DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In communications filed on 07/14/2022. Claims 1-8, and 11-19 are amended. Claims 1-19 are pending in this examination.
 In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.   This examination is in response to US Patent Application No. 16/479,477.
       Examiner Notes
Examiner has withdrawn the second sets of the rejection submitted in the last office action from examination.
                                          Claim objection
As to claim 1, claims recites, “save restriction instructions or (i) permitting saving of the data file only if the data file is encrypted using a predetermined encryption key, and (ii) forcibly encrypting the data file with the predetermined encryption key if the data file is encrypted using an arbitrary encryption key".
 The MPEP interprets claim limitations that contain "if, may, might, can, when and could" statement(s), as optional language. As matter of linguistic precision, optional claim elements do not narrow claim limitations, since they can always be omitted (In re Johnston, 77 USPQ2d 1788 (Fed Cir 2006)). Language that suggests or makes optional but does not require steps to be performed or does not limit a claim to a particular structure does not limit the scope of a claim or claim limitation. Claim 12 contains similar language found in claim 1. 
Response to Arguments
Applicant’s arguments with respect to dependent claims 4-5, and 15-16 for newly added limitations have been considered but are moot because the arguments do not apply to any of the references being used in the current rejection.
Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims.  See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993).  
Applicant's arguments filed 07/14/2022 have been fully considered but they are not persuasive:
Applicant submits on page 10 of remarks filed on 07/14/2022 that although Applicant respectfully disagrees with the rejection, Applicant has, solely to expedite prosecution, amended the claims herein to recite, inter alia, the following:  "forcibly encrypting the data file with the predetermined encryption key if the data file is encrypted using an arbitrary encryption key," see, e.g., claims 1 and 12; " "the predetermined encryption key is stored in the information storage area," see, e.g., id.; " "the predetermined encryption key is automatically generated by the information control program,” see, e.g., id.

Examiner respectfully disagrees with applicant argument for claims 1, and 12 filed on 07/14/2022 on page 10 of remarks.
Examiner Note: for the limitation "forcibly encrypting the data file with the predetermined encryption key if the data file is encrypted using an arbitrary encryption key”, since the IF option has been chosen for this limitation, Examiner has chosen the first IF limitation from the claim set filed on 07/13/2022 (permitting saving of the data file only if the data file is encrypted using a predetermined encryption key).
permitting saving of the data file only if the data file is encrypted using a predetermined encryption key [Decoding of files, ¶¶47-53, FIG, 12 is a flowchart showing a procedure when the user A reads out the encrypted data stored in the storage device 111by the application program 106. operating the terminal 101…using the user key obtained from the key Management server 112, the encrypted file encryption key LIQ) is decrypted to obtain the original file encryption key (Step 1216). (0052 Subsequently, the encrypted data corresponding to the request of the application program 106 is read from the encrypted file body 1103, and decrypted using the decrypted file encryption key (Step 121). Note that details of the decoding procedure will be described with reference to FIG. 19], and [see claim 9].
Examiner Note: Tomeyoshi also discloses this limitation as: [¶¶83-84, (1) in place of a predetermined area of a storage device such as a C drive designated in advance, a predetermined area of another area of the same storage device or a removable storage device such as a G drive is designated as the storage destination of the data, and the file data is stored in the encrypted virtual file. File data can be accessed only from a dedicated program, and information security can be enhanced], and [Abstract]
Hiroki discloses  "the predetermined encryption key is stored in the information storage area”[ ¶1, There are also provided a data storage method and system and a data storage processing recording medium for retrieving a cryptographic key of a user operating an application program from a key management computer connected to the computer through a network], and  [ ¶7, a storage medium for storage processing, capable of further firmly protecting encrypted data by drawing an encryption key necessary for decryption from a key management computer different from a computer to which a storage device for storing encrypted data is connected.], and[ ¶21, The system shown in FIG. 1 consists of a terminal 101 operated by a user 123, a storage device 111 connected to the terminal 101, a key management server (key management computer) 112 managing a key for encrypting data, a key database 121 storing a key for encryption, and a network 122 connecting the terminal 101 and the key management server 112], and  [Decoding of files, ¶¶47-53, FIG, 12 is a flowchart showing a procedure when the user A reads out the encrypted data stored in the storage device 111by the application program 106. operating the terminal 101…using the user key obtained from the key Management server 112].
"the predetermined encryption key is automatically generated by the information control program [¶7, if there is a request to write data from the application program, the data is automatically encrypted and stored in the storage device, and when there is a request to read the data, the encrypted data stored in the storage device is automatically decrypted and passed to the application program to prevent the user from stealing or modifying the data in the storage device without troublesome operation], and [¶16, ​The original data extracted by decrypting the encrypted data with the encryption key is passed to the application program. Before issuing a request to send an encryption key to the key management computer, information for identifying the user is input to the user operating the application program, the user's key is retrieved from the key management computer after the correctness of this information is confirmed on the computer operated by the user, or the identification information input by the user is sent to the key management computer.​In the key management computer, after confirming the correctness of the received identification information, the encryption key of the user is sent back to perform key management for each user. In addition, by specifying a file and a directory that a user wants to automatically encrypt during file storage], and [¶52, encrypted data corresponding to the request of the application program 106 is read from the encrypted file body 1103 and decoded using the file encryption key obtained by decoding (step 1217). Details of the decoding procedure are described in FIG. 19].
Examiner Note: Tomeyoshi also discloses this limitation as: [¶¶83-84, (1) in place of a predetermined area of a storage device such as a C drive designated in advance, a predetermined area of another area of the same storage device or a removable storage device such as a G drive is designated as the storage destination of the data, and the file data is stored in the encrypted virtual file. File data can be accessed only from a dedicated program, and information security can be enhanced], and [Abstract]
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Hiroshi with the teaching of Tomeyoshi in order to implement an information processing control program and the information processing
apparatus which stores the encrypted file in the storage area designated in advance by the operating system and this File data can be accessed only from a dedicated program by using the predetermined encryption key by the user stored in the key management computer of the Hiroki for the purpose of enhancing the security.
Examiner respectfully disagrees with applicant argument for claims 3, and 14 filed on 07/14/2022 on pages 11-12 of remarks.
replication restricting instructions or (i) replicating part of information of the data file(ii) permitting the replicated past of the information of the data file to be saved only in a state readable by the application program, and (iii) transmitting one or more alerts to at least one of a user and a plurality of other programs when an attempt is made to paste the replicated part of the information of the data file to a document being edited in a program other than the application program, wherein the state is an encrypted state.
Hiroshi discloses wherein the state if an encrypted state [ ¶52,  the encrypted data corresponding to the request of the application program 106 is read from the encrypted file body 1103], and [¶16, The write request is preempted, the encryption key for encrypting the data in the write request is retrieved from a key management computer connecting in the network, the data is encrypted with the encryption key and stored in the storage device, the encrypted data is read from the storage device in the read request, and a key for decrypting the encrypted data is retrieved from the key management computer.​
 And LIM  discloses : [Col.11 lines 8-35, Examples of application programs include word processor (e.g., Microsoft® Word or Apple Pages®), spreadsheet (e.g., Microsoft Excel® or Apple Numbers®), presentation program (e.g., Microsoft PowerPoint® or Apple Keynote®), document viewer (e.g., Adobe Reader® or Microsoft® XPS Viewer), web browser (e.g., Microsoft Internet Explorer®, Mozilla Firefox®, Apple Safari®, Google Chrome™ or Microsoft® Edge), e-mail client (e.g., Microsoft Outlook® or Apple® Mail), instant messenger (e.g., Microsoft® Office Communicator, Microsoft Skype®), and many others. Trademarks are the property of their respective owners, Examples of application program operations include opening a file, copy a file, moving a file, renaming a file, deleting a file, printing a document, copying content of a document, changing document classification, saving a document into a different file, uploading a file to a Web site, opening a web page, showing a data page of an application (e.g., a component listing on a SAP® client application, a product plan or design page on an Dassault Systèmes Enovia™ client, a marketing plan or product specification on a Microsoft SharePoint® page), sending an e-mail message, attaching a file to an e-mail message, sending a message through instant messenger, inviting a user to join a video conference, capturing a screen image, and many others ], and [Col. 188 lines 23-34, a user who is granted an edit right may modify an opened information or document and save modifications to the opened information or document. A user who is granted a copy right may create a copy of an opened information or document. A copy is required to have the same file format as the original. A common application program operation associated with a copy right is a “Save As” operation under a File menu], and [Col.133 lines18-39, Col.17 lines 61-67], and [Col.27, lines 3-14, an auditor 407 logs interceptions and policy evaluations at a data protection client. It also gathers additional information on computing environment that may be used in an audit, performance analysis or diagnosis. An auditor typically caches log data locally so that it may continue to operate while a client computer is offline. Log data is transmitted to a central log server (or report server) when a client computer is online. The log data collected in a log server may be used to analyze information or documents usage pattern, analyze policy effectiveness, identify threats, generate alerts, or produce reports].
Examiner respectfully disagrees with applicant argument for claims 4, and 15 filed on 07/14/2022 on page 10 of remarks.

 disabling input of a signal for executing screen capture
Bingell discloses: [0044] In step 228, image messaging client 121 employs additional security measures intended to further help prevent unauthorized distribution of the image by the second user and other access to the image by third parties. In a preferred embodiment, step 228 involves image messaging client 121 disabling print screen and other screen capture functionalities on computing device 120 and pulsing the display of computing device 120 to prevent a camera from capturing a picture of the content on the display
Examiner respectfully disagrees with applicant argument for claims 5, and 16 filed on 07/14/2022 on page 10 of remarks.
print restriction instructions or restricting printing of the information of the data file by referring to a list of permitted and/or unpermitted print destinations
TOMEYOSHI discloses this limitation as: [¶5, when a necessary file is carried back to home or the like using a USB memory or the like, if the USB memory is handed over to the hand of a third party, there is a possibility that information of a company or the like leaks to the outside. As a countermeasure, a technique is known in which an access to a USB memory is permitted on condition that authentication of a user is performed by biometric authentication such as input of a password or fingerprint authentication], and  [¶34, the information processing control program 301 provides a viewer function of the viewer control unit 304 of the viewer program 302 and a hook function for an instruction such as a file operation Function, a copy print, and the like]. , and [¶81, in addition, when a partial copy operation or a print operation of file data is prohibited, the hook module rejects its execution when the instruction is hooked], and[ ¶87, printing prohibition].
 LIM discloses: [Col. 10 lines 14-20, controlling use of information or documents includes allowing or denying copying content of a document, printing a document, saving a document into a different file, copying a file, attaching a file to an e-mail message, adding a file to an archive such as a zip file, stored a file into a document, merging two documents, sending an e-mail message to a recipient, uploading a file to a Web site, or more], and [Col. 11 lines 7-21; Clo.16 lines 35-63; Col.18 lines 1-22], and [Col.13, lines 10-35, the present invention enforces access control policies, use control policies, rights control policies, or a combination of these to protection information or documents. Access, use and rights control policies are declarative policies. In an embodiment, a policy language is declarative. This means policies may be used to make declarative statement of policy without burdened by implementation details. The declarative aspect of the policy language is another benefit provided by providing abstraction. For example, an access control policy may specify who may access a resource (e.g., a file) on what device in what time period. A use control policy may specify how a user may use (e.g., e-mail, print or edit) a resource in a particular computing environment or location. A rights control policy may specify who may read but not e-mail, print or duplicate a resource (e.g., a file). A typical access or use control policy specifies one or more actions that the policy may be applied. An access or use control policy specifies what action (e.g., open, save or send) a user may perform on a resource. On the other hand, a rights control policy specifies what rights (e.g., view, save or copy) a user may have or not have (i.e., granted or revoked) on a resource. Many policy objectives may be achieved using either access, use or rights control policies. In fact, a particular policy objective may be implemented using access control policies, use control policies, rights control policies, or a combination of two or more types of policies].
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-2, 6-13, and 17-19 are rejected under 35 U.S.C. 103 as being unpatentable over application No. JP11149414(filed in IDS on 07/19/2019) issued to Miyazaki Hiroshi hereafter referred to as” Hiroshi” and in view of application No. JP2010282606(filed in IDS on 07/19/2019) issued to TAMURA TOMEYOSHI hereafter referred to as “Tomeyoshi”.
Regarding claims 1, and 12, Hiroshi discloses  instructions for adding a predetermined modification to a transmitted/received information which is transmitted and received between an operating system and an application program, the application program being executable on the operating system and capable of generating a data file and saving the data file to an arbitrary information storage area as a storage destination [¶34,  (Encryption of Files) Fig 5 is a Flowchart shaving a procedure when the user 128 (here, user A) encrypts data created on the terminal 101 and stores it in the storage device 111. This procedure: starts when the user A attempts to save data created by the application program 106 in the storage device 111.First, when the application program 106 issues a file save request to the operating system 106, the file access hook unit 107 receives the file save request before the operating system 108 processes the request (step 501], [¶¶21-23]; and 
and decrypting instructions or decrypting the data file stored in the predetermined area using the predetermined encryption key [Decoding of files, ¶¶47-53, FIG, 12 is a flowchart showing a procedure when the user A reads out the encrypted data stored in the storage device 111by the application program 106. operating the terminal 101…using the user key obtained from the key Management server 112, the encrypted file encryption key LIQ) is decrypted to obtain the original file encryption key (Step 1216). (0052 Subsequently, the encrypted data corresponding to the request of the application program 106 is read from the encrypted file body 1103, and decrypted using the decrypted file encryption key (Step 121}. Note that details of the decoding procedure will be described with reference to FIG. 19], and [see claim 9]; and 
the predetermined encryption key is stored in the information storage area[ ¶1, There are also provided a data storage method and system and a data storage processing recording medium for retrieving a cryptographic key of a user operating an application program from a key management computer connected to the computer through a network], and  [ ¶7, a storage medium for storage processing, capable of further firmly protecting encrypted data by drawing an encryption key necessary for decryption from a key management computer different from a computer to which a storage device for storing encrypted data is connected.], and[ ¶21, The system shown in FIG. 1 consists of a terminal 101 operated by a user 123, a storage device 111 connected to the terminal 101, a key management server (key management computer) 112 managing a key for encrypting data, a key database 121 storing a key for encryption, and a network 122 connecting the terminal 101 and the key management server 112], and  [Decoding of files, ¶¶47-53, FIG, 12 is a flowchart showing a procedure when the user A reads out the encrypted data stored in the storage device 111by the application program 106. operating the terminal 101…using the user key obtained from the key Management server 112]; and 
the predetermined encryption key is automatically generated by the information control program [¶7, if there is a request to write data from the application program, the data is automatically encrypted and stored in the storage device, and when there is a request to read the data, the encrypted data stored in the storage device is automatically decrypted and passed to the application program to prevent the user from stealing or modifying the data in the storage device without troublesome operation], and [¶16, ​The original data extracted by decrypting the encrypted data with the encryption key is passed to the application program. Before issuing a request to send an encryption key to the key management computer, information for identifying the user is input to the user operating the application program, the user's key is retrieved from the key management computer after the correctness of this information is confirmed on the computer operated by the user, or the identification information input by the user is sent to the key management computer.​In the key management computer, after confirming the correctness of the received identification information, the encryption key of the user is sent back to perform key management for each user. In addition, by specifying a file and a directory that a user wants to automatically encrypt during file storage], and [¶52, encrypted data corresponding to the request of the application program 106 is read from the encrypted file body 1103 and decoded using the file encryption key obtained by decoding (step 1217). Details of the decoding procedure are described in FIG. 19].
Examiner Note: Tomeyoshi also discloses this limitation as: [¶¶83-84, (1) in place of a predetermined area of a storage device such as a C drive designated in advance, a predetermined area of another area of the same storage device or a removable storage device such as a G drive is designated as the storage destination of the data, and the file data is stored in the encrypted virtual file. File data can be accessed only from a dedicated program, and information security can be enhanced], and [Abstract].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Hiroshi with the teaching of Tomeyoshi in order to implement an information processing control program and the information processing
apparatus which stores the encrypted file in the storage area designated in advance by the operating system and this File data can be accessed only from a dedicated program by using the predