DETAILED ACTION

Notice of AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

The present office action is responsive to communications received on 7/20/2021. Preliminary Amendment filed on 7/20/2021 has been entered. Claims 1-21 are pending.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 7/21/2021 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.

Claims 1-2 and 7-21 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-17 of U.S. Patent No. 11055366. Although the claims at issue are not identical, they are not patentably distinct from each other because claims of the 11055366 contain every element of claims of the instant application. Application claims 1-2 and 7-21 are anticipated by the patent claims 1-17.
Claims 3-6 are rejected on the ground of nonstatutory double patenting as being unpatentable over claim 1 of U.S. Patent No. 11055366 in view of Publication No. WO 2017083980 A1. It would have been prima facie obvious to combine 11055366 and WO 2017083980 A1. One of ordinary skill in the art would have been motivated to perform such a modification because encrypting data encryption key can provide controlling access to streaming data over an untrusted network since no clear key is exposed (Racz [0013]).

A later patent claim is not patentably distinct from an earlier patent claim if the later claim is obvious over, or anticipated by, the earlier claim. In re Longi, 759 F.2d at 896, 225 USPQ at 651 (affirming a holding of obviousness-type double patenting because the claims at issue were obvious over claims in four prior art patents); In re Berg, 140 F.3d at 1437, 46 USPQ2d at 1233 (Fed. Cir. 1998) (affirming a holding of obviousness-type double patenting where a patent application claim to a genus is anticipated by a 35 patent claim to a species within that genus). “ELI LILLY AND COMPANY v BARR LABORATORIES, INC., United States Court of Appeals for the Federal Circuit, ON PETITION FOR REHEARING EN BANC (DECIDED: May 30, 2001).

Instant Application No. 17334920
US patent 11055366


1. A method for transferring electronic evidence from a source computing device having a web browser and storing said electronic evidence over a data network to evidence data storage, the method comprising performing the following in said web browser:
connecting to a file upload server associated with said evidence data storage;
receiving input from a user to select a source evidence data file from storage of said source computing device;
setting a file encryption key;
sending a request to said file upload server to initiate a file upload;
in one thread of said web browser, encrypting using said file encryption key said source evidence data file to generate encrypted source evidence data and uploading said encrypted source evidence data to said file upload server for storing to said evidence data storage;
in a thread of said web browser separate from the one thread, providing user interface functions, the user interface functions comprising presenting a file upload status; and





sending an encrypted copy of said file encryption key to a key server associated with said evidence data storage.
1. A method for transferring electronic evidence from a source computing device having a web browser and storing a source evidence data file over a data network to evidence data storage, the method comprising performing the following in said web browser:
connecting to a file upload server associated with said evidence data storage;
receiving input from a user to select a source evidence data file from storage of said source computing device;
setting a file encryption key;
sending a request to said file upload server to initiate a file upload;
in one thread of said web browser, encrypting using said file encryption key said source evidence data to generate encrypted source evidence data and uploading said encrypted source evidence data to said file upload server;

