Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

	DETAILED ACTION
Response to Amendment
This action is in response to an amendment filed July 27, 2022. Claims 32, 49, and 51 have been amended. Claims 32-51 remain pending in this application.

Response to Arguments
Applicant’s arguments, see Remarks, filed July 27, 2022, with respect to the rejection(s) of the claim(s) have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of Sawhney et al. (US 8,370,312 B1).

Claim Rejections- 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 32-38 and 40-51  is/are rejected under 35 U.S.C. 103 as being unpatentable over Ponsford et al. (WO 2014/108183 A1, from Applicant(s) IDS filed June 29, 2020), in view of Sawhney et al. (US 8,370,312 B1).
With respect to claim 32, Ponsford discloses a method for cryptographically secure storing of a file using a web application executed by a web browser on a user computer system of a user (Abstract and pg. 9, lines 11-12, encrypting file and storing fragments) the method comprising 
- invoking the web application from a web server computer system over a network by the web browser on the user computer system (pg. 13, line 27 to pg. 14, lines 9, user controls storage system through web interface via web browser), 
- fragmenting the encrypted file on the user computer system by the web application into a plurality of file fragments by the error correction method according to “the” distribution plan, wherein at least one of the file fragments includes error correction bits (pg. 20, lines 29 to pg. 21, lines 30 and pg. 22, lines 12-21, identifying a strategy for allocation of fragments to remote storage; this corrects any potential storage failures that may occur), 
- sending the resulting file fragments by the web application over the network to the storage services identified by “the” distribution plan, wherein an authorization token is provided by the web server computer system for each of the storage services as proof of authorization to store the corresponding file fragment (pg. 22, lines 1-30 and pg. 23, lines 1-30, encrypted file fragments across different storage volumes are authenticated as appropriate);
Ponsford does not explicitly teach:
encrypting the file with a cryptographic key locally on the user computer system using the web application; 
- providing a distribution plan by the web application, wherein the distribution plan comprises instructions for fragmenting the file into a plurality of file fragments by means of an error correction method and identifiers of a plurality of mutually independent storage services in whose non-volatile storage media the generated file fragments are to be stored;
However, Sawhney discloses:
encrypting the file with a cryptographic key locally on the user computer system using the web application (Col. 10, lines 27-32, client device is instructed to encrypt encoded data); 
- providing a distribution plan by the web application, wherein the distribution plan comprises instructions for fragmenting the file into a plurality of file fragments by means of an error correction method and identifiers of a plurality of mutually independent storage services in whose non-volatile storage media the generated file fragments are to be stored (Col. 1, lines 59-67 and Col. 10, lines 14-52, data object is fragmented and the fragments are dispersed by Internet-based storage systems; wherein data is stored on storage system using error-correction algorithm); 
Therefore, it would have been obvious to one of ordinary skill in the art, at the time the invention was filed, to combine the teachings of Ponsford with the teachings of Sawhney and encrypt the file locally on the user computer system, in order to maintain the security and integrity of the file and its fragments during distribution of the file fragments to various storage systems.
With respect to claim 33, the combination of Ponsford and Sawhney discloses the method of claim 32, wherein Ponsford discloses the web server computer system provides a service via the web application (pg. 38, lines 10-11, web services available for use by client applications), wherein the file to be stored comprises data generated and/or used in the course of executing the service (Abstract). 
With respect to claim 34, the combination of Ponsford and Sawhney discloses the method of claim 32, wherein Ponsford discloses the providing of “the” distribution plan comprises generating “the” distribution plan on the user computer system by the web application (pg. 20, line 29 to pg. 21, line 30 and pg. 22, line 12-21, strategy for distribution of fragments).
With respect to claim 35, the combination of Ponsford and Sawhney discloses the method of claim 32, wherein Ponsford discloses the providing of “the” distribution plan comprises receiving “the” distribution plan on the user computer system by the web application (pg. 20, line 29 to pg. 21, line 30).
With respect to claim 36, the combination of Ponsford and Sawhney discloses the method of claim 32, wherein Ponsford discloses the method further comprising sending “the” distribution plan from the web application over the network to a file management server computer system for storage, and/or
encrypting “the” distribution plan (pg. 20, line 29 to pg. 21, line 30).
