DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant’s arguments, see Remarks, filed 06/21/2022, with respect to the rejection(s) of independent claims 1, 13 and 20 under 35 USC § 103 have been fully considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
      Information Disclosure Statement
The information disclosure statement(s) (IDS) submitted on 04/14/2022 and 06/06/2022 were filed before the mailing date of this office action.  The submissions are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statements are being considered by the examiner.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 6-8, 11-15 and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over US-PGPUB No. US 2020/0125772 A1 to Volos et al (hereinafter Volos), US-PGPUB No. 2020/0160947 A1 to Rasovsky et al. (hereinafter “Rasovsky”), and further in view of US-PGPUB No. US 2020/0145409 A1 to Pochuev et al. (hereinafter Pochuev)
Regarding claim 1: 
Volos discloses:
A system for data protection, the system comprising: 
a first computing device (¶31: “… a second trusted computing entity 112 …”, see also Fig. 1, Second Trusted Entity 112) comprising a security module (Fig. 1: “security module 120”, ¶33: “A security module 120 of the second trusted computing entity 112 controls processes to create the trusted execution environment”); 
and a storage device (Fig 1, Memory 116, ¶33: “… a memory 116 …”) coupled to the first computing device (¶42: “The second trusted computing entity 112 has a memory 116 …”), wherein the security module comprises a Root of Trust (RoT) (¶33: “A security module 120 of the second trusted computing entity 112 controls processes to create the trusted execution environment”), wherein the security module is configured to: 
	Adjust the data access policies based on real-time risk scores (¶58: “Policies govern the release of secrets. Policies use criteria such as attributes in a quote (such as measurements of the state of the second trusted computing device). The attestation service checks the policies against the quotes.”);
monitor communication of the first computing device and the storage device (¶29: “A security module at the second trusted entity operates in an unconventional manner to achieve dynamic creation of a trusted execution environment at the second trusted entity. The security module operates in an unconventional manner to achieve secure and efficient communication between its trusted execution environment and a trusted first entity …”, ¶30: “The security module at the second trusted entity improves the functioning of the underlying peripheral device by creating a trusted execution environment at the peripheral device.”, see also Fig. 1, Memory 116 (storage) is within the execution environment);
take over control of the storage device in response to detection of a security risk to the system (¶66-67: “If the security module … receives a command from a tenant to create a TEE it switches into a secure mode … the security module …  disables read/write access to SRAM … the security module … puts the memory of the peripheral device into a known state, such as by resetting the peripheral device and resetting the memory of the peripheral device by writing zeros.”)
However, Volos does not disclose the following limitation taught by Rasovsky:
establish a trust channel between the first computing device and the storage device, the trust channel based on a permissioned blockchain defining allowable actions by the first computing device (Rasovsk, ¶58: “…  permissioned blockchain may be implemented by establishing access control procedures with respect to the blockchain nodes, such that only authenticated and authorized nodes would be able to receive the new block broadcasts and/or access blockchain records …”);  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention, to modify the teachings of Volos to incorporate the functionality of the systems and methods to implement permissioned blockchain by establishing access control procedures, as disclosed by Rasovsky, such modification would allow the system to implement  distributed access control with respect to public keys of the blockchain participants.
The combination of Volos and Rasovsky does not explicitly disclose the following limitation taught by Pochuev:  
establish data access policies (see Fig. 3A, Trust & Policies Establishment) which define multi-dimensional data access permissions (see Pochuev ¶35: “… a cryptographic core of the IoT device 110 … can manage access to the hardware or software RoT. Instead of a user having credentials, the IoT device has attributes stored at the authentication service 104. These attributes are referred to as RoT attributes, and may include 1) Sessions keys; 2) Sequences (inputs accepted); 3) Containers (programs, code, etc.); 4) Derived keys, or any combination thereof.”, ¶36: “The authentication policy server 112 can primarily be used to map client-side policies and protocols to a set of one or more application programming interfaces (APIs) of the RoT identity server 114. The RoT identity server 114 can be responsible for storing and managing the RoT attributes for the RoT secure core in the IoT device”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention, to modify the teachings of the combination of Volos and Rasovsky to incorporate the functionality of the IoT device to use multiple attributes to authenticate and authorize users, devices and applications as disclosed by Pochuev, such modification would allow to build precise policies to govern dynamic, scalable, and centralized access to information.  
Regarding claim 2:
The combination of Volos, Rasovsky and Pochuev discloses:
The system of claim 1, wherein the security module comprises at least one of a Software- based Root of Trust (SRoT) or a Hardware Root of Trust (HRoT) (see Pochuev ¶27: “… a system for establishing a distributed trust network has a device with a hardware or software root of trust”).  
The same motivation applied to claim 1 with regards to Pochuev applies to claim 2.
Regarding claim 3:
The combination of Volos, Rasovsky and Pochuev discloses:
The system of claim 1, wherein the first computing device further comprises a third-party agent configured to communicate to one or more third-party applications, which include an insider threat detection application, a data loss prevention application, a system and/or network intrusion detection application, and/or a user behavior analysis application (Pochuev ¶35: “The authentication service 104 can authorize the use of the RoT attributes to external parties, such as the device provisioning service 106, firmware updates, group privacy identity, or the like.”, and  
¶40: “… the IoT client libraries can includes IoT client libraries provided by third-party vendors or IoT platform providers.”).  
The same motivation applied to claim 1 with regards to Pochuev applies to claim 3.
