suspend request or a time of initiating the suspend request.
Refer to at least Col. 2, Ll. 15-44, Col. 7, Ll. 50-Col. 8, Ll. 13, and Col. 9, ll. 6-16 of Kohno with respect to updating audit data per every user request.
The teachings of Biddle-Jueneman and Kohno concern key storage, management, and encryption. Accordingly, they are considered to be combinable as such.
Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Biddle-Jueneman to include support for suspend requests and auditing information for at least the purposes outlined in Col. 5, Ll. 38-50 of Kohno (i.e., providing strong audit security). 

Regarding claim 6, Biddle-Jueneman  does not fully disclose all elements of: sending the encrypted cryptographic key to a first customer; and sending the encrypted metadata to a second customer. However, Biddle-Jueneman  in view of Kohno discloses: sending the encrypted cryptographic key to a first customer; and sending the encrypted metadata to a second customer.
Refer to at least FIG. 4 and Col. 15, Ll. 22-30 of Kohno with respect to key requests from a first device and auditing data being associated with its paired device. 
The teachings of Biddle-Jueneman  and Kohno concern key storage, management, and encryption. Accordingly, they are considered to be combinable as such.
Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Biddle-Jueneman  to include support for paired devices for at least the purposes outlined in at least Col. 12, Ll. 44-Col. 13, Ll. 20 of Kohno (i.e., improved auditing protection).

Regarding claim 20, it is substantially similar to claim 3 above, and is therefore likewise rejected.

Claim 9 and 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Biddle-Jueneman  as applied to claims 1-2, 4-5, 7-8, and 13-15 above, and further in view of Official Notice.

Regarding claim 9, Biddle-Jueneman  does not fully disclose all elements of: decrypt the copy of the encrypted cryptographic key using the restore key at an expiration of a predetermined period of time. However, the examiner hereby takes Official Notice that it was common knowledge in the art before the filing date of Applicant’s invention to enable a wait period for various commands and/or functions. Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Biddle-Jueneman  to include support for enabling a wait period to perform decryption because all of the claimed elements were known in the prior art and one skilled in the art could have combined the elements as claimed by known methods with no change in their respective functions, and the combination would have yielded predictable results to one of ordinary skill in the art at the time of the invention.

Regarding claim 16, it is substantially similar to claim 9 above, and is therefore likewise rejected.

Claim 10 and 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Biddle-Jueneman  as applied to claims 1-2, 4-5, 7-8, and 13-15 above, and further in view of Al-Salqan (US 6,549,626 B1).

Regarding claim 10, Biddle-Jueneman  does not fully disclose all elements of: flag the encrypted cryptographic key as pending deletion; and destroy any copy of the cryptographic key when an acknowledgment of receipt of the encrypted cryptographic key is received; or provide a copy of the encrypted cryptographic key when a determined amount of time passes before the acknowledgment of receipt is received. However, Biddle-Jueneman  in view of Al-Salqan discloses: flag the encrypted cryptographic key as pending deletion; and destroy any copy of the cryptographic key when an acknowledgment of receipt of the encrypted cryptographic key is received; or provide a copy of the encrypted cryptographic key when a determined amount of time passes before the acknowledgment of receipt is received.
Refer to at least Col. 4-5, LI. 62-9 of Al-Salqan with respect to deletion of a key recovery file from key recovery file storage after its provision, 
Col. 7, LI. 1 -10 of Al-Salqan are also believed to be applicable.
The teachings of Biddle-Jueneman -lngalls are combinable with the teachings of Al-Salqan at least because they concern secure storage of keys, key recovery operations.
Therefore it would have been obvious to one of ordinary skill in the art at the time of Applicant's invention to modify the teachings of Biddle-Jueneman  with the teachings of Al-Salqan such that any copy of the secret is deleted only after its provision for at least the purpose of making sure the keys aren’t accidentally lost due to connectivity issues.

Regarding claim 17, it is substantially similar to claim 10 above, and is therefore likewise rejected.

Claim 11 and 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Biddle-Jueneman  as applied to claims 1-2, 4-5, 7-8, and 13-15 above, and further in view of Lee (US 8,565,422 B2).

Regarding claim 11, Biddle-Jueneman  does not fully disclose all elements of: encrypt the restore key using a second restore key at an expiration of an interval of time; and send a copy of the restore key encrypted under the second restore key; or receive the copy of the encrypted cryptographic key, decrypt the encrypted cryptographic key, and encrypt the cryptographic key using the second restore key. However, Biddle-Jueneman  in view of Lee discloses: encrypt the restore key using a second restore key at an expiration of an interval of time; and send a copy of the restore key encrypted under the second restore key; or receive the copy of the encrypted cryptographic key, decrypt the encrypted cryptographic key, and encrypt the cryptographic key using the second restore key.
Refer to at least Col. 9, Ll. 46-Col. 10, Ll.18 of Lee with respect to key rotation for a key storage and management device.
The teachings of Biddle-Jueneman  are combinable with the teachings Lee at least because they concern secure storage of keys, key recovery operations.
Therefore it would have been obvious to one of ordinary skill in the art at the time of Applicant's invention to modify the teachings of Biddle-Jueneman  with the teachings of Lee to include support for key rotation for at least the purpose of increasing security (i.e., the increased security from key freshness; reduced risk of total compromise).

Regarding claim 18, it is substantially similar to claim 11 above, and is therefore likewise rejected.

Allowable Subject Matter
Claims 12 and 19 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to VADIM SAVENKOV whose telephone number is (571)270-5751. The examiner can normally be reached 12PM-8PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey L Nickerson can be reached on (469) 295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Jeffrey Nickerson/Supervisory Patent Examiner, Art Unit 2432                                                                                                                                                                                                        




/V.S/Examiner, Art Unit 2432