DETAILED ACTION
This office action is in response to applicant’s RCE amendment filed on 06/01/2022.  Claims 1, 9,  and 16 have been amended.  Claims 1, 3-16, and 18-22 are pending and are directed towards system, method, and computer product for Automated Key and Encryption.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
1.	Applicant’s arguments filed 06/01/2022 have been fully considered.
A) Applicant’s arguments, with respect to the amended limitation of claims 1, 9, and 16, that Agarwal and Roth fails to teach “identifying an exception that indicates an expiration of the second key policy " and "in response to the second application being non-compliant and based on the exception, suppressing a second request to update the second key” (page 10-11 of the present response) have been fully considered but they are moot in view of the new grounds of 35 U.S.C. 103 rejections.
Claim Rejections - 35 USC § 103
2.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
3.	Claims 1, 3-5, 7-12, 14-16, and 18-22 are rejected under 35 U.S.C. 103 as being unpatentable over Agarwal et al. (US Pub. 2017/0004312), hereinafter Agarwal, filed on Jun. 29, 2016 in view of Edwards (US Pub. 2017/0250811) filed on Feb. 22, 2017.
Regarding claim 1, Agarwal teaches a method comprising: 
storing, by an encryption system, a first key policy in association with a first key and a second key policy in association with a second key (para 34, line 1-10 and para 47, line 1-12; data encryption service manages and stores data encryption of resources including encryption key policies specifying the encryption keys to be used in encrypting application data); 
determining a remote machine stores a first application affected by the first key policy and a second application affected by the second key policy, the first application utilizing the first key to encrypt first data, and the second application utilizing the second key to encrypt second data (Fig. 1 and para 47, line 1-12 and para 51, line 1-10; application hosting systems 110 may be a computing device such as a laptop or wearable computer and includes cryptographic policies that specify a particular cryptographic algorithm or key to secure portions of the application for multiple applications); 
determining the first key of the first application is non-compliant with the first key policy (para 131, line 1-23; data encryption service determine that an encryption key is not renewed and/or updated appropriately using the encryption key policies applicable to each application); 
in response to the determining that the first key of the first application is non-compliant with the first key policy, sending a request to deploy a third key (para 131, line 1-23 and para 150, line 1-14; data encryption service includes a monitoring and alert service that sends a request to issue a renewed encryption key for the encryption key not renewed or updated appropriately);
determining that the second key of the second application is non-compliant with the second key policy (para 131, line 1-23; data encryption service determine that an encryption key is not renewed and/or updated appropriately using the encryption key policies applicable to each application); 
Agarwal does not teach identifying an exception that indicates an expiration of the second key policy;
Edwards teaches identifying an exception that indicates an expiration of the second key policy (para 5, line 1-25 and para 238, line 1-13; temporarily allow exceptions to an existing policy during evaluation of encryption key by replacing the existing policy with a separate ephemeral policy based on a priority or precedence of each policy);  
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Agarwal to incorporate the teachings of Edwards to provide temporarily allow exceptions to an existing policy during evaluation of encryption key by replacing the existing policy with a separate ephemeral policy based on a priority or precedence of each policy.  Doing so would allow for encryption key management with policies defined and evaluated within hierarchical structures, groups, clients, and users, as recognized by Edwards.
Agarwal teaches in response to the second application being non-compliant (para 131, line 1-23; data encryption service determine that an encryption key is not renewed and/or updated appropriately using the encryption key policies applicable to each application)
Agarwal does not teach based on the exception, suppressing a second request to update the second key; and
Edwards teaches based on the exception, suppressing a second request to update the second key (para 5, line 1-25 and para 228, line 1-15; temporarily allow exceptions to an existing policy during evaluation of encryption key by replacing the existing policy with a separate ephemeral policy, where the key may be allowed for use instead of denied which would result in a new key generation); and
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Agarwal to incorporate the teachings of Edwards to provide temporarily allow exceptions to an existing policy during evaluation of encryption key by replacing the existing policy with a separate ephemeral policy, where the key may be allowed for use instead of denied which would result in a new key generation.  Doing so would allow for encryption key management with policies defined and evaluated within hierarchical structures, groups, clients, and users, as recognized by Edwards.
