Notice of Pre-AIA  or AIA  Status
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Response to Arguments
2.	Applicant’s arguments filed on 09/06/2022, with respect to the 35 U.S.C 103 rejection of claims 1-4, 6, and 7 under as being unpatentable over Hopkins, Sinor, and Reddy in view of Rao; claim 5 under 35 U.S.C. 103 as being unpatentable over Hopkins, Sinor, Reddy, and Rao in view of D'Souza; claims 8 and 10-14 under 35 U.S.C. 103 as being unpatentable over Hopkins and Sinor in view of Kanno; claim 9 under 35 U.S.C. 103 as being unpatentable over Hopkins, Sinor, and Kanno in view of Mo; claims 15, 18, and 20 under 35 U.S.C. 103 as being unpatentable over Hopkins in view of Ogawa; claims 16 and 17 under 35 U.S.C. 103 as being unpatentable over Hopkins and Ogawa in view of Sinor; and claim 19 under 35 U.S.C. 103 as being unpatentable over Hopkins, Ogawa, and Sinor in view of Schulz have been fully considered. However, upon further consideration, a new ground(s) of rejection is made in view of amended claims.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
3.	Claims 1-4, 6 and 7 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Publication No. 20200099515 hereinafter Hopkins in view of U.S. Patent No. 9369443 hereinafter Sinor, and further in view of U.S. Publication No. 20170070506 hereinafter Reddy, and further in view of U.S. Publication No. 10719235 hereinafter Diaconescu.

As per claim 1, Hopkins discloses:
A multistage secure data storage system (Fig. 1a, para 0018 “1Ais a simplified block diagram of a communication system 100a that enables viewing
and/or modifying of client-side encrypted data stored in a cloud, in accordance with an embodiment of the present disclosure. As illustrated in FIG. 1A, an embodiment of communication system 100a can include a client device 102, cloud service provider 104, and a security service provider 106. Client device 102 may be an electronic device and may include memory 110, a processor 112, and input/output (I/O) circuitry 114. Cloud service provider 104 may include memory 130, a cloud security module 134, a web application server 137, and an in- browser web application 135. Memory 130 may include secured storage 138 and temporary storage 140.”),
comprising: a working database (Fig. 1a, element 140);
a long term storage database that stores multiple encrypted records (para 0035 “As illustrated in FIG. 3A, the cloud service provider 304 may include secured storage locations 332, such as Documents folder, and temporary storage locations 340, as depicted by the dotted lines.” Fig. 1a, element 138, para 0020 “Security service provider 106 may be configured to intercept data sent by the client device 102 for storage in the cloud service provider 104, to encrypt the data using a client-side encryption, and to send the client-side encrypted data for storage in secured storage 138 in the cloud.”):
and at least one data storage controller (Fig. 1a, element 106) that:
adds a decrypted version of an encrypted record from the multiple encrypted records from the long term storage database to the working database upon receipt of access authorization to the encrypted record (para 0035 “In response to receiving notification that the client device 302 is requesting to
access to client-side encrypted data 334 stored in the cloud, the security service provider 306 may download the client-side encrypted data to memory 320 or a temporary file location and may decrypt the data by retrieving a client-side encryption key. Subsequent to decrypting the data, the security service provider 306 may upload the decrypted data 338 to the cloud service provider 304 for storage in the temporary storage location 340.” Retrieving the encryption key is an access authorization to the encrypted record);
allows access by an access requestor to the decrypted version of the encrypted record from the working database (para 0035 “The in-browser web application 335 via the plugin/extension 326 or the web application 325 may redirect the client's browser to view and/or modify the decrypted data 338 in the temporary storage location 340, such that the client may view and/or modify the decrypted data via the in-browser web application 335 in the cloud service provider 304.”):
and expunges the decrypted version of the encrypted record from the working database (para 0036 “The security service provider 306 may delete the decrypted data 338 from the temporary storage location 340.”) 