With respect to claim 37, the combination of Ponsford and Sawhney discloses the method of claim 32, wherein Ponsford discloses the authorization tokens are received by the web application on the user computer system from the file management server computer system (pg. 9, lines 14-21 and pg. 18, lines 9-15, returning a session token to a user after validation occurs), wherein the received authorization tokens comprise an authorization token of each of the plurality of storage services identified in the distribution plan, which were requested by the file management server computer system on command of the web server computer system and forwarded to the user computer system (pg. 15, lines 12-18, session token is needed for all communications between client and storage system).
With respect to claim 38, the combination of Ponsford and Sawhney discloses the method of claim 37, wherein Ponsford discloses the receiving of the authorization tokens requires successful authentication of the web server computer system against the file management server computer system (pg. 15, lines 12-18).
With respect to claim 40, the combination of Ponsford and Sawhney discloses the method of claim 32, wherein Ponsford discloses the method further comprising creating reference data, which are associated with the file, serve to reconstruct the file from the distributedly stored data fragments and are stored by the web server computer system (pg. 15, lines 20-31, data management store may store various information used for data access such as file details and location of file fragments). 
With respect to claim 41, the combination of Ponsford and Sawhney discloses the method of claim 32, wherein Ponsford discloses the reference data comprises: an identifier of the user, an identifier of the file, an identifier of “the” distribution plan, an identifier of a cryptographic key for decrypting the encrypted file, an identifier of a cryptographic key for decrypting “the” encrypted distribution plan, a hash value of the complete file and/or hash values of the stored file fragments (pg. 15, lines 20-31); and/or
wherein the reference data is stored by the web server computer system in a cryptographically secure form (pg. 15, lines 20-31); and/or
wherein the web application communicates the reference data to a server module for managing reference data, which is executed by a processor of the web server computer system (pg. 15, lines 20-31, wherein data is accessible via administration module); and/or
wherein the reference data is stored by the web server computer system in a reference list comprising a plurality of reference data for a plurality of files of different users of the web application (pg. 15, lines 20-31).
With respect to claim 42, the combination of Ponsford and Sawhney discloses the method of claim 32, wherein Ponsford discloses the method further comprising authenticating the user against the web server computer system (pg. 9, lines 14-21); and/or
wherein one or more modules for a distributed storage of the file on the storage services are integrated into the web application (pg. 13, line 27 to pg. 14, line 9), and wherein the encryption, fragmentation and transmission are performed by executing the modules of the web application in the web browser by a processor of the user computer system (pg. 13, line 27 to pg. 14, line 9).
With respect to claim 43, the combination of Ponsford and Sawhney discloses the method of claim 32, wherein Ponsford discloses the method for downloading the cryptographically secured stored file using the web application executed by the web browser on the user computer system (Abstract) further comprises: 
- invoking the web application from the web server computer system over the network by the web browser on the user computer system (pg. 13, line 27 to pg. 14, lines 9, user controls storage system through web interface via web browser), 
- providing “the” distribution plan of the distributedly stored file by the web application, wherein “the” distribution plan comprises instructions for defragmenting the file from a plurality of file fragments by means of an error correction method and identifiers of the plurality of mutually independent storage services in whose non-volatile storage media the file fragments are stored (pg. 20, lines 29 to pg. 21, lines 30 and pg. 22, lines 12-21, identifying a strategy for allocation of fragments to remote storage; this corrects any potential storage failures that may occur), 
- providing by the web server computer system an authorization token of each of the storage services of at least a selection of the storage services in whose non-volatile storage media the file fragments are stored (pg. 9, lines 14-21 and pg. 18, lines 9-15, returning a session token to a user after validation occurs), wherein the file fragments included in the selection of the storage services are sufficient for a complete reconstruction of the file (pg. 17, lines 1-4 and pg. 22, lines 12-21), 
- downloading the file fragments from the individual storage services using the authorization tokens as proof of authorization for downloading (pg. 38, line 23 to pg. 40, line 23), 
- defragmenting the encrypted file from the file fragments on the user computer system by the web application using the error correction method in accordance with the distribution plan (pg. 17, lines 1-4 and pg. 22, lines 12-21, combining file fragments and correcting any potential storage failures when they occur), 
- decrypting the encrypted file with a cryptographic key on the user computer system by the web application (pg. 22, lines 23-29, decrypting file fragments).