Agarwal teaches receiving a first response at the encryption system, the first response including a result of the request to deploy the third key (para 142, line 1-12 and 144, line 1-19; the monitoring and alert service of the data encryption service provides the key updates and stores the identified encryption key for use with the application in the encryption object metadata extraction engine 1738).
Agarwal does not teach the first response including a suppression of the second request
Edwards teaches the first response including a suppression of the second request (para 5, line 1-25 and para 228, line 1-15; temporarily allow exceptions to an existing policy during evaluation of encryption key by replacing the existing policy with a separate ephemeral policy, where the key may be allowed for use instead of denied which would result in a new key generation); and
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Agarwal to incorporate the teachings of Edwards to provide temporarily allow exceptions to an existing policy during evaluation of encryption key by replacing the existing policy with a separate ephemeral policy, where the key may be allowed for use instead of denied which would result in a new key generation.  Doing so would allow for encryption key management with policies defined and evaluated within hierarchical structures, groups, clients, and users, as recognized by Edwards.
Regarding claim 3, Agarwal and Edwards teach method of claim 1.
Agarwal teaches receiving a change to an attribute of a key defined by the first key policy (para 161, line 1-12; generate a set of rules, specifying a set of conditions for the encryption key policies applicable to an application, to be applied to an identified attribute); 
determining the remote machine that stores the first application affected by the first key policy, in response to the change to the attribute of the key defined by the first key policy (para 51, line 1-10 and para 161, line 1-12; generate a set of rules, specifying a set of conditions for the encryption key policies applicable to an application of a computing device, to be applied to an identified attribute); and 29WO 2019/232692PCT/CN2018/089928 
updating the first key utilized by the first application based on the change to the attribute of the key defined by the first key policy (para 155, line 1-11 and para 161, line 1-12; updating an encryption key based on the generated a set of rules, specifying a set of conditions for the encryption key policies applicable to an application, to be applied to an identified attribute).
Regarding claim 4, Agarwal and Edwards teach method of claim 3.
Agarwal teaches the attribute of the key is any one of: key length, symmetry or asymmetry of the key, or an algorithm to generate the key (para 144, line 1-17; encryption key may have multiple attributes, such as size of the encryption key).
Regarding claim 5, Agarwal and Edwards teach method of claim 1.
Agarwal teaches in response to the determining that the first key of the first application is non-compliant with the first key policy (para 131, line 1-23 and para 150, line 1-14; data encryption service includes a monitoring and alert service that sends a request to issue a renewed encryption key for the encryption key not renewed or updated appropriately): 
generating the third key at the encryption system (para 142, line 1-12 and 144, line 1-19; the monitoring and alert service of the data encryption service performs and provides the key updates); and 
deploying the third key to the remote machine (para 51, line 1-10 and para 142, line 1-12 and 144, line 1-19; the monitoring and alert service of the data encryption service provides the key updates to application hosting systems 110, which may be a computing device such as a laptop or wearable computer).
Regarding claim 7, Agarwal and Edwards teach method of claim 1.
Agarwal teaches the determining the first key of the first application is non-compliant with the first key policy includes: detecting an expiration event associated with the first key (para 131, line 1-23; data encryption service determine that an encryption key is not periodically renewed and/or updated appropriately using the encryption key policies applicable to each application).
Regarding claim 8, Agarwal and Edwards teach method of claim 1.
Agarwal teaches the expiration event includes an expiration of a temporal period associated with the first key (para 131, line 1-23; data encryption service determine that an encryption key is not periodically renewed and/or updated appropriately by monitoring the encryption key lifecycle).