in a thread of said web browser separate from the one thread, providing user interface functions, the user interface functions comprising presenting a file upload status;
receiving at said web browser a public encryption key;
generating an encrypted copy of said file encryption key based on encrypting the file encryption key with said public key; and
sending said encrypted copy of said file encryption key to a key server associated with said evidence data storage,
wherein said public key is received at said web browser in web content that provides web browser instructions to perform at least: said encrypting and uploading, in said one thread of said web browser; said providing user interface functions in said thread of said web browser separate from said one thread; said generating said encrypted copy of said file encryption key; and said sending said encrypted copy of said file encryption key to said key server associated with said evidence data storage.
2. The method as claimed in claim 1, wherein said encrypting and uploading comprises encrypting blocks of said source evidence data and sending said encrypted blocks of said source evidence data to said file upload server.
2. The method as claimed in claim 1, wherein said encrypting and uploading comprises encrypting blocks of said source evidence data and sending said encrypted blocks of said source evidence data to said file upload server.
3. The method as claimed in claim 1, wherein said sending said encrypted copy of said file encryption key to said key server comprises:
sending over a secure link said file encryption key to an asymmetric encryption server for generating said encrypted copy of said file encryption key by encrypting said file encryption key using a public key.
Claim 1 of U.S. Patent No. 11055366 in view of Publication No. WO 2017083980 A1.
4. The method as claimed in claim 3, wherein said public key is received at said web browser and said sending said encrypted copy of said file encryption key to said asymmetric encryption server for encryption further comprises sending said public key to said asymmetric encryption server.
Claim 1 of U.S. Patent No. 11055366 in view of Publication No. WO 2017083980 A1.
5. The method as claimed in claim 3, wherein said public key is received at said asymmetric encryption server for said asymmetric encryption server to asymmetrically encrypt said file encryption key with said public key to generate said encrypted copy of said file encryption key.
Claim 1 of U.S. Patent No. 11055366 in view of Publication No. WO 2017083980 A1.
6. The method as claimed in claim 3, wherein said sending said encrypted copy of said file encryption key to said key server further comprises:
receiving, by said web browser, said encrypted copy of said file encryption key from said asymmetric encryption server; and sending, from said web browser, said encrypted copy of said file encryption key to said key server.
Claim 1 of U.S. Patent No. 11055366 in view of Publication No. WO 2017083980 A1.
7. The method as claimed in claim 1, wherein said providing user interface functions comprises receiving a message from said one thread about upload completion and presenting said file upload status based on said message.
3. The method as claimed in claim 1, wherein said providing user interface functions comprises receiving a message from said one thread about upload completion and presenting a file upload status.
8. The method as claimed in claim 1, wherein said file upload status comprises a file transfer variable progress representation.
4. The method as claimed in claim 3, wherein said file upload status comprises a file transfer variable progress representation.
9. The method as claimed in claim 1, wherein said encrypting using said file encryption key said source evidence data file to generate encrypted source evidence data comprises using symmetric encryption.
5. The method as claimed in claim 1, wherein said encrypting and uploading comprises using symmetric encryption.
10. The method as claimed in claim 1, wherein metadata concerning the source evidence data file is transmitted from the source computing device to said evidence data storage
6. The method as claimed in claim 1, wherein metadata concerning the source evidence data file is transmitted from the source computing device to said evidence data storage.
11. The method as claimed in claim 10, wherein said metadata is encrypted using said file encryption key.
7. The method as claimed in claim 6, wherein said metadata is encrypted using said file encryption key. 
12. The method as claimed in claim 10, wherein said metadata comprises identification data of a user associated with said source computing device.
8. The method as claimed in claim 6, wherein said metadata comprises identification data of a user associated with said source computing device.
13. The method as claimed in claim 1, wherein said source evidence data file comprises an electronic message received at said source computing device.
9. The method as claimed in claim 1, wherein said source evidence data file comprises an electronic message received at said source computing device.
14. The method as claimed in claim 1, wherein said source evidence data file comprises an image file recorded by said source computing device.
10. The method as claimed in claim 1, wherein said source evidence data file comprises an image file recorded by said source computing device.
15. The method as claimed in claim 1, wherein said source evidence data file comprises a video file recorded by said source computing device.
11. The method as claimed in claim 1, wherein said source evidence data file comprises a video file recorded by said source computing device.
16. The method as claimed in claim 1, wherein said source evidence data file comprises an audio recording file received at said source computing device.
12. The method as claimed in claim 1, wherein said source evidence data file comprises an audio recording file received at said source computing device.
17. The method as claimed in claim 1, further comprising sending to said user a URL to solicit from said user said source evidence data file, said user providing said URL to said web browser, and said web browser connecting to said URL to obtain web content that provides web browser instructions for performing the method.
13. The method as claimed in claim 1, further comprising sending to said user a URL to solicit from said user said source evidence data file, said user providing said URL to said browser, and said browser connecting to said URL to obtain web content that provides browser instructions for performing the method.
18. The method as claimed in claim 1, wherein said web browser establishes a Transport Layer Security (TLS) compliant cryptographic protocol connection between said source computing device and said file upload server.
14. The method as claimed in claim 1, wherein said browser establishes a Transport Layer Security (TLS) compliant cryptographic protocol connection between said source computing device and said file upload server.
19. The method as claimed in claim 1, wherein said web browser establishes a Transport Layer Security (TLS) compliant cryptographic protocol connection between said source computing device and said file key server.
15. The method as claimed in claim 1, wherein said browser establishes a Transport Layer Security (TLS) compliant cryptographic protocol connection between said source computing device and said file key server.
20. The method as claimed in claim 1, wherein encrypting using said file encryption key said source evidence data file to generate encrypted source evidence data comprises using AES 256-bit encryption.
16. The method as claimed in claim 1, wherein encrypting said source evidence data file using a file encryption key comprises using AES 256-bit encryption.
21. A non-transitory computer readable memory storing instructions for a computer processor that when executed perform a method for transferring electronic evidence from a source computing device having a web browser and storing said electronic evidence over a data network to evidence data storage, the method comprising performing the following in said web browser:
connecting to a file upload server associated with said evidence data storage;
receiving input from a user to select a source evidence data file from storage of said source computing device;
setting a file encryption key;
sending a request to said file upload server to initiate a file upload;
in one thread of said web browser, encrypting using said file encryption key said source evidence data file to generate encrypted source evidence data and uploading said encrypted source evidence data to said file upload server for storing to said evidence data storage;
in a thread of said web browser separate from the one thread, providing user interface functions, the user interface functions comprising presenting a file upload status; and