With respect to claim 44, the combination of Ponsford and Sawhney discloses the method of claim 43, wherein Ponsford discloses the web server computer system provides a service via the web application, and wherein data included in the downloaded file is used in the course of execution of the service by the web application (Abstract); and/or
wherein the providing of “the” distribution plan comprises receiving the distribution plan from the file management server computer system on the user computer system by the web application (pg. 20, line 29 to pg. 21, line 30), and/or
wherein the distribution plan is provided in encrypted form, and the providing further comprises decrypting “the” distribution plan on the user computer system by the web application (pg. 20, line 29 to pg. 21, line 30).
With respect to claim 45, the combination of Ponsford and Sawhney discloses the method of claim 43, wherein Ponsford discloses the providing of the authorization tokens on the user computer system by the web application comprises receiving the authorization tokens from the file management server computer system (pg. 9, lines 14-21 and pg. 18, lines 9-15), which were requested by the file management server computer system on command of the web server computer system and forwarded to the user computer system (pg. 9, lines 14-21 and pg. 18, lines 9-15).
With respect to claim 46, the combination of Ponsford and Sawhney discloses the method of claim 45, wherein Ponsford discloses receiving the authorization tokens requires successful authentication of the web server computer system against the file management server computer system (pg. 9, lines 14-21 and pg. 18, lines 9-15).
With respect to claim 47, the combination of Ponsford and Sawhney discloses the method of claim 42, wherein Ponsford discloses the downloading of the file fragments by the web application from the identified storage services is performed bypassing the web server computer system and/or the file management server computer system (pg. 13, line 27 to pg. 14, line 9, pg. 17, lines 1-4, and pg. 22, lines 12-21, web interface via web browser); and/or
the method further comprising receiving reference data associated with the file to be downloaded and serving to reconstruct the file from the distributedly stored file fragments, from the web server computer system by the web application on the user computer system (pg. 13, line 27 to pg. 14, line 9, pg. 17, lines 1-4, and pg. 22, lines 12-21); and/or 
wherein the downloading of the file requires successful authentication of the user against the web server computer system (pg. 38, line 23 to pg. 40, line 23); and/or
wherein one or more modules for a distributed storage of the file on the storage services are integrated into the web application and wherein the downloading, defragmentation and decryption are performed by executing the modules of the web application in the web browser by the processor of the user computer system (pg. 13, line 27 to pg. 14, line 9, pg. 17, lines 1-4, and pg. 22, lines 12-21, web interface via web browser).
With respect to claim 48, the combination of Ponsford and Sawhney discloses the method of claim 32, wherein Ponsford discloses the method is executed on a user computer system comprising a processor, a network interface for operatively coupling the user computer system to a web server computer system and the storage services over the network, wherein the user computer system comprises a storage medium having the web browser executable by the processor, the web browser being configured to execute said method (pg. 13, line 27 to pg. 14, line 9, web interface via web browser). 
With respect to claim 49, Ponsford discloses a web server computer system comprising a first processor, a first network interface for operatively coupling the web server computer system to a user computer system, the web server computer system comprising a first storage medium containing first program instructions, wherein the first program instructions are configured, when executed by the processor, to send program instructions for executing a web application in a web browser on the user computer system over a network to the user computer system in response to receiving an invocation of a web application from a web browser on the user computer system over the network (Abstract), wherein the web application is configured to perform the following method for cryptographically secure storing a file: 
- fragmenting the encrypted file on the user computer system by the web application into a plurality of file fragments by the error correction method according to “the” distribution plan, wherein at least one of the file fragments includes error correction bits (pg. 20, lines 29 to pg. 21, lines 30 and pg. 22, lines 12-21, identifying a strategy for allocation of fragments to remote storage; this corrects any potential storage failures that may occur), 
- sending the resulting file fragments by the web application over the network to the storage services identified by “the” distribution plan, wherein an authorization token is provided by the web server computer system for each of the storage services as proof of authorization to store the corresponding file fragment (pg. 22, lines 1-30 and pg. 23, lines 1-30, encrypted file fragments across different storage volumes are authenticated as appropriate);
Ponsford does not explicitly teach:
encrypting the file with a cryptographic key locally on the user computer system using the web application; 
- providing a distribution plan by the web application, wherein the distribution plan comprises instructions for fragmenting the file into a plurality of file fragments by means of an error correction method and identifiers of a plurality of storage services in whose non-volatile storage media the generated file fragments are to be stored;
However, Sawhney discloses:
encrypting the file with a cryptographic key locally on the user computer system using the web application (Col. 10, lines 27-32, client device is instructed to encrypt encoded data); 
- providing a distribution plan by the web application, wherein the distribution plan comprises instructions for fragmenting the file into a plurality of file fragments by means of an error correction method and identifiers of a plurality of storage services in whose non-volatile storage media the generated file fragments are to be stored (Col. 1, lines 59-67 and Col. 10, lines 14-52, data object is fragmented and the fragments are dispersed by Internet-based storage systems; wherein data is stored on storage system using error-correction algorithm); 
Therefore, it would have been obvious to one of ordinary skill in the art, at the time the invention was filed, to combine the teachings of Ponsford with the teachings of Sawhney and encrypt the file locally on the user computer system, in order to maintain the security and integrity of the file and its fragments during distribution of the file fragments to various storage systems.