Regarding claim 9, Agarwal teaches a system comprising: 
one or more processors (para 43, line 14-17; a processor); and 
a non-transitory memory storing instructions that configure the one or more processors to perform operations (para 43, line 14-17; non-transitory computer-readable medium may store instructions executed by a processor) comprising: 
storing, by an encryption system, a first key policy in association with a first key and a second key policy in association with a second key (para 34, line 1-10 and para 47, line 1-12; data encryption service manages and stores data encryption of resources including encryption key policies specifying the encryption keys to be used in encrypting application data); 
identifying first data stored on a remote machine encrypted by the first key; 30WO 2019/232692PCT/CN2018/089928identifying second data stored on the remote machine encrypted by the second key, the first key different than the second key (para 47, line 1-12 and para 51, line 1-10 and para 54, line 1-10; application hosting systems 110 may be a computing device such as a laptop or wearable computer and includes cryptographic policies that specify a particular cryptographic algorithm or key to secure portions of the application for multiple applications, where the encryption key may be different for certain applications); 
determining the first key is not compliant with the first key policy (para 131, line 1-23; data encryption service determine that an encryption key is not renewed and/or updated appropriately using the encryption key policies applicable to each application); 
in response to determining the first key is not compliant with the first key policy, sending a request to deploy a third key (para 131, line 1-23 and para 150, line 1-14; data encryption service includes a monitoring and alert service that sends a request to issue a renewed encryption key for the encryption key not renewed or updated appropriately); 
determining that the second key of the second application is non-compliant with the second key policy (para 131, line 1-23; data encryption service determine that an encryption key is not renewed and/or updated appropriately using the encryption key policies applicable to each application);
Agarwal does not teach identifying an exception that indicates an expiration of the second key policy;
Edwards teaches identifying an exception that indicates an expiration of the second key policy (para 5, line 1-25 and para 238, line 1-13; temporarily allow exceptions to an existing policy during evaluation of encryption key by replacing the existing policy with a separate ephemeral policy based on a priority or precedence of each policy);  
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Agarwal to incorporate the teachings of Edwards to provide temporarily allow exceptions to an existing policy during evaluation of encryption key by replacing the existing policy with a separate ephemeral policy based on a priority or precedence of each policy.  Doing so would allow for encryption key management with policies defined and evaluated within hierarchical structures, groups, clients, and users, as recognized by Edwards.
Agarwal teaches in response to the second application being non-compliant (para 131, line 1-23; data encryption service determine that an encryption key is not renewed and/or updated appropriately using the encryption key policies applicable to each application)
Agarwal does not teach based on the exception, suppressing a second request to update the second key; and
Edwards teaches based on the exception, suppressing a second request to update the second key (para 5, line 1-25 and para 228, line 1-15; temporarily allow exceptions to an existing policy during evaluation of encryption key by replacing the existing policy with a separate ephemeral policy, where the key may be allowed for use instead of denied which would result in a new key generation); and
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Agarwal to incorporate the teachings of Edwards to provide temporarily allow exceptions to an existing policy during evaluation of encryption key by replacing the existing policy with a separate ephemeral policy, where the key may be allowed for use instead of denied which would result in a new key generation.  Doing so would allow for encryption key management with policies defined and evaluated within hierarchical structures, groups, clients, and users, as recognized by Edwards.
Agarwal teaches receiving a first response at the encryption system, the first response including a result of the request to deploy the third key (para 142, line 1-12 and 144, line 1-19; the monitoring and alert service of the data encryption service provides the key updates and stores the identified encryption key for use with the application in the encryption object metadata extraction engine 1738).
Agarwal does not teach the first response including a suppression of the second request
Edwards teaches the first response including a suppression of the second request (para 5, line 1-25 and para 228, line 1-15; temporarily allow exceptions to an existing policy during evaluation of encryption key by replacing the existing policy with a separate ephemeral policy, where the key may be allowed for use instead of denied which would result in a new key generation); and
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Agarwal to incorporate the teachings of Edwards to provide temporarily allow exceptions to an existing policy during evaluation of encryption key by replacing the existing policy with a separate ephemeral policy, where the key may be allowed for use instead of denied which would result in a new key generation.  Doing so would allow for encryption key management with policies defined and evaluated within hierarchical structures, groups, clients, and users, as recognized by Edwards.
Regarding claim 10, Agarwal and Edwards teach system of claim 9.