sending an encrypted copy of said file encryption key to a key server associated with said evidence data storage.
17. A non-transitory computer readable memory storing instructions for a computer processor that when executed perform a method for transferring electronic evidence from a source computing device having a web browser and storing a source evidence data file over a data network to evidence data storage, the method comprising performing the following in said web browser:
connecting to a file upload server associated with said evidence data storage;
receiving input from a user to select a source evidence data file from storage of said source computing device;
setting a file encryption key;
sending a request to said file upload server to initiate a file upload;
in one thread of said web browser, encrypting using said file encryption key said source evidence data to generate encrypted source evidence data and uploading said encrypted source evidence data to said file upload server;

in a thread of said web browser separate from the one thread, providing user interface functions, the user interface functions comprising presenting a file upload status;
receiving at said web browser a public encryption key;
generating an encrypted copy of said file encryption key based on encrypting the file encryption key with said public key; and
sending said encrypted copy of said file encryption key to a key server associated with said evidence data storage,
wherein said public key is received at said web browser in web content that provides web browser instructions for performing at least: said setting an encryption key, said sending a request to said file upload server to initiate a file upload, said encrypting and uploading, in one thread of said web browser, said encrypted source evidence data to said file upload server, and said providing user interface functions in a thread of said web browser separate from the one thread.


Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claim 19 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.

The rejection(s) under 35 U.S.C. 112(b) is/are determined by the following reasons:
Claim 19 recites the limitation "wherein said web browser establishes a Transport Layer Security (TLS) compliant cryptographic protocol connection between said source computing device and said file key server." There is insufficient antecedent basis for this limitation “said file key server” in the claim.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 1-12, 20 and 21 are rejected under 35 U.S.C. 103 as being unpatentable over Lim (US 20150326618 A1) in view of Racz (WO 2017083980 A1) and Sharif (US 20030115167 A1).

Regarding claim 1, Lim teaches a method for transferring electronic evidence from a source computing device having a web browser and storing said electronic evidence over a data network to evidence data storage, the method comprising performing the following in said web browser:
connecting to a file upload server associated with said evidence data storage; ([0048, 0051, 0054] Fig. 1: the investigator transfers user identification information and the investigator authentication key value to the authentication center server 2 within the server 7 {circle around (2)}. The investigator transmits the system feature information of the investigation target mobile device 1 to the evidence management server 3 of the server 7 {circle around (4)}. The collected data encrypted as described above is transferred to the evidence management server 3 over a network and then stored therein {circle around (10)}.) Here connection to the server is obvious over the transfer/transmission of data to server in step 2, 4 and 10.
receiving input from a user to select a source evidence data file from storage of said source computing device; ([0053] Fig. 1: Accordingly, the investigator collects data using the received evidence collection tool {circle around (8)} and {circle around (9)}.)
setting a file encryption key; ([0049] Fig. 1: Accordingly, the authentication center server 2 transmits a security key, generated based on the user identification information of the corresponding device 1, to the corresponding device 1 after authenticating the investigator {circle around (3)}.)
sending a request to said file upload server to initiate a file upload; ([0048, 0051] Fig. 1: the investigator transfers user identification information and the investigator authentication key value to the authentication center server 2 within the server 7 {circle around (2)}. The investigator transmits the system feature information of the investigation target mobile device 1 to the evidence management server 3 of the server 7 {circle around (4)}.) Here transferring/transmitting data to server in step 2 and 4 initiates the actual file upload in step 10.
encrypting using said file encryption key said source evidence data file to generate encrypted source evidence data and uploading said encrypted source evidence data to said file upload server for storing to said evidence data storage; ([0053, 0054] Fig. 1: encrypts the collected data using the security key received at an initial authentication step. The collected data encrypted as described above is transferred to the evidence management server 3 over a network and then stored therein {circle around (10)}, or is stored in a separate digital evidence storage device 5 {circle around (11)}.)