With respect to claim 50, the combination of Ponsford and Sawhney discloses the web server computer system of claim 49, wherein Ponsford discloses the web server computer system is further configured to provide a service via the web application (pg. 38, lines 10-11, web services available for use by client applications), wherein the file to be stored is generated in a course of execution of the service by the web application (Abstract).
With respect to claim 51, the combination of Ponsford and Sawhney discloses a file management server computer system comprising a second processor, a second network interface for operatively coupling the file management server computer system to the web server computer system of claim 49, to the user computer system and to the plurality of storage services over the network, wherein Ponsford discloses the file management server computer system comprises a second storage medium having second program instructions, the second program instructions being configured, when executed by the second processor (Abstract), to perform the following method for cryptographically secure storing the file: 
- receiving an authorization request from the web server computer system to store file fragments of the file over the network in the plurality of storage services according to “the” distribution plan, wherein the file management server computer system does not provide any of the storage services (pg. 18, lines 9-15, requesting validation of storage of file fragment data), 
- in response to receiving the authorization request, requesting a respective authorization token from each of the multiple storage services and forwarding the authorization tokens received in response to the request to the user computer system (pg. 9, lines 14-21 and pg. 18, lines 9-15, returning a session token to a user after validation occurs), 
- storing “the” distribution plan (pg. 20, line 29 to pg. 21, line 30 and pg. 22, lines 12-21, strategy for allocation of fragments), “the” distribution plan comprising instructions for defragmenting the file from the plurality of file fragments by means of the error correction method and the identifiers of the plurality of storage services in whose non-volatile storage media the file fragments are stored (pg. 17, lines 1-4 and pg. 22, lines 12-21, combining file fragments and correcting any potential storage failures when they occur). 

Claim 39 is/are rejected under 35 U.S.C. 103 as being unpatentable over Ponsford et al. (WO 2014/108183 A1, from Applicant(s) IDS filed June 29, 2020), in view of Sawhney et al. (US 8,370,312 B1), and further in view of Schnjakin et al. (US 2017/0293766 A1).

With respect to claim 39, Ponsford discloses the method of claim 32, wherein the sending of the file fragments by the web application to the identified storage services is performed bypassing the web server computer system and/or the file management server computer system (pg. 20, line 29 to pg. 21, lines 30 and pg. 22, lines 12-21, storage strategies which include allocating fragments to remote storage providers by a storage manager);
 Ponsford does not explicitly teach:
wherein the authorization tokens are implemented as URLs each enabling direct read access to a storage location identified by the URL on one of the storage media of one of the storage services;
However, Schnjakin discloses wherein the authorization tokens are implemented as URLs each enabling direct read access to a storage location identified by the URL on one of the storage media of one of the storage services ([0167], authorization tokens in the form of URLs);
Therefore, it would have been obvious to one of ordinary skill in the art, at the time the invention was filed, to combine the teachings of Ponsford with the teachings of Schnjakin and implement authorization tokens as URLs, in order to access storage spaces that are also identified by URLs (Schnjakin, [0067]).



Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ESTHER B. HENDERSON whose telephone number is (571)270-3807. The examiner can normally be reached Monday-Friday 6a-2p ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kevin T. Bates can be reached on 571-272-3980. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ESTHER B. HENDERSON/Primary Examiner, Art Unit 2458             
October 20, 2022