Regarding claim 6:
The combination of Volos, Rasovsky and Pochuev discloses:
The system of claim 1, the security module autonomously takes over control of the storage device in response to detection of a security risk to the system (see Volos ¶66-67: “If the security module  … receives a command from a tenant to create a TEE it switches into a secure mode … the security module … disables ... external access to sensitive memory and registers in the peripheral, and places the hardware elements of the peripheral in a known state … the security module …  disables read/write access to SRAM … the security module … puts the memory of the peripheral device into a known state, such as by resetting the peripheral device and resetting the memory of the peripheral device by writing zeros.”).   
Regarding claim 7:
The combination of Volos, Rasovsky and Pochuev discloses:
The system of claim 1, wherein the RoT prevents access to application, storage, network, and system resources on associated computing devices in response to detection of the security risk to the system (see Volos ¶66-67: “… If the security module … receives a command from a tenant to create a TEE it switches into a secure mode …  the security module … disables … external access to sensitive memory and registers in the peripheral …”). 
Regarding claim 8:
The combination of Volos, Rasovsky and Pochuev discloses:
The system of claim 2, wherein the HRoT and SRoT work together to monitor user, system, application, storage media, and network access behaviors and activities of the system (see Pochuev ¶28: “The RoT of the IoT device 110 can be a hardware RoT, a software RoT, or any combination thereof. The RoT service 102 includes an authentication and authorization policy server 112 and a RoT identity server 114 … the RoT identity server 114 may contain a database of device keys that need to be secured.”).   
The same motivation applied to claim 1 with regards to Pochuev applies to claim 8.
Regarding claim 11:
The combination of Volos, Rasovsky and Pochuev discloses:
The system of claim 1, wherein the storage device comprises one of a local data storage, external data storage, or a cloud-based storage service (see Volos ¶112: “Although the computer storage media ... is shown within the computing-based device … the storage is, in some examples, distributed or located remotely and accessed via a network or other communication link …”).  
Regarding claim 12:
The combination of Volos, Rasovsky and Pochuev discloses:
The system of claim 1, wherein the security risk comprises a suspicious or unauthorized data access from a remote device or from inside of the first computing device (see Volos ¶02: “… where peripheral devices are used additional challenges are introduced …  and often the host itself is untrusted.”, and 
¶126: “The quote enables a potentially remote entity to verify the state of the peripheral device before deciding whether to trust it.”).
Regarding claims 13-15 and 18-19: 
Claims 13-15 and 18-19 recite substantially the same limitations as claims 1-3 and 6-7, respectively, in the form of a data protection system implementing the corresponding method, therefore, they are rejected under the same rationale. 
Regarding claim 20: 
Claim 20 recites substantially the same limitations as claim 1, in the form of a data protection system computing means and storage means, therefore it is rejected under the same rationale.
Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Volos, Rasovsky, Pochuev and further in view of US-PGPUB No. US 2019/0305938 A1 to Sandberg-Maitland et al. (hereinafter Sandberg) 
Regarding claim 10:
The combination of Volos, Rasovsky and Pochuev discloses:
The system of claim 1, but does not disclose the following limitation taught by Sandberg:
wherein the RoT uses the permissioned Blockchain to log transactions, securely share secrets, establish consensus, confirm system critical operations, and extend trust in the system (Sandberg teaches, ¶17: “… commercial systems which require auditability and strong authentication of peers are built around permissioned blockchain systems.”, ¶20: “… an additional level of trust is needed for control and audit as the use of Distributed Ledger Technology blockchains becomes embedded within global commercial transaction applications ranging from finance to health care to trade. It is necessary to impose a permissioned mode of operation …”).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention, to modify the teachings of the combination of Volos, Rasovsky and Pochuev to incorporate the functionality of the Distributed Ledger Technology permissioned blockchains to handle global commercial transactions as disclosed by Sandberg, such modification would allow the entire system to be safe and data secure due to the fact that all information exchange and transactions are cryptographically encrypted, and thus all records will be provided with immutable signatures.
Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Volos, Rasovsky, Pochuev and further in view of US-PGPUB No. US 2019/02534417 A1 to Kim et al. (hereinafter Kim) 
Regarding claim 9:
The combination of Volos, Rasovsky and Pochuev discloses the system of claim 2, but does not explicitly disclose the following limitation taught by Kim: 
wherein the SRoT monitors the HRoT and the HRoT monitors the SRoT (see Kim ¶144: “… the hardware may use the chain of trust to authenticate the software …the software may also authenticate the hardware, resulting in mutual authentication.”
¶143: “… performing software authentication step by step from the root of trust at the hardware level where modification is impossible and integrity is guaranteed may be referred to as a chain of trust.”, and see Fig. 7). 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention, to modify the teachings of the combination of Volos, Rasovsky and Pochuev to incorporate the functionality of the system to mutually authenticate the hardware and software components as disclosed by Kim, such modification would allow sensitive information not to be easily leaked to the outside and thus can provide the highest level of security as a root of trust.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: 
Yang et al. (US-PGPUB No. 2018/0285839 A1)- disclosed a data management system for data provenance and data storage that allows multiple independent parties to securely share data, track data provenance, maintain audit logs, keep data synchronized, comply with regulations, and handle permissioning and control who can access the data.
Gollogly (US-PGPUB No. 2019/0311147-A1)- disclosed a permissioned blockchain security technology to be deployed on a plurality of nodes.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MATTHIAS HABTEGEORGIS whose telephone number is (571)272-1916. The examiner can normally be reached M-F 8am-5pm ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok B Patel can be reached on (571)272-3972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/M.H./Examiner, Art Unit 2491                                                                                                                                                                                                        
/DANIEL B POTRATZ/Primary Examiner, Art Unit 2491