Hopkins does not disclose:
upon receipt of access authorization to the encrypted record from an authorization provider that is an entity separate from an access requestor and does not control the at least one data storage controller
updates an encrypted record in the long term storage database with any changes to a decrypted version of the encrypted record
wherein a long term storage database is communicably isolated from all access requestors other than the at last one data storage controller

Sinor discloses:

updates an encrypted record in the long term storage database with any changes to a decrypted version of the encrypted record (Col. 11 Lines 17-24 “The server/platform then accesses the requested data (which may be a file, record, document, etc.) and prepares it for transmission to the user (step 418). This may involve decrypting previously encrypted data that was protected when stored in a database, etc. in accordance with a data security protocol that is part of the database or data storage element management system (step 420).” Col. 11 Line 56 Col. 12 Line 3 “The user/client receives the data, and may use the client private key to decrypt the data or the portions of the data that they are authorized to access (step 426). Note that if the user is entitled to view and access certain data fields, they may be authorized to edit or modify the data in those fields (step 428). In such a case, the user may perform the desired edits and then save the data. Afterwards the data in those fields may be encrypted using the platform public key prior to transmission to the server/platform over a suitable network (e.g., the Internet or a combination of wired/wireless networks) (step 430). Because the server/platform Is in possession of the corresponding platform private key, the encrypted data may be decrypted and then undergo the normal security processes (such as re- encryption, etc.) to enable its storage in a database or other data storage element.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method enable viewing and/or modifying of client-side encrypted data stored in a cloud of Hopkins to include updates an encrypted record in the long term storage database with any changes to a decrypted version of the encrypted record, as taught by Sinor.
The motivation would have been to securely store an updated data record. 

Hopkins in view of Sinor does not disclose:
upon receipt of access authorization to the encrypted record from an authorization provider that is an entity separate from an access requestor and does not control the at least one data storage controller
wherein a long term storage database is communicably isolated from all access requestors other than the at last one data storage controller

Reddy discloses:
upon receipt of access authorization to the encrypted record from an authorization provider that is an entity separate from an access requestor and does not control the at least one data storage controller (para 0023 “Initially, at step 310, the SECaaS server 130 receives a request from a cloud connector 112
of an enterprise network 110 for authorization information to perform file scanning services, such as malware scanning or data loss protection scanning. If the enterprise network 110 has a business relationship with the provider of the SECaasS server 130 (i.e., a contract for services), the SECaaS server 130 provides the authorization information to the cloud connector 112 at step 320. Once the cloud connector 112 receives the authorization information, the cloud connector 112 may provide the authorization information to other platforms, applications, etc. that the enterprise network 110 owns, has a contract with, or is otherwise associated with.” Para 0025 “In order to validate the files received at step 340, the SECaaS server 130 may need to communicate with the KMS 140 in order to retrieve cryptographic keying material that will allow the SECaasS server 130 to decrypt the received files. In some of these embodiments, such as those embodiments where the SECaaS server 130 and KMS 140 are provided by two different vendors, the SECaaS server 130 needs to verify or authenticate itself with KMS 140 before it retrieves the keying material. In these embodiments, the SECaaS server 130 receives authorization information, such as in the form of a ticket or token, and instructions from the cloud connector 112 to communicate with cloud-based KMS 140 to fetch the cryptographic keying material for decrypting files.” Para 0026 “Once the SECaaS server 130 retrieves the keying materials, the file can be decrypted with the keying material and inspected, scanned, or otherwise analyzed in order to determine if the file is malicious at step 370. After a determination is made as to whether the file is malicious, the SECaaS server 130 may notify the file sharing server 120 as to whether the file is malicious. If the file is not malicious, the SECaaS server 130 may provide approval of the file transfer to the file sharing server at step 380 and if the file is malicious, the SECaaS server 130 may either prevent the file from being downloaded or alert the file sharing server to block the file from being transferred at step 390.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method enable viewing and/or modifying of client-side encrypted data stored in a cloud of Hopkins in view of Sinor to include upon receipt of access authorization to the encrypted record from an authorization provider that is an entity separate from an access requestor and does not control the at least one data storage controller, as taught by Reddy.
The motivation would have been to securely store an decrypted data based on authorization from a separate entity.