Agarwal teaches receiving a change to an attribute of a key defined by the first key policy (para 161, line 1-12; generate a set of rules, specifying a set of conditions for the encryption key policies applicable to an application, to be applied to an identified attribute); 
determining the remote machine that stores a first application affected by the first key policy, in response to the change to the attribute of the key defined by the first key policy (para 51, line 1-10 and para 161, line 1-12; generate a set of rules, specifying a set of conditions for the encryption key policies applicable to an application of a computing device, to be applied to an identified attribute); and 29WO 2019/232692PCT/CN2018/089928 
updating the first key utilized by the first application based on the change to the attribute of the key defined by the first key policy (para 155, line 1-11 and para 161, line 1-12; updating an encryption key based on the generated a set of rules, specifying a set of conditions for the encryption key policies applicable to an application, to be applied to an identified attribute).
Regarding claim 11, Agarwal and Edwards teach system of claim 10.
Agarwal teaches the attribute of the key is any one of: key length, symmetry or asymmetry of the key, or an algorithm to generate the key (para 144, line 1-17; encryption key may have multiple attributes, such as size of the encryption key).
Regarding claim 12, Agarwal and Edwards teach system of claim 9.
Agarwal teaches in response to the determining that the first key of the first application is non-compliant with the first key policy (para 131, line 1-23 and para 150, line 1-14; data encryption service includes a monitoring and alert service that sends a request to issue a renewed encryption key for the encryption key not renewed or updated appropriately): 
generating the third key at the encryption system (para 142, line 1-12 and 144, line 1-19; the monitoring and alert service of the data encryption service performs and provides the key updates); and 
deploying the third key to the remote machine (para 51, line 1-10 and para 142, line 1-12 and 144, line 1-19; the monitoring and alert service of the data encryption service provides the key updates to application hosting systems 110, which may be a computing device such as a laptop or wearable computer).
Regarding claim 14, Agarwal and Edwards teach system of claim 9.
Agarwal teaches the determining the first key of the first application is non-compliant with the first key policy includes: detecting an expiration event associated with the first key (para 131, line 1-23; data encryption service determine that an encryption key is not periodically renewed and/or updated appropriately using the encryption key policies applicable to each application).
Regarding claim 15, Agarwal and Edwards teach system of claim 14.
Agarwal teaches the expiration event includes an expiration of a temporal period associated with the first key (para 131, line 1-23; data encryption service determine that an encryption key is not periodically renewed and/or updated appropriately by monitoring the encryption key lifecycle).
Regarding claim 16, Agarwal teaches a non-transitory machine-readable storage medium including instructions that, when executed by a machine, cause the machine to perform operations comprising (para 43, line 14-17; non-transitory computer-readable medium may store instructions executed by one or more processing units):
storing, by an encryption system, a first key policy in association with a first key and a second key policy in association with a second key (para 34, line 1-10 and para 47, line 1-12; data encryption service manages and stores data encryption of resources including encryption key policies specifying the encryption keys to be used in encrypting application data); 
determining a remote machine stores a first application affected by the first key policy and a second application affected by the second key policy, the first application utilizing the first key to encrypt first data, and the second application utilizing the second key to encrypt second data (Fig. 1 and para 47, line 1-12 and para 51, line 1-10; application hosting systems 110 may be a computing device such as a laptop or wearable computer and includes cryptographic policies that specify a particular cryptographic algorithm or key to secure portions of the application for multiple applications); 
determining the first key of the first application is non-compliant with the first key policy (para 131, line 1-23; data encryption service determine that an encryption key is not renewed and/or updated appropriately using the encryption key policies applicable to each application); 
in response to the determining that the first key of the first application is non-compliant with the first key policy, sending a request to deploy a third key (para 131, line 1-23 and para 150, line 1-14; data encryption service includes a monitoring and alert service that sends a request to issue a renewed encryption key for the encryption key not renewed or updated appropriately);
determining that the second key of the second application is non-compliant with the second key policy (para 131, line 1-23; data encryption service determine that an encryption key is not renewed and/or updated appropriately using the encryption key policies applicable to each application); 
Agarwal does not teach identifying an exception that indicates an expiration of the second key policy;
Edwards teaches identifying an exception that indicates an expiration of the second key policy (para 5, line 1-25 and para 238, line 1-13; temporarily allow exceptions to an existing policy during evaluation of encryption key by replacing the existing policy with a separate ephemeral policy based on a priority or precedence of each policy);  
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Agarwal to incorporate the teachings of Edwards to provide temporarily allow exceptions to an existing policy during evaluation of encryption key by replacing the existing policy with a separate ephemeral policy based on a priority or precedence of each policy.  Doing so would allow for encryption key management with policies defined and evaluated within hierarchical structures, groups, clients, and users, as recognized by Edwards.