Lim teaches transferring electronic evidence from a source computing device to evidence data storage, but does not explicitly teach sending an encrypted copy of said file encryption key to a key server associated with said evidence data storage. This aspect of the claim is identified as a difference.
However, Racz in an analogous art explicitly teaches
sending an encrypted copy of said file encryption key to a key server associated with said evidence data storage. ([0013] Obtaining a first symmetric encryption key stream. Receiving at least one public asymmetric encryption keys. Generating asymmetrically encrypted key stream data by digitally encrypting the first symmetric encryption key stream using each one of the at least one public asymmetric encryption keys. Transmitting the asymmetrically encrypted key stream data over the untrusted network.)
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the “evidence collection tool” concept of Lim, and the “secure layered encryption of data streams” approach of Racz, because encrypting data encryption key can provide controlling access to streaming data over an untrusted network since no clear key is exposed (Racz [0013]).

Lim in view of Racz teaches transferring electronic evidence and encrypted key, but does not explicitly teach in one thread of said web browser, performing action related to uploading data; in a thread of said web browser separate from the one thread, providing user interface functions, the user interface functions comprising presenting a file upload status. This aspect of the claim is identified as a difference.
However, Sharif in an analogous art explicitly teaches
in one thread of said web browser, performing action related to uploading data; in a thread of said web browser separate from the one thread, providing user interface functions, the user interface functions comprising presenting a file upload status. ([0045] FIG. 2: an animated icon referred to as “working icon” is displayed to indicate whether data is being transferred between the browser application and the network. The working icon function may be integrated into the Browse button in the mode button bar, to save screen real estate. When the browser application is exchanging data with the network (e.g., looking up the address of a server, establishing a server connection, fetching data, uploading data, etc.), a “chase” animation is drawn around the edge of the Browse mode button. Because browser application is multi-threaded, it is possible for network traffic to be ongoing when the mode bar does not have input focus, when it does and another button is selected, or when the Browse button is selected.) Here reference Sharif discloses a multi-threaded browser, in one thread providing working icon showing data transfer status (analogous to claim limitation “user interface functions presenting file upload status”), in another thread for network traffic such as uploading data. Reference Lim discloses encrypting the collected data using the security key and the collected data encrypted being transferred to the server. Therefore Lim in view of Racz and Sharif teaches the whole limitation.
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the “evidence collection tool” concept of Lim, and the “multi-threaded browser” approach of Sharif, to have the user interface elements remain responsive, even while the network traffic, such as data uploading or downloading, to be ongoing (Sharif [0045]).

Regarding claim 2, Lim in view of Racz and Sharif teaches all the features with respect to claim 1, as outlined above. The combination further teaches wherein said encrypting and uploading comprises encrypting blocks of said source evidence data and sending said encrypted blocks of said source evidence data to said file upload server. ([Lim 0053, 0054] Fig. 1: encrypts the collected data using the security key received at an initial authentication step. The collected data encrypted as described above is transferred to the evidence management server 3 over a network and then stored therein {circle around (10)}, or is stored in a separate digital evidence storage device 5 {circle around (11)}.) Meanwhile, reference Racz discloses claim limitation “blocks” by “The data stream can be divided into data stream portions (e.g. a number of video frames for a video stream). Each portion may be encrypted by a respective random symmetric key. (¶42)”

Regarding claim 3, Lim in view of Racz and Sharif teaches all the features with respect to claim 1, as outlined above. The combination further teaches wherein said sending said encrypted copy of said file encryption key to said key server comprises: 
sending over a secure link said file encryption key to an asymmetric encryption server for generating said encrypted copy of said file encryption key by encrypting said file encryption key using a public key. ([Racz 0013] at a trusted network zone at an encryption computer system obtaining a first symmetric encryption key stream. Receiving at least one public asymmetric encryption keys. Generating asymmetrically encrypted key stream data by digitally encrypting the first symmetric encryption key stream using each one of the at least one public asymmetric encryption keys. Transmitting the asymmetrically encrypted key stream data over the untrusted network.)

Regarding claim 4, Lim in view of Racz and Sharif teaches all the features with respect to claim 3, as outlined above. The combination further teaches wherein said public key is received at said web browser and said sending said encrypted copy of said file encryption key to said asymmetric encryption server for encryption further comprises sending said public key to said asymmetric encryption server. ([Racz 0013] at a trusted network zone at an encryption computer system obtaining a first symmetric encryption key stream. Receiving at least one public asymmetric encryption keys. Generating asymmetrically encrypted key stream data by digitally encrypting the first symmetric encryption key stream using each one of the at least one public asymmetric encryption keys. Transmitting the asymmetrically encrypted key stream data over the untrusted network.)

Regarding claim 5, Lim in view of Racz and Sharif teaches all the features with respect to claim 3, as outlined above. The combination further teaches wherein said public key is received at said asymmetric encryption server for said asymmetric encryption server to asymmetrically encrypt said file encryption key with said public key to generate said encrypted copy of said file encryption key. ([Racz 0013] at a trusted network zone at an encryption computer system obtaining a first symmetric encryption key stream. Receiving at least one public asymmetric encryption keys. Generating asymmetrically encrypted key stream data by digitally encrypting the first symmetric encryption key stream using each one of the at least one public asymmetric encryption keys to create respective asymmetrically encrypted first key streams wherein each of the asymmetrically encrypted first key streams is encrypted with a respective one of the at least one public asymmetric encryption keys. Transmitting the asymmetrically encrypted key stream data over the untrusted network.)

Regarding claim 6, Lim in view of Racz and Sharif teaches all the features with respect to claim 3, as outlined above. The combination further teaches wherein said sending said encrypted copy of said file encryption key to said key server further comprises:
receiving, by said web browser, said encrypted copy of said file encryption key from said asymmetric encryption server; and sending, from said web browser, said encrypted copy of said file encryption key to said key server. ([Racz 0013] at a trusted network zone at an encryption computer system obtaining a first symmetric encryption key stream. Receiving at least one public asymmetric encryption keys. Generating asymmetrically encrypted key stream data by digitally encrypting the first symmetric encryption key stream using each one of the at least one public asymmetric encryption keys. Transmitting the asymmetrically encrypted key stream data over the untrusted network. [00114, 00116] a key server 300, stores encrypted key streams 275, such as the asymmetrically encrypted key streams described above, in a secure database. The encrypted key streams 275 are then transmitted by the encryption computer system 31 to the key server 300. In this example, the keys (key stream) are encrypted using asymmetric encryption before being stored on the key server.) Here sending encrypted key over the untrusted network (analogous to claim limitation “returned to said browser”) and sending from encryption computer system (analogous to claim limitation “sending from said browser”) are just common implementation details and design alternatives.

Regarding claim 7, Lim in view of Racz and Sharif teaches all the features with respect to claim 1, as outlined above. The combination further teaches wherein said providing user interface functions comprises receiving a message from said one thread about upload completion and presenting said file upload status based on said message. ([Sharif 0045] FIG. 2: an animated icon referred to as “working icon” is displayed to indicate whether data is being transferred between the browser application and the network. The working icon function may be integrated into the Browse button in the mode button bar, to save screen real estate. When the browser application is exchanging data with the network (e.g., looking up the address of a server, establishing a server connection, fetching data, uploading data, etc.), a “chase” animation is drawn around the edge of the Browse mode button. Because browser application is multi-threaded, it is possible for network traffic to be ongoing when the mode bar does not have input focus, when it does and another button is selected, or when the Browse button is selected.) In summary, Sharif concludes that “the browser application displays a graphic icon and is used to indicate the current state of the system to the user. The types of status information indicated may include: whether the system has an established network connection (whether or not data is currently being transferred); whether there is one or more messages for viewing (¶44).