Hopkins in view of Sinor and Reddy does not disclose:
wherein a long term storage database is communicably isolated from all access requestors other than the at last one data storage controller

Diaconescu discloses:
wherein a long term storage database is communicably isolated from all access requestors other than the at last one data storage controller (Col. 3 Lines 50-63 “In at least some embodiments, block data storage volumes (or portions of those volumes) may further be stored on one or more remote archival storage systems that are distinct from the server block data storage systems used to store volume copies. In various embodiments, the one or more remote archival storage systems may be provided by the block data storage service (e.g., at a location remote from a data center or other geographical location that has a pool of co-located server block data storage systems), or instead may be provided by a remote long-term storage service and used by the block data storage, and in at least some embodiments the archival storage system may store data in a format other than block data (e.g., may store one or more chunks or portions of a volume as distinct objects).” Col. 10 Line 64- Col. 11 Line 3 “The archival storage systems 222 may also interact with some or all of the computing systems 202, 208, and 220, and in some embodiments may be remote archival storage systems (e.g., of a remote storage service, not shown) that interact with the computing systems over one or more other external networks (not shown).” Col. 11 Lines 35-48 “The archival storage system 222 is operable to execute at least one archival manager module 224 in order to manage operation of one or more of the archival storage systems, such as on behalf of customers of the block data storage service and/or of a distinct storage service that provides the archival storage systems. In other embodiments, the archival manager module(s) 224 may instead be executing on another computing system, such as one of the other computing systems 218 or on the management system 202 in conjunction with the BDS manager module 204. In addition, while not illustrated here, in some embodiments various information about the data that is stored by the archival storage systems 222 may be maintained in storage for the archival storage systems or elsewhere.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method enable viewing and/or modifying of client-side encrypted data stored in a cloud of Hopkins in view of Sinor and Reddy to include wherein a long term storage database is communicably isolated from all access requestors other than the at last one data storage controller, as taught by Diaconescu.
The motivation would have been to securely store an data in isolated manner from an access requestor in order to increase data protection.

As per claim 2, Hopkins in view of Sinor, Reddy and Diaconescu discloses:
The multistage secure data storage system of claim 1, the access requestor accesses the working database via a first computing device; and the authorization provider provides an access authorization via a second computing device (Hopkins para 0035) and (Reddy Fig. 1, para 0012, and 0023, the motivation would have been to have communicate between various entities and devices to receive access authorization). 

As per claim 3, Hopkins in view of Sinor, Reddy and Diaconescu discloses:
The multistage secure data storage system of claim 1 , wherein the at least one data storage controller receives the access authorization from the authorization provider via the access requestor (Hopkins para 0035) and (Sinor Col. 11 Lines 1-27, the motivation would have been to have only authorized entities receive access authorization).

As per claim 4, Hopkins in view of Sinor, Reddy and Diaconescu discloses:
The multistage secure data storage system of claim 1, wherein the at least one data storage controller prompts the authorization provider for the access authorization in response to a request from the access requestor (Sinor Col. 11 Lines 1-27, the motivation would have been to have only authorized entities receive access authorization)..

As per claim 6, Hopkins in view of Sinor, Reddy and Diaconescu discloses:
The multistage secure data storage system of claim 1, wherein each of the multiple encrypted records is separately encrypted (Hopkins para 0035 “As illustrated in FIG. 3A, the cloud service provider 304 may include secured storage locations 332, such as Documents folder, and temporary storage locations 340, as depicted by the dotted lines.” Para 0035 “In some
embodiments, for example, when the client device 302 performs client- encryption, the client device 302 may interface with the cloud service provider 304 via an API to download and upload encrypted and decrypted files between the client device 302 and the cloud service provider 304.”). 

As per claim 7, Hopkins in view of Sinor, Reddy and Diaconescu discloses:
The multistage secure data storage system of claim 1, wherein each of the multiple encrypted records is accessed using separate access authorizations (Sinor Col. 5 Lines 56-58 “In one embodiment, each session is associated with specific session “keys” for use in encrypting and decrypting data.” The motivation would have been to properly protect each file with a unique key to increase file security).

4.	 Claims 5 are rejected under 35 U.S.C. 103 as being unpatentable over Hopkins in view of Sinor, and further in view of Reddy, and further in view of Diaconescu, and further in view of U.S. Publication No. 20120321086 hereinafter D’Souza. 

As per claim 5, Hopkins in view of Sinor, Reddy and Diaconescu discloses:
The multistage secure data storage system of claim 1, the at least one data storage controller (Hopkins Fig. 1a)

Hopkins in view of Sinor, Reddy and Diaconescu does not disclose:
at least one data storage controller receives the access authorization to the encrypted record from an authorization provider that is an entity separate from the access requestor and does not control the at least one data storage controller 

D’Souza discloses:
at least one data storage controller receives the access authorization to the encrypted record from an authorization provider that is an entity separate from the access requestor and does not control the at least one data storage controller (para 0014 “In another embodiment, a data storage system receives a request from a third party to access a user's stored, encrypted data, where the data is stored in the data storage system according to a predefined policy. The encryption on the data prevents the storage system from gaining access to the encrypted data, while the policy allows the encrypted data to be released upon receiving a threshold number of requests from verified third parties. The data storage system sends a query to the verified third parties, requesting permission from the verified third parties to access the user's stored, encrypted data according to the predefined policy. The data storage system receives permission from at least a threshold number of the verified third parties and allows the requesting third party to access the user's stored, encrypted data according to the predefined policy.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method
enable viewing and/or modifying of client-side encrypted data stored in a cloud of Hopkins in view of Sinor, Reddy and Diaconescu to include at least one data storage controller receives the access authorization to the encrypted record from an authorization provider that is an entity separate from the access requestor and does not control the at least one data storage controller, as taught by D'Souza.
The motivation would have been to provide access control to a data storage system.

6. 	Claims 8 and 10-14 are rejected under 35 U.S.C. 103 as being unpatentable over Hopkins in view of Sinor, and further in view of U.S. Publication No. 20190361605 hereinafter Kanno, and further in view of U.S. Publication No. 20110252458 hereinafter Takemura.

As per claim 8, Hopkins discloses:
A multistage secure data storage system (Fig. 1a, para 0018 “1A is a simplified block diagram of a communication system 100a that enables viewing and/or modifying of client-side encrypted data stored in a cloud, in accordance with an embodiment of the present disclosure. As illustrated in FIG. 1A, an embodiment of communication system 100a can include a client device 102, cloud service provider 104, and a security service provider 106. Client device 102 may be an electronic device and may include memory 110, a processor 112, and input/output (I/O) circuitry 114. Cloud service provider 104 may include memory 130, a cloud security module 134, a web application server 137, and an in-
browser web application 185. Memory 130 may include secured storage 138 and temporary storage 140.”),
comprising: 
a first data store (Fig. 1a, element 140);
a second data store (para 0035 “As illustrated in FIG. 3A, the cloud service provider 304 may include secured storage locations 332, such as Documents folder, and temporary storage locations 340, as depicted by the dotted lines.” Fig. 1a, element 138, para 0020 “Security service provider 106 may be configured to intercept data sent by the client device 102 for storage in the cloud service provider 104, to encrypt the data using a client-side encryption, and to send the client-side encrypted data for storage in secured storage 138 in the cloud.”);
at least one non-transitory storage medium that stores instructions; and at least one processor that executes the instructions (para 0031)
decrypt a record from multiple encrypted records stored in the first data store upon receipt of access authorization to the record (para 0035 “In response to receiving notification that the client device 302 is requesting to access to client-side encrypted data 334 stored in the cloud, the security service provider 306 may download the client-side encrypted data to memory 320 or a temporary file location and may decrypt the data by retrieving a client-side encryption key. Subsequent to decrypting the data, the security service provider 306 may upload the decrypted data 338 to the cloud service provider 304 for storage in the temporary storage location 340.” Retrieving the encryption key is an access authorization to the encrypted record);
move a copy of the record to the second data store and allow an access request to the second data store from an access requestor (para 0035 “The in- browser web application 335 via the plugin/extension 326 or the web application 325 may redirect the client's browser to view and/or modify the decrypted data 338 in the temporary storage location 340, such that the client may view and/or modify the decrypted data via the in-browser web application 335 in the cloud service provider 304.”):
and upon occurrence of a time period, delete the copy from the first data store (para 0036 and 0037 “The security service provider 306 may delete the decrypted data 338 from the temporary storage location 340.”) 