Agarwal teaches in response to the second application being non-compliant (para 131, line 1-23; data encryption service determine that an encryption key is not renewed and/or updated appropriately using the encryption key policies applicable to each application)
Agarwal does not teach based on the exception, suppressing a second request to update the second key; and
Edwards teaches based on the exception, suppressing a second request to update the second key (para 5, line 1-25 and para 228, line 1-15; temporarily allow exceptions to an existing policy during evaluation of encryption key by replacing the existing policy with a separate ephemeral policy, where the key may be allowed for use instead of denied which would result in a new key generation); and
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Agarwal to incorporate the teachings of Edwards to provide temporarily allow exceptions to an existing policy during evaluation of encryption key by replacing the existing policy with a separate ephemeral policy, where the key may be allowed for use instead of denied which would result in a new key generation.  Doing so would allow for encryption key management with policies defined and evaluated within hierarchical structures, groups, clients, and users, as recognized by Edwards.
Agarwal teaches receiving a first response at the encryption system, the first response including a result of the request to deploy the third key (para 142, line 1-12 and 144, line 1-19; the monitoring and alert service of the data encryption service provides the key updates and stores the identified encryption key for use with the application in the encryption object metadata extraction engine 1738).
Agarwal does not teach the first response including a suppression of the second request
Edwards teaches the first response including a suppression of the second request (para 5, line 1-25 and para 228, line 1-15; temporarily allow exceptions to an existing policy during evaluation of encryption key by replacing the existing policy with a separate ephemeral policy, where the key may be allowed for use instead of denied which would result in a new key generation); and
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Agarwal to incorporate the teachings of Edwards to provide temporarily allow exceptions to an existing policy during evaluation of encryption key by replacing the existing policy with a separate ephemeral policy, where the key may be allowed for use instead of denied which would result in a new key generation.  Doing so would allow for encryption key management with policies defined and evaluated within hierarchical structures, groups, clients, and users, as recognized by Edwards.
Regarding claim 18, Agarwal and Edwards teach computer product of claim 16.
Agarwal teaches receiving a change to an attribute of a key defined by the first key policy (para 161, line 1-12; generate a set of rules, specifying a set of conditions for the encryption key policies applicable to an application, to be applied to an identified attribute); 
determining the remote machine that stores the first application affected by the first key policy, in response to the change to the attribute of the key defined by the first key policy (para 51, line 1-10 and para 161, line 1-12; generate a set of rules, specifying a set of conditions for the encryption key policies applicable to an application of a computing device, to be applied to an identified attribute); and 29WO 2019/232692PCT/CN2018/089928 
updating the first key utilized by the first application based on the change to the attribute of the key defined by the first key policy (para 155, line 1-11 and para 161, line 1-12; updating an encryption key based on the generated a set of rules, specifying a set of conditions for the encryption key policies applicable to an application, to be applied to an identified attribute).
Regarding claim 19, Agarwal and Edwards teach computer product of claim 18.
Agarwal teaches the attribute of the key is any one of: key length, symmetry or asymmetry of the key, or an algorithm to generate the key (para 144, line 1-17; encryption key may have multiple attributes, such as size of the encryption key).
Regarding claim 20, Agarwal and Edwards teach computer product of claim 16.
