DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is in response to the application filed on 06/23/2021. This application is a continuation (CON) of the patent US 11,080,408 B2.
Claims 1-20 are currently pending in this application.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 06/23/2021 was filed.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(B)  CONCLUSION. — The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. 

Claims 1-20 are rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which applicant regards as the invention.
Claims 1 and 8 recite:
“… determining (determine) … whether to bypass a service … based on a determination to bypass the service …”, however, it is not clear whether “a determination” is the same as the determining function performed before or a process performed in addition to the determining performed before;
“… receiving a request to store data of a customer … whether to bypass a service to encrypt data …”, however, it is not clear whether “data” included in two different location are the same or not.
Claims 2-7 and 9-14 depend from the claim 1 or 8, and are analyzed and rejected accordingly.
Claims 2 and 9 recite “… the data is encrypted …”, however, it is not clear whether the data is encrypted even though the service to encrypt the data is determined to bypass (or ignoring the result of the determination).
Claims 3 and 10 recite “… generating the arbitrary number randomly … to store the data”, however, it is not clear how the generated arbitrary number is used to store the data (or it is not clear to define a boundary of the claim).
Claims 4 and 11 recite “… temporarily encrypting the data …”, however, it is not clear whether the data is temporarily encrypted even though the service to encrypt the data is determined to bypass (e.g., ignoring the result of the determination or “the temporarily encrypting” is not defined as “an encrypting”).
Claims 5 and 12 recite “… receiving an encrypted version of the data …”, however, it is not clear whether the data is encrypted to receive the encrypted version even though the service to encrypt the data is determined to bypass (or ignoring the result of the determination).
Claims 7 and 14 recite “… based on whether the size of the data to be stored satisfies a threshold …”, however, it is not clear how to satisfy the threshold (e.g., have to be the same or it is not clear to define a boundary of the claim).

   Claim 15 recites “… generating an input to encrypt the data; temporarily encrypting the data and the input using … transmitting the temporarily encrypted data and input to a service for encryption, wherein the temporarily encrypted data and input are decrypted …”, however, it is not clear (1) how the generated input is used to encrypt the data; (2) what is difference between “temporarily encrypting” and “encrypting”; (3) whether decrypting the temporarily encrypted data and input is the process of the service for encryption or not (or omitting necessary process(es)/component(s) which cause the limitations unclear).
Claims 16-20 depend from the claim 15, and are analyzed and rejected accordingly.
Claim 16 recites “… the service is configured to retrieve an encrypted private key … generate an encrypted version of the data using the input and a decrypted customer-specific key”, however, it is not clear whether “the retrieved encrypted private key” has any relationship (or the same, retrieved based on, etc.) with “the decrypted customer-specific key” (or it is not clear to define a boundary of the claim).
Claim 20 recites “… based on whether the size of the data to be stored satisfies a threshold …”, however, it is not clear how to satisfy the threshold (e.g., have to be the same or it is not clear to define a boundary of the claim).

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.  A nonstatutory double patenting rejection is appropriate where the claims at issue are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO internet Web site contains terminal disclaimer forms which may be used.  Please visit http://www.uspto.gov/forms/.  The filing date of the application will determine what form should be used.  A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission.  For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.

A later patent claim is not patentably distinct from an earlier patent claim if the later claim is obvious over, or anticipated by, the earlier claim.  In re Longi, 759 F.2d at 896, 225 USPQ at 651 (affirming a holding of obviousness-type double patenting because the claims at issue were obvious over claims in four prior art patents); In re Berg, 140 F.3d at 1437, 46 USPQ2d at 1233 (Fed. Cir. 1998) (affirming a holding of obviousness-type double patenting where a patent application claim to a genus is anticipated by a patent claim to a species within that genus). “ELI LILLY AND COMPANY v BARR LABORATORIES, INC., United States Court of Appeals for the Federal Circuit”, ON PETITION FOR REHEARING EN BANC (DECIDED:  May 30, 2001).
Claim 1-6, 15, 16, 18 and 19 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-3, 6 and 7 of the Patent No. US 10,438,006 B2. Although the claims at issue are not identical, they are not patentably distinct from each other.
Current Application No. 17/355297
Reference Patent No. US 10,438,006 B2
Claim 1: A computer-implemented method comprising:
receiving a request to store data of a customer, the request comprising the data to be stored;


determining, based on at least one of a plurality of criteria, whether to bypass a service to encrypt data, the plurality of criteria including a size of the data to be stored; and
based on a determination to bypass the service, sending the data to a remote key vault instead of the service.

Claim 1: A method of secure storage, comprising:
receiving a request to securely store data associated with a customer, the request comprising data to be stored; …
Claim 6: The method of claim 1, further comprising:
determining, based on evaluating at least one of a plurality of criteria, whether to bypass the encryption service, wherein the plurality of criteria includes a size of the data to be stored, …; and
based on a determination to bypass the encryption service: transmitting the data to be stored and the initialization vector to the remote key vault, …
Claim 2: The computer-implemented method of claim 1, wherein the data is encrypted based on an arbitrary number and information stored in a partition of the remote key vault for the customer.
Claim 2: The method of claim 1, wherein the initialization vector is randomly generated ...
Claim 6: The method of claim 1, …
wherein the remote key vault is configured to generate the encrypted version of the data using the initialization vector (randomly generated or arbitrary number) and based on the customer-specific partition of the remote key vault,
Claim 3: The computer-implemented method of claim 2, further comprising: generating the arbitrary number randomly based on receiving the request to store the data.
Claim 2: The method of claim 1, wherein the initialization vector is randomly generated based on receiving the request to securely store the data.
Claim 4: The computer-implemented method of claim 1, further comprising: temporarily encrypting the data and an arbitrary number using a pre-shared key.
Claim 3: The method of claim 1, further comprising: temporarily encrypting the data to be stored using a pre-shared key and transmitting the temporarily encrypted data to be stored and the initialization vector (or arbitrary number -see claim 2 above) to the encryption service, ...
Claim 5: The computer-implemented method of claim 1, further comprising:
receiving an encrypted version of the data from the remote key vault; and storing the encrypted version of the data in a database.
Claim 6: The method of claim 1, further comprising: …
… and receiving the encrypted version of the data to be stored (equivalent to storing the encrypted version) from the remote key vault.
Claim 6: The computer-implemented method of claim 1, wherein the request further specifies a partition of the remote key vault for the customer.
Claim 7: The method of claim 1, wherein the request further specifies the encrypted private key or the customer-specific partition of the remote key vault.
Claim 15: A computer-implemented method comprising:
receiving a request to store data of a customer, the request comprising the data to be stored;
generating an input to encrypt the data;




temporarily encrypting the data and the input using a pre-shared key; and
transmitting the temporarily encrypted data and input to a service for encryption,
wherein the temporarily encrypted data and input are decrypted with use of the pre-shared key.
Claim 1: A method of secure storage, comprising:
receiving a request to securely store data associated with a customer, the request comprising data to be stored;
generating an initialization vector (equivalent to an input) to be used during encryption of the data to be stored;
Claim 3: The method of claim 1, further comprising:
temporarily encrypting the data to be stored using a pre-shared key and transmitting the temporarily encrypted data to be stored and the initialization vector to the encryption service,
wherein the encryption service is further configured to decrypt the temporarily encrypted data to be stored using the pre-shared key.
Claim 16: The computer-implemented method of claim 15, wherein the service is configured to retrieve an encrypted private key from a secure data store associated with the service, and generate an encrypted version of the data using the input and a decrypted customer-specific key.
Claim 1: A method of secure storage, comprising: … wherein the encryption service is configured to, based on receiving the data to be stored and the initialization vector, retrieve an encrypted private key from a first secure data store associated with the encryption service, and generate an encrypted version of the data to be stored using the initialization vector and a decrypted customer-specific key, …
Claim 18: The computer-implemented method of claim 15, wherein the input is an initialization vector and the generating the input comprises generating the input randomly based on receiving the request to store the data.
Claim 1: A method of secure storage, comprising: … generating an initialization vector to be used during encryption … Claim 2: The method of claim 1, wherein the initialization vector is randomly generated based on receiving the request to securely store the data.
Claim 19: The computer-implemented method of claim 15, further comprising:
determining, based on evaluating at least one of a plurality of criteria, not to bypass the service, wherein the plurality of criteria includes a size of the data to be stored.
Claim 6: The method of claim 1, further comprising:
determining, based on evaluating at least one of a plurality of criteria, whether to bypass the encryption service, wherein the plurality of criteria includes a size of the data to be stored …


Claim 1-10 and 12-15 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-3 and 5-13 of the Patent No. US 11,080,408 B2. Although the claims at issue are not identical, they are not patentably distinct from each other.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1-15 and 17-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Roth et al. (US 2015/0006890 A1).

As per claim 1, Roth teaches a computer-implemented method [see the abstract] comprising:
receiving a request to store data of a customer, the request comprising the data to be stored [figs. 1-4; abstract, lines 3-5; par. 0027, lines 1-5; par. 0029, lines 1-17 of Roth teaches receiving a request to store data of a customer (e.g., the customer 104), the request comprising the data to be stored];
determining, based on at least one of a plurality of criteria, whether to bypass a service to encrypt data, the plurality of criteria including a size of the data to be stored [figs. 1-3; par. 0028, lines 1-6; par. 0036, lines 1-33 of Roth teaches determining, based on at least one of a plurality of criteria, whether to bypass a service to encrypt data (e.g., transmitting the data to the backing service with encrypted), the plurality of criteria including a size of the data to be stored (e.g., the data objects of the data except for certain constraints on size or limited/restricted size of the data for the on-demand data storage service)]; and
based on a determination to bypass the service, sending the data to a remote key vault instead of the service [figs. 1-3; par. 0045, lines 10-16; par. 0046, lines 1-10 of Roth teaches based on a determination to bypass the service (e.g., to directly submitting to the backing zone), sending the data to a remote key vault (e.g., the backing zone including the storage service) instead of the service (e.g., the service of the virtual zone)].

As per claim 2, Roth teaches the computer-implemented method of claim 1. 
Roth further teaches wherein the data is encrypted based on an arbitrary number and information stored in a partition of the remote key vault for the customer [figs. 4-6; par. 0049, lines 9-13; par. 0056, lines 1-12; par. 0058, lines 1-20; par. 0059, lines 1-16 of Roth teaches wherein the data is encrypted based on an arbitrary number (e.g., random data key) and information (e.g., the authentication information, the secret key or the signature information) stored in a partition of the remote key vault for the customer].

As per claim 3, Roth teaches the computer-implemented method of claim 2. 
Roth further teaches generating the arbitrary number randomly based on receiving the request to store the data [par. 0059, lines 1-16 of Roth teaches generating the arbitrary number randomly (e.g., randomly or pseudo-randomly generated) based on receiving the request to store the data (e.g., to fulfill the request)].

As per claim 4, Roth teaches the computer-implemented method of claim 1. 
Roth further teaches temporarily encrypting the data and an arbitrary number using a pre-shared key [fig. 5; par. 0055, lines 1-24; par. 0059, lines 1-16; par. 0060, lines 1-15 of Roth teaches temporarily encrypting the data and an arbitrary number using a pre-shared key (e.g., the customer key)].

As per claim 5, Roth teaches the computer-implemented method of claim 1. 
Roth further teaches receiving an encrypted version of the data from the remote key vault; and storing the encrypted version of the data in a database [figs. 6, 8; par. 0059, lines 1-16 of Roth teaches receiving an encrypted version of the data (e.g., the encrypted data using the data key) from the remote key vault; and storing the encrypted version of the data in a database (e.g., the storage of the storage service)].

As per claim 6, Roth teaches the computer-implemented method of claim 1. 
Roth further teaches the request further specifies a partition of the remote key vault for the customer [par. 0082, lines 1-16 of Roth teaches the request further specifies a partition of the remote key vault (e.g., to store the data in a particular zone) for the customer].

As per claim 7, Roth teaches the computer-implemented method of claim 1. 
Roth further teaches determining, based on whether the size of the data to be stored satisfies a threshold, whether to bypass the service [par. 0028, lines 1-6; par. 0036, lines 1-33 of Roth teaches determining, based on whether the size of the data to be stored satisfies a threshold (e.g., certain constraints on size), whether to bypass the service (e.g., the on-demand data storage service)].

Claims 8-14 is apparatus claims that correspond to the method claims 1-7, and are analyzed and rejected accordingly. See par. 0108 for the system components, such as processor, memory, etc.

As per claim 15, Roth teaches a computer-implemented method [see the abstract] comprising:
receiving a request to store data of a customer, the request comprising the data to be stored [figs. 1-4; abstract, lines 3-5; par. 0027, lines 1-5; par. 0029, lines 1-17 of Roth teaches receiving a request to store data of a customer (e.g., the customer 104), the request comprising the data to be stored];
generating an input to encrypt the data [par. 0059, lines 1-16 of Roth teaches generating an input to encrypt the data (e.g., randomly or pseudo-randomly generated data key to encrypt the data)];
temporarily encrypting the data and the input using a pre-shared key; and transmitting the temporarily encrypted data and input to a service for encryption, wherein the temporarily encrypted data and input are decrypted with use of the pre-shared key [figs. 5, 6, 8; par. 0055, lines 1-24; par. 0059, lines 1-16; par. 0060, lines 1-15; par. 0071, lines 1-23 of Roth teaches temporarily encrypting the data and the input using a pre-shared key (e.g., the customer key); and transmitting the temporarily encrypted data and input to a service for encryption, wherein the temporarily encrypted data and input are decrypted with use of the pre-shared key (e.g., the customer key)].

Claims 17-20 are method claims that corresponds to the parts of the combination of the method claims 1-4 and 7, and are analyzed and rejected accordingly.

Allowable Subject Matter
Claim 16 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and amending the claim to overcome the 112b rejection and the double patenting rejection stated above.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAUNG T LWIN whose telephone number is (571)270-7845.  The examiner can normally be reached on Monday - Friday 10:00 am - 6:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/MAUNG T LWIN/Primary Examiner, Art Unit 2495