Hopkins does not disclose:
	deny access requests to the first data store from the access requestor wherein: 
the multiple encrypted records stored in the first data store are encrypted using at least one first encryption scheme; and 
the copy of the record in the second data store is encrypted using at least one second encryption scheme, the at least one second encryption scheme having a different strength than the at least one first encryption scheme

Sinor discloses:
deny access requests to the first data store from the access requestor (Col. 10 Lines 44-54 “A user request for the data is typically generated by a client application (such as a browser) that identifies the requested data and accesses or generates the user's credentials (Such as username and password)
to provide them to the server/platform on which the data is stored. The client application also generates a “key” pair to be used for purposes of encrypting and decrypting data, in accordance with an embodiment of the invention (step or stage 404). The client application provides a client public key of the key pair to the server/platform along with the user credentials (step 406).”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method enable viewing and/or modifying of client-side encrypted data stored in a cloud of Hopkins to include denying access requests to the first data store from the access requestor, as taught by Sinor.

The motivation would have been to securely authorize access to a data record.

Hopkins in view of Sinor does not disclose:
wherein: the multiple encrypted records stored in the first data store are encrypted using at least one first encryption scheme; 
and the copy of the record in the second data store is encrypted using at least one second encryption scheme, the at least one second encryption scheme having a different strength than the at least one first encryption scheme 

Kanno discloses:
wherein: multiple encrypted records stored in the first data store are encrypted using at least one first encryption scheme; and 
the copy of the record in the second data store is encrypted using at least one second encryption (para 0028 “In general, according to one embodiment, a memory system comprises a nonvolatile memory and a controller electrically connected to the nonvolatile memory. When data is to be written to a first physical storage location of the nonvolatile memory that is designated by a first physical address, the controller encrypts the data with the first physical address and a first encryption key selected from a plurality of keys, and writes the encrypted data to the first physical storage location.” Para 0029 “When the encrypted data is to be copied from the first physical storage location to a second physical storage location of the nonvolatile memory, the controller decrypts the encrypted data with the first physical address and the first encryption key, re-encrypts the decrypted data with a second encryption key selected from the plurality of encryption keys and a copy destination physical address indicative of the second physical storage location, and writes the re-encrypted data to the second physical storage location.” Para 0068 “Encryption of the data (user data) may be executed using different encryption keys for each region, i.e., different encryption keys for each tenant. In other words, the controller 4 manages a management table which manages correspondence between the plural regions and the plural encryption keys and, in a case of receiving a read/write request that designates a certain region ID from the host 2, selects an encryption key associated with the region indicated by the region ID as an encryption key to be used for the data encryption (or decryption).”)
Therefore, it would have been obvious to one of ordinary skill in the art
before the effective filing date of the claimed invention to modify the method
enable viewing and/or modifying of client-side encrypted data stored in a cloud of Hopkins in view of Sinor to include multiple encrypted records stored in the first data store are encrypted using at least one first encryption scheme; and the copy of the record in the second data store is encrypted using at least one second encryption scheme, as taught by Kanno.
The motivation would have been to securely authorize access to a data record. 

Hopkins in view of Sinor and Kanno does not disclose:
at least one second encryption scheme having a different strength than the at least one first encryption scheme 

	Takemura discloses:
at least one second encryption scheme having a different strength than the at least one first encryption scheme (para 0010 “According to an embodiment of the present disclosure, there is provided an information processing device compatible with a first encryption scheme and second encryption scheme having a security strength different from that of the first encryption scheme, the device including an inhibition information receiving section for receiving inhibition information for inhibiting predetermined manipulation from being performed in a storage region of the information processing device using the first encryption scheme from an external device using the second encryption scheme, an inhibition processing section for performing inhibition processing for inhibiting the predetermined manipulation by the inhibition information, a manipulation request receiving section for receiving a manipulation request from the external device or another external device, and a manipulation executing section for executing the requested manipulation if the requested manipulation does not correspond to the predetermined manipulation inhibited by the inhibition information.”)
Therefore, it would have been obvious to one of ordinary skill in the art
before the effective filing date of the claimed invention to modify the method
enable viewing and/or modifying of client-side encrypted data stored in a cloud of Hopkins in view of Sinor and Kanno to include at least one second encryption scheme having a different strength than the at least one first encryption scheme , as taught by Takemura.
The motivation would have been to securely authorize access to a data record. 

As per claim 10, Hopkins in view of Sinor, Kanno and Takemura discloses:
The multistage secure data storage system of claim 8, wherein: decryption of a first record of the multiple encrypted records stored in the first data store uses a first access authorization; and decryption of a second record of the multiple encrypted records stored in the first data store uses a second access authorization (Sinor Col. 10 Lines 33-54 and Col. 11 Lines 1-27, The motivation would have been to increase security of encrypted records in separate databases).

As per claim 11, Hopkins in view of Sinor, Kanno and Takemura discloses:
The multistage secure data storage system of claim 8, wherein the first data store access metrics and the second data store access metrics relate to at least one of frequency, source, or timing (Reddy para 0023, 0024, 0026, 0029, and 0047, i.e., the source, The motivation would have been to properly validate an alarm using metrics based on the source.)

As per claim 12, Hopkins in view of Sinor, Kanno and Takemura discloses:
The multistage secure data storage system of claim 8, wherein the first data store and the second data store are stored in a same storage medium (Hopkins Fig. 1a).

As per claim 13, Hopkins in view of Sinor, Kanno and Takemura discloses:
The multistage secure data storage system of claim 8, wherein the at least one processor is communicably connected to: the first data store via a closed network; and the first data store via an open network (Hopkins Fig. 1a).

As per claim 14, Hopkins in view of Sinor, Kanno and Takemura discloses:
The multistage secure data storage system of claim 8, wherein: the first data store is stored in a first cloud storage partition; and the second data store is stored in a second cloud storage partition (Hopkins Fig. 1a).

6. 	Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Hopkins in view of Sinor, and further in view of Kanno, and further in view of Takemura and further in view of U.S. Publication No. 20200186409 hereinafter Mo.

As per claim 9, Hopkins in view of Sinor, Kanno and Takemura discloses:
The multistage secure data storage system of claim 8, further comprising triggering (Hopkins Fig. 1a)

Hopkins in view of Sinor, Kanno and Takemura does not disclose:
a first alarm if first data store access attempts deviate from first data store access metrics; and a second alarm if second data store access attempts deviate from second data store access metrics 

Mo discloses:
a first alarm if first data store access attempts deviate from first data store access metrics; and a second alarm if second data store access attempts deviate from second data store access metrics  (para 0023 “First, the candidate process should commonly exist in most virtual machines 116. If the process exists in many virtual machines, more virtual machines can be protected than processes that exist in only a smaller number of virtual machines. Second, candidate processes should relate to network behaviors. In many virtual computing systems, most alarms are related to network behaviors, so selecting processes that relate to network behaviors will capture these alarms. Third, processes that have been utilized by previous attacks are good candidates for selection. If a process has been compromised in the past, it is likely to be attacked again in the future.” para 0044 “Abnormal alarms can be handled differently than normal alarms in some embodiments. For example, an abnormal alarm may be handled more critically than a normal alarm. An abnormal alarm may generate a warning to a user or administrator that the alarm needs to be addressed immediately. A normal alarm may generate a different type of warning, and some normal alarms may not need to be addressed immediately. A user or system administrator can create procedures or rules on how different alarms should be handled. In addition, a remediation broker or another component of the system may automatically take one or more actions to address an alarm. Categorizing alarms as either normal or abnormal improves functionality of the system by handling more critical alarms differently than less critical alarms. More critical alarms may be handled more urgently than less critical alarms. Less critical alarms may be held for review and remediation later. A score for each alarm also alerts a user or administrator how critical the alarm is compared to an alarm with a different score.” para 0045 “ First, an alarm 310 occurs and is received by cloud manager 204. The alarm 310 is generated when a process performs an action that deviates from a stored intended state of the process. Cloud manager stores the alarm 310 in cloud manager database 302.” Para 0051 “The method 400 begins at step 410 where an alarm data related to a process is received and stored in a database. The alarm data comprises one or more features. The method then proceeds to step 420 where intended state information for the process is retrieved. The intended state information is retrieved by cloud manager 204 in one embodiment. The method then proceeds to step 430 where the one or more features of the alarm data are compared to the intended state information by alarm scoring engine 206 to determine if the alarm is an outlier. At step 440, a score comprising a normal score is computed if the alarm is not an outlier and a score comprising an abnormal score is computed if the alarm is an outlier by the alarm scoring engine 206. At step 450, cloud manager 204 sends a notification for the alarm and the computed score to an administrator or other user of the system.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method enable viewing and/or modifying of client-side encrypted data stored in a cloud of Hopkins in view of Sinor, Kanno and Takemura to include to and trigger: a first alarm if first data store access attempts deviate from first data store access metrics; and a second alarm if second data store access attempts deviate from second data store access metrics, as taught by Mo.
The motivation would have been to determine how to analyze various types of alarms.

7. 	Claim 15 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Hopkins in view of U.S. Publication No. 20170286463 hereinafter Witt. 

As per claim 15, Hopkins discloses:
A method for operating a multistage secure data storage system (Fig. 1a, para 0018 “Fig. 1A is a simplified block diagram of a communication system 100a that enables viewing and/or modifying of client-side encrypted data stored in a cloud, in accordance with an embodiment of the present disclosure. As illustrated in FIG. 1A, an embodiment of communication system 100a can include a Client device 102, cloud service provider 104, and a security service provider
106. Client device 102 may be an electronic device and may include memory
110, a processor 112, and input/output (I/O) circuitry 114. Cloud service provider 104 may include memory 130, a cloud security module 134, a web application server 137, and an in-browser web application 185. Memory 130 may include secured storage 138 and temporary storage 140.”),
comprising: 
a working database (Fig. 1a, element 140);
maintaining multiple records in a long term storage database (para 0035 “As illustrated in FIG. 3A, the cloud service provider 304 may include secured storage locations 332, such as Documents folder, and temporary storage locations 340, as depicted by the dotted lines.” Fig. 1a, element 138, para 0020 “Security service provider 106 may be configured to intercept data sent by the client device 102 for storage in the cloud service provider 104, to encrypt the data using a client-side encryption, and to send the client-side encrypted data for storage in secured storage 138 in the cloud.”):
upon receiving access authorization to a record of the multiple records, moving a copy of the record to a short term storage database (para 0035 “In response to receiving notification that the client device 302 is requesting to access to client-side encrypted data 334 stored in the cloud, the security service provider 306 may download the client-side encrypted data to memory 320 or a temporary file location and may decrypt the data by retrieving a client-side encryption key. Subsequent to decrypting the data, the security service provider 306 may upload the decrypted data 338 to the cloud service provider 304 for storage in the temporary storage location 340.” Retrieving the encryption key is an access authorization to the encrypted record);
and allowing an access requestor access to the copy of the record in the short term storage database (para 0035 “The in-browser web application 335 via the plugin/extension 326 or the web application 325 may redirect the client's browser to view and/or modify the decrypted data 338 in the temporary storage location 340, such that the client may view and/or modify the decrypted data via the in-browser web application 335 in the cloud service provider 304. In some embodiments, for example, when the client device 302 performs client-encryption, the client device 302 may interface with the cloud service provider 304 via an API to download and upload encrypted and decrypted files between the client device 302 and the cloud service provider 304.”) 
purging the copy of the record from the short term storage database ( “Subsequent to encrypting the modified data, the security service provider 306 may upload and synchronize the client-side encrypted modified data 333 to the original secured storage location 332 of the client-side encrypted data (e.g., data 334 of FIG. 3A), such that the original data is replaced by the modified data. The security service provider 306 may delete the decrypted data 338 from the temporary storage location 340.”).

Hopkins does not disclose:
purging a copy of the record from after expiration of a time period

Witt discloses:
purging a copy of the record from after expiration of a time period (para 0037 “In one example, each time a file is deleted or modified, a copy of the file (e.g., prior to the modification or deletion) may be created and saved to tape. Accordingly, a corresponding index record can be created for inclusion in the index database (e.g., 150). In some cases, this copy may be a temporary copy, scheduled for deletion after an expiration of time or another event.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method enable viewing and/or modifying of client-side encrypted data stored in a cloud of Hopkins to include purging a copy of the record from after expiration of a time period, as taught by Witt.
The motivation would have been to properly delete temporary copies in order to control database storage.

As per claim 18, Hopkins in view of Witt discloses:
The method of claim 15, wherein: the customer service agent accesses the short term storage database via a first computing device; and the customer provides the access authorization via a second computing device (Hopkins Fig. 1a, 0034 and 0035)

8. 	Claims 16 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Hopkins in view of Witt, and in view of Sinor. 

As per claim 16, Hopkins in view of Ogawa discloses:
The method of claim 15, further comprising: determining that the access requestor (Hopkins para 0035)

Hopkins in view of Witt does not disclose:
determining that the access requestor made a modification to the copy of the record in the short term storage database; and updating the record in the long term storage database using the modification 

Sinor discloses:
determining that the access requestor made a modification to the copy of the record in the short term storage database; and updating the record in the long term storage database using the modification (Col. 11 Lines 17-24 “The server/platform then accesses the requested data (which may be a file, record,
document, etc.) and prepares it for transmission to the user (step 418). This may involve decrypting previously encrypted data that was protected when stored in a database, etc. in accordance with a data security protocol that is part of the database or data storage element management system (step 420).” Col. 11 Line 56 Col. 12 Line 3 “The user/client receives the data, and may use the client private key to decrypt the data or the portions of the data that they are authorized to access (step 426). Note that if the user is entitled to view and access certain data fields, they may be authorized to edit or modify the data in those fields (step 428). In such a case, the user may perform the desired edits and then save the data. Afterwards the data in those fields may be encrypted using the platform public key prior to transmission to the server/platform over a suitable network (e.g., the Internet or a combination of wired/wireless networks) (step 480). Because the server/platform is in possession of the corresponding platform private key, the encrypted data may be decrypted and then undergo the normal security processes (such as re-encryption, etc.) to enable its storage in a database or other data storage element.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method enable viewing and/or modifying of client-side encrypted data stored in a cloud of Hopkins in view of Witt to include determining that the access requestor made a modification to the copy of the record in the short term storage database; and updating the record in the long term storage database using the modification, as taught by Sinor.
The motivation would have been to securely store an updated data record. 

As per claim 17, Hopkins in view of Ogawa and Sinor discloses: 
The method of claim 16, wherein the modification comprises at least one of: updating an address; or updating payment information (Hopkins para 0036).

9. 	Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over Hopkins in view of Witt, and in view of Sinor, and further in view of U.S. Publication No. 20080046477 hereinafter Schulz. 

As per claim 19, Hopkins in view of Witt and Sinor discloses: 
The method of claim 15, wherein the multiple records (Hopkins para 0035) 
Hopkins in view of Ogawa and Sinor does not disclose: 
multiple records are telecommunication company records 

Schulz discloses:
multiple records are telecommunication company records (para 0008 and 0079 “The OCN parameter may be used to identify data records associated with a particular telecommunications company.”) 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method enable viewing and/or modifying of client-side encrypted data stored in a cloud of
Hopkins in view of Ogawa and Sinor to include multiple records are telecommunication company records, as taught by Schulz.
The motivation would have been to have a database store data records with telecommunication companies.

10. 	Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Hopkins in view of Witt, and further in view of U.S. Publication No. 20180189501 hereinafter Ogawa.

As per claim 20, Hopkins in view of Witt discloses:
The method of claim 15, where a connection (Hopkins Fig. 1a, para 0018)

Hopkins in view of Witt does not disclose:
a long term storage database is via a closed network; and the short term storage database is via an open network

Ogawa discloses:
a long term storage database is via a closed network; and the short term storage database is via an open network (para 0022 “As. In FIG. 1, a graphic of a system of transferring data from a cloud-based database to a private network database for long-term storage in accordance an embodiment of the present application is illustrated. This system is shown in various views and in different functions throughout the remaining several Figures. The system includes an online cloud endpoint and a 301 private facility or physical and/or local private application server 330.” Para 0025 “The method by which this is accomplished is by not storing all of the submitted data to the cloud. The only data stored in the cloud is the bare amount of information required for the student to be able to use the service from their smart device. The rest of the data in its entirety is selectively encrypted and stored on a database in the cloud for a temporary period of time before being transferred to a private facility for long term storage, or use by the staff of the company within means of the terms and conditions stated in the license agreement for that service.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method enable viewing and/or modifying of client-side encrypted data stored in a cloud of Hopkins in view of Witt to include wherein connection to: a long term storage database is via a closed network; and the short term storage database is via an open network, as taught by Ogawa.
The motivation would have been to provide stronger security for data stored long term shortage as opposed to short term storage.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 


Any inquiry concerning this communication or earlier communications from the examiner should be directed to GARY S GRACIA whose telephone number is (571)270-5192. The examiner can normally be reached Monday-Friday 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/GARY S GRACIA/Primary Examiner, Art Unit 2499