Agarwal teaches in response to the determining that the first key of the first application is non-compliant with the first key policy (para 131, line 1-23 and para 150, line 1-14; data encryption service includes a monitoring and alert service that sends a request to issue a renewed encryption key for the encryption key not renewed or updated appropriately): 
generating the third key at the encryption system (para 142, line 1-12 and 144, line 1-19; the monitoring and alert service of the data encryption service performs and provides the key updates); and 
deploying the third key to the remote machine (para 51, line 1-10 and para 142, line 1-12 and 144, line 1-19; the monitoring and alert service of the data encryption service provides the key updates to application hosting systems 110, which may be a computing device such as a laptop or wearable computer).
Regarding claim 21, Agarwal and Edwards teach computer product of claim 16.
	Agarwal teaches determining that the first key of the first application is non-compliant with the first key policy includes receiving an input that includes a change or an update to the first key (para 131, line 1-23; data encryption service determine that an encryption key is not renewed and/or updated appropriately using the encryption key policies applicable to each application), and wherein the operations further comprise: 
identifying and flagging the first application and a third application affected by the first key policy (para 131, line 1-25; may lead to security warnings that encryption objects are out of compliance for different applications); and 
updating the first key policy (para 37, line 1-12 and para 135, line 1-13; data encryption service may receive an application policy and determine the appropriate encryption to be applied to data in the application).  
Regarding claim 22, Agarwal and Edwards teach computer product of claim 16.
Agarwal teaches the request further comprises a time to deploy the third key and a definition for an event at which to deploy the third key (para 54, line 1-17 and para 131, line 1-23; data encryption service determine that an encryption key is not renewed and/or updated appropriately using the encryption key policies applicable to each application and needs to be refreshed at pre-determined intervals of time).
4.	Claims 6 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Agarwal in view of Edwards and White et al. (US Pub. 2016/0269364), hereinafter White, filed on Mar. 11, 2016.
Regarding claim 6, Agarwal and Edwards teach method of claim 5.
Agarwal and Edwards do not teach the first response further comprises failure information associated with the deploying of the third key to the remote machine.
White teaches the first response further comprises failure information associated with the deploying of the third key to the remote machine (para 55, line 1-9 and para 59, line 1-10; encryption key management involving an applied key management device 110 and a target device 150b may result in a failure message and/or cause of unsuccessful encryption key transaction).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Agarwal and Edwards to incorporate the teachings of White to provide a result in a failure message and/or cause of unsuccessful encryption key transaction.  Doing so would allow for generation, management, and distribution of applied key management of security objects, as recognized by White.
Regarding claim 13, Agarwal and Edwards teach system of claim 12.
Agarwal and Edwards do not teach the first response further comprises failure information associated with the deploying of the third key to the remote machine.
White teaches the first response further comprises failure information associated with the deploying of the third key to the remote machine (para 55, line 1-9 and para 59, line 1-10; encryption key management involving an applied key management device 110 and a target device 150b may result in a failure message and/or cause of unsuccessful encryption key transaction).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Agarwal and Edwards to incorporate the teachings of White to provide a result in a failure message and/or cause of unsuccessful encryption key transaction.  Doing so would allow for generation, management, and distribution of applied key management of security objects, as recognized by White.
Conclusion
5.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The following are relevant prior arts: Jahid et al (US Pub. 2018/0063103) discloses a key policy specifies an expiry of a ticket, where if the process determines (at 530) that the ticket has expired, it ends the process without sending an encryption key to the requesting host; Pauker et al. (US Pub. 2013/0339252) discloses key server 20 may include policy information 22 that key server 20 uses in determining whether to fulfill key requests, where policy information 22 may include a set of policy rules that dictate that keys should only be released if they have not expired and if the key requester's authentication credentials are valid; Walker (US Patent 10,367,814) discloses user to input authentication credentials to secure the non-compliant mobile application and, once authentication credentials are inputted, encryption keys for encrypting the mobile application may be unlocked and the previously non-compliant mobile application may be secured.
6.	Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
7.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to NHAN H NGUYEN whose telephone number is (571)272-6443.  The examiner can normally be reached on Monday-Friday 8:30am - 4:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on 571-272-4006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/NHAN HUU NGUYEN/Examiner, Art Unit 2492


/SALEH NAJJAR/Supervisory Patent Examiner, Art Unit 2492