Regarding claim 8, Lim in view of Racz and Sharif teaches all the features with respect to claim 1, as outlined above. The combination further teaches wherein said file upload status comprises a file transfer variable progress representation. ([Sharif 0045] FIG. 2: an animated icon referred to as “working icon” is displayed to indicate whether data is being transferred between the browser application and the network. The working icon function may be integrated into the Browse button in the mode button bar, to save screen real estate. When the browser application is exchanging data with the network (e.g., looking up the address of a server, establishing a server connection, fetching data, uploading data, etc.), a “chase” animation is drawn around the edge of the Browse mode button. Because browser application is multi-threaded, it is possible for network traffic to be ongoing when the mode bar does not have input focus, when it does and another button is selected, or when the Browse button is selected.) In addition, Sharif discloses in ¶45 implementation details on graphic display animation showing data transfer progress.

Regarding claim 9, Lim in view of Racz and Sharif teaches all the features with respect to claim 1, as outlined above. The combination further teaches wherein said encrypting using said file encryption key said source evidence data file to generate encrypted source evidence data comprises using symmetric encryption. ([Racz 0013] at a trusted network zone at an encryption computer system obtaining a first symmetric encryption key stream comprising a first plurality of distinct symmetric encryption keys encrypting respective sequential portions of a first data stream to create a first symmetrically encrypted data stream comprising sequential portions of encrypted data.)

Regarding claim 10, Lim in view of Racz and Sharif teaches all the features with respect to claim 1, as outlined above. The combination further teaches wherein metadata concerning the source evidence data file is transmitted from the source computing device to said evidence data storage. ([Lim 0030, 0029] The evidence collection tool may include: a collection module including a filesystem analysis unit configured to collect a particular file related information such as file record, metadata, timestamps and others as the digital evidence; a control module including a digital evidence metadata generation unit configured to generate the metadata of the digital evidence; and a transmission module including a data encryption unit configured to encrypt the digital evidence. The transmission module may be further configured to, encrypt the digital evidence and then transfer the encrypted digital evidence to the server.) Here Lim discloses generating digital evidence metadata, which is then encrypted and transferred to server as part of the digital evidence.

Regarding claim 11, Lim in view of Racz and Sharif teaches all the features with respect to claim 10, as outlined above. The combination further teaches wherein said metadata is encrypted using said file encryption key. ([Lim 0030, 0029] The evidence collection tool may include: a collection module including a filesystem analysis unit configured to collect a particular file related information such as file record, metadata, timestamps and others as the digital evidence; a control module including a digital evidence metadata generation unit configured to generate the metadata of the digital evidence; and a transmission module including a data encryption unit configured to encrypt the digital evidence. The transmission module may be further configured to, encrypt the digital evidence and then transfer the encrypted digital evidence to the server.)

Regarding claim 12, Lim in view of Racz and Sharif teaches all the features with respect to claim 10, as outlined above. The combination further teaches wherein said metadata comprises identification data of a user associated with said source computing device. ([Lim 0030] The evidence collection tool may include: a collection module including a filesystem analysis unit configured to collect a particular file related information such as file record, metadata, timestamps and others as the digital evidence by analyzing the meta information of the filesystem of the separate secure domain of the domain separation-based mobile device; a control module including a digital evidence metadata generation unit configured to generate the metadata of the digital evidence.) Here Lim discloses in ¶47 about collecting various pieces of information about the corresponding device 1 by analyzing the corresponding device 1 {circle around (1)}. In this case, the various pieces of information include system feature information (the model of the corresponding device 1, OS information, system information, and the type of domain separation technology) and user identification information (unique information, such as the name of a user, a telephone number, and a manufacture serial number). It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include user identification information as part of the metadata.

Regarding claim 20, Lim in view of Racz and Sharif teaches all the features with respect to claim 1, as outlined above. The combination further teaches wherein encrypting using said file encryption key said source evidence data file to generate encrypted source evidence data comprises using AES 256-bit encryption. ([Racz 00120] parameters may be specified within the user/subscriber interface to select from among various encryption schemes and scope. No particular limitation on technologies, unless otherwise specified or technically infeasible, is envisioned for encryption specification (e.g. AES-128, AES-192, AES-256), signatures or key exchange (e.g. RSA 2048) or integrity checks (e.g. SHA-256 cryptographic hash functions).)

Regarding claim 21, the scope of the claim is similar to that of claim 1. Accordingly, the claim is rejected using a similar rationale.

Claim 13-16 are rejected under 35 U.S.C. 103 as being unpatentable over Lim (US 20150326618 A1) in view of Racz (WO 2017083980 A1), Sharif (US 20030115167 A1) and Brewer (US 20150381667 A1).

