Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This Office Action is in response to the response filed on 07/18/2022.
Claims 1-13 and 20-23 have been examined and are pending; claims 14-19 are non-elected. This Action is made Non-FINAL.
Election/Restrictions
Applicant elects, without traverse, Group-I, comprising claims 1-13 and 20-23, for prosecution of this patent application in the reply filed on 07/18/2022 is acknowledged.
Claim Objections
Claims 6-9, 13 and 20-21 objected to because of the following informalities:  
Regarding claims 6-9, 13 and 21, claims 6-9, 13 and 20-21 recites “A method for …….of claim…...” seems to further limit the claim from which it depends.  However, for consistency and clarity purposes in referring back to the claim from which it depends on, the following correction should be made: “The method for……of claim …”
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C.
102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-4 are rejected under 35 U.S.C. 103 as being unpatentable over Muthukumaran (US 2020/0082088) and in view of Wu (US 2018/0293407).
Regarding claim 1, Muthukumaran discloses a method for storing a cryptographic key for a device in a network (Muthukumaran par. 0052), comprising: 
encrypting the cryptographic key (enroll encryption seed key) using an unlock key (encryption root key) (Muthukumaran par. 0027. Muthukumaran teaches that to protect the user and/or enterprise data from unauthorized access, the encryption seed key may be encrypted using an encryption root key associated with a user and/or enterprise credential); 
encrypting the unlock key using an encryption tool to create an encrypted seed (Muthukumaran abstract and claim 9. Muthukumaran teaches that applying a seed key encryption algorithm to the enroll encryption root key and an enroll encryption seed key, and generating a sealed encryption seed key as an output of the seed key encryption algorithm); 
and storing the encrypted seed (Muthukumaran par. 0052. Muthukumaran teaches that the encryption seed key  stored on the computing device in a memory in a manner in which the encryption seed key 310 is encrypted, sealed or wrapped. The encrypted, sealed or wrapped, encryption seed key  referred to herein as the sealed encryption seed key. See also par. 0082).
Muthukumaran teaches,  protecting the user and/or enterprise data from unauthorized access accessing data (Muthukumaran par. 0027). However, Muthukumaran does not explicitly disclose wherein a user must have access to a first storage area in the device and to a second storage area external to the device in order to access the cryptographic key.
However, in an analogous art, Wu teaches wherein a user must have access to a first storage area in the device and to a second storage area external to the device in order to access the cryptographic key (Wu abstract, par. 0102. Wu teaches that the station 312 has been described as being coupled with the storage device 320 and being configured to obtain a key from an external device 390. It should be noted that the station 312 is not limited to obtaining the key directly from the external device 390, and may instead be configured to obtain the key indirectly from the external device 390. For example, in other embodiments, a user may be using another station (second station) that communicates with the station 312 (first station) remotely (e.g., via a network such as the Internet). In such cases, the user may provide the external device 390 for transmitting its key to the second station. The second station then transmits the key to the first station 312 where the storage device 320 is located. In such cases, after the key has been used by the storage device 320 to perform an authentication, the user of the second station may then obtain data from the storage device 320 at the first station. Accordingly, a user of the station 312 and/or the storage device 320 is not limited to a user who uses the station 312 and/or the storage device 320 directly, and may include a user who uses the station 312 and/or the storage device 320 remotely. In other embodiments, in addition to checking the key from the external device, the storage device may also check a second form of identification from the user. For example, the user of the second station may provide a second form of identification, which is then transmitted from the second station to the first station 312. The storage device 320 then checks the second form of identification. If the second form of identification satisfies a first criteria (e.g., it matches with a reference identification) and if the key from the external device 390 satisfies a second criteria (e.g., it matches with a reference key), then the user will be allowed to access the encrypted data at the storage device. See also par. 0032).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Wu with the method and system of Muthukumaran, wherein a user must have access to a first storage area in the device and to a second storage area external to the device in order to access the cryptographic key to provide users with a means for accessing the encrypted data at the storage device if the form of identification satisfies a criteria (Wu par. 0102).
Regarding claim 2, Muthukumaran and Wu disclose the method of claim 1,
Muthukumaran further discloses wherein the secure location is part of a central authority, wherein the central authority is a server, database, or device requiring user registration and authentication (Muthukumaran par. 0022, 0025 and Fig 11. Muthukumaran teaches that the encryption seed key  stored on the computing device in a memory in a manner in which the encryption seed key 310 is encrypted, sealed or wrapped. The encrypted, sealed or wrapped, encryption seed key  referred to herein as the sealed encryption seed key).  
Regarding claim 3, Muthukumaran and Wu disclose the method of claim 1,
Muthukumaran further discloses wherein: the encryption tool comprises a store key; the encrypted seed is stored in the second storage area; and the store key is stored in unencrypted form in the first storage area (Muthukumaran par. 0057, 0082 and 0100. Muthukumaran teaches that the encryption root key derivation component 304 may also receive various other secure firmware enroll parameters for generating the enroll encryption root key 306. Such secure firmware enroll parameters may include a unique label 316, a secure user identifier 324, a user and/or enterprise credential 326 (also referred to herein as an enroll identity credential 326), and/or a hardware unique key 302.  The sealed encryption seed key may be stored in a memory of the computing device  and the internal memory 906 may be volatile or non-volatile memory, and may also be secure and/or encrypted memory, or unsecure and/or unencrypted memory, or any combination thereof)
Regarding claim 4, Muthukumaran and Wu disclose the method of claim 1,
Muthukumaran further discloses wherein the encryption tool comprises a hardware security module having an authentication key (Muthukumaran par. 0057. Muthukumaran teaches that the encryption root key derivation component 304 may also receive various other secure firmware enroll parameters for generating the enroll encryption root key 306. Such secure firmware enroll parameters may include a unique label 316, a secure user identifier 324, a user and/or enterprise credential 326 (also referred to herein as an enroll identity credential 326), and/or a hardware unique key) .  
Allowable Subject Matter
Claims 5-13 and 20-23 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims and if the claim objections, set forth in this Office action is resolved.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SANCHIT K SARKER whose telephone number is (571)270-7907. The examiner can normally be reached M-F 8:30 AM-5:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, FARID HOMAYOUNMEHR can be reached on 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SANCHIT K SARKER/Primary Examiner, Art Unit 2495