Regarding claim 13, Lim in view of Racz and Sharif teaches all the features with respect to claim 1, as outlined above. But the combination does not teach wherein said source evidence data file comprises an electronic message received at said source computing device. This aspect of the claim is identified as a difference.
However, Brewer in an analogous art explicitly teaches wherein said source evidence data file comprises an electronic message received at said source computing device. ([0009, 0038] FIG. 3 is a diagram depicting an example of a table that includes incident types, request types, and requested actions. Line 310 corresponds to a real-time data collection request that requests a user device to collect real-time data in proximity to an incident in progress, such as still images, video, audio, etc. see FIG. 1 and corresponding text for further details.)
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the “evidence collection tool” concept of Lim, and the “incident data collection” approach of Brewer, so public protection system can send a data collection request to user devices that instructs the user devices to capture data of various formats (Brewer [0004]).

Regarding claim 14, Lim in view of Racz and Sharif teaches all the features with respect to claim 1, as outlined above. Lim in view of Racz, Sharif and Brewer further teaches wherein said source evidence data file comprises an image file recorded by said source computing device. ([Brewer 0038] Line 310 corresponds to a real-time data collection request that requests a user device to collect real-time data in proximity to an incident in progress, such as still images, video, audio, etc.)

Regarding claim 15, Lim in view of Racz and Sharif teaches all the features with respect to claim 1, as outlined above. Lim in view of Racz, Sharif and Brewer further teaches wherein said source evidence data file comprises a video file recorded by said source computing device. ([Brewer 0038] Line 310 corresponds to a real-time data collection request that requests a user device to collect real-time data in proximity to an incident in progress, such as still images, video, audio, etc.)

Regarding claim 16, Lim in view of Racz and Sharif teaches all the features with respect to claim 1, as outlined above. Lim in view of Racz, Sharif and Brewer further teaches wherein said source evidence data file comprises an audio recording file received at said source computing device. ([Brewer 0038] Line 310 corresponds to a real-time data collection request that requests a user device to collect real-time data in proximity to an incident in progress, such as still images, video, audio, etc.)

Claim 17 is rejected under 35 U.S.C. 103 as being unpatentable over Lim (US 20150326618 A1) in view of Racz (WO 2017083980 A1), Sharif (US 20030115167 A1) and Pritikin (US 7451305 B1).

Regarding claim 17, Lim in view of Racz and Sharif teaches all the features with respect to claim 1, as outlined above. But the combination does not teach sending to said user a URL to solicit from said user said source evidence data file, said user providing said URL to said web browser, and said web browser connecting to said URL to obtain web content that provides web browser instructions for performing the method. This aspect of the claim is identified as a difference.
However, Pritikin in an analogous art explicitly teaches sending to said user a URL to solicit from said user said source evidence data file, said user providing said URL to said web browser, and said web browser connecting to said URL to obtain web content that provides web browser instructions for performing the method. ([Col 3, Line 32-38] A user can direct a web browser to request the bank's web page by entering the bank's Uniform Resource Locator (URL) into the web browser's address field. In response to receiving a request from the web browser, the bank's web server may respond with a web page that specifies a script and a form that contains the bank's public key, the bank's URL, and an input field.) Here Lim discloses “evidence management server 3 transmits an evidence collection tool suitable for the corresponding device 1 (¶52)” to solicit evidence file; therefore, Lim in view of Racz, Sharif and Pritikin discloses the above limitation.
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the “evidence collection tool” concept of Lim, and the “web page specifying public key and URL” approach of Pritikin, to facilitate user's web browser functions as a mutually trusted intermediary. As a result, cryptographic identities may be securely exchanged through the mutually trusted intermediary without requiring the user to manually or vocally communicate the cryptographic identities (Pritikin [Col 3, Line 65-66; Col 4, Line 6-9]).

Claim 18 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Lim (US 20150326618 A1) in view of Racz (WO 2017083980 A1), Sharif (US 20030115167 A1) and Ali (US 20060041938 A1).

Regarding claim 18, Lim in view of Racz and Sharif teaches all the features with respect to claim 1, as outlined above. But the combination does not teach wherein said web browser establishes a Transport Layer Security (TLS) compliant cryptographic protocol connection between said source computing device and said file upload server. This aspect of the claim is identified as a difference.
However, Ali in an analogous art explicitly teaches wherein said web browser establishes a Transport Layer Security (TLS) compliant cryptographic protocol connection between said source computing device and said file upload server. ([0002] Secure Sockets Layer (SSL) and its successor Transport Layer Security (TLS) are the de-facto standards for securing communication between web servers and web browsers on the Internet. The SSL and TLS protocols have been implemented on a vast variety of platforms that range from enterprise class servers to small hand-held devices.)
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the “evidence collection tool” concept of Lim, and the “supporting SSL/TLS protocols” approach of Ali, to provide support for cryptographic communications protocols such as SSL/TLS so as to enable secure communications end-to-end between the device and the remote node (Ali [0007]).

Regarding claim 19, Lim in view of Racz and Sharif teaches all the features with respect to claim 1, as outlined above. Lim in view of Racz, Sharif and Ali further teaches wherein said web browser establishes a Transport Layer Security (TLS) compliant cryptographic protocol connection between said source computing device and said file key server. ([Ali 0002] Secure Sockets Layer (SSL) and its successor Transport Layer Security (TLS) are the de-facto standards for securing communication between web servers and web browsers on the Internet. The SSL and TLS protocols have been implemented on a vast variety of platforms that range from enterprise class servers to small hand-held devices.)

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US 6670969 B1, "Interface frames for threads", by Halstead, Jr., teaches a general mechanism allowing multiple threads of control to work together within an application that uses hierarchies. In these situations, it is often highly desirable to have different threads operating simultaneously in different parts of a hierarchy. One example of such a situation is where a graphical window is defined with several panes, each of which is showing an independently controlled animated sequence of images. Another example is a Web browser application where it is desirable to assign to one thread the responsibility for controlling the content displayed in the browser window, while a different thread controls the menus, buttons, and other user-interface elements that are used to control the browser application.
US 20130238882 A1, "Multi-core processor system, monitoring control method, and computer product", by Suzuki, teaches to provide a specific service to the user, the processes divide functions according to thread, which is a unit of program execution, to provide a single service. For example, the Web browser process has three threads, including a first thread that is for data transmission/reception in accordance with the hypertext transfer protocol (HTTP), a second thread that is for analyzing received hypertext markup language (HTML) data, and a third thread that is for displaying HTML data using the analyzed result.
US 6560626 B1, "Thread interruption with minimal resource usage using an asynchronous procedure call", by Hogle, teaches a series of instructions executing within the contexts of different threads; as well as the interactions between the blocked thread and an interrupting thread that interrupts the blocked thread prior to the completion of the task by the second thread.
US 20080109823 A1, "Methods, systems, and computer products for download status notification", by Whitfield, teaches download notification including identifying content for download, requesting a download of the content to a device and requesting a notification related to the status of the download. The notification application may have been previously launched or launches simultaneously with a download request as needed.
US 20190372946 A1, "Electronic evidence transfer", by Nadeau, teaches that the law enforcement agencies can make efficient use of social media and other forms of public communications to make a public appeal for information on crimes and other investigations wherein the public appeals allow members of the public to easily submit information and/or media files from smartphones and other computers in a way that allows the submission to be linked to the public appeal (e.g. the specific case file or the attributes of the case file) so that the submission data can be found and accessed by law enforcement investigators.
US 20090161869 A1, "Method for distributing encrypted digital content", by Chow, teaches a digital content of a source is encrypted via a symmetric key encryption mechanism by using a first public key, so as to generate an encrypted digital content; the first public key is also encrypted to generate an encryption key at the source by using a second public key via an asymmetric key encryption mechanism provided from a destination, so that the encryption key may only be decrypted by using a private key compatible with the second public key at the destination. Therefore, no matter the encrypted digital content is distributed via secure or insecure routes, the ones who are not at the destination cannot access the digital content.
US 10699021 B2, "Method and a device for secure storage of at least one element of digital information, and system comprising such device", by De Oliveira, teaches a method for secure storage of at least one element of digital information, the method comprising the steps of: ciphering with n ciphering keys the at least one element of digital information into a ciphered element of digital information, and transmitting the resultant ciphered element of digital information and the n ciphering keys to n+1 different domains, wherein, for each element of digital information, at least one metadata element is generated that includes at least one additional element of information indicating a creation or modification action of such element of digital information.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to HAN YANG whose telephone number is (408)918-7638.  The examiner can normally be reached on Monday to Friday, 9:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on 571-272-3862.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/HAN YANG/Examiner, Art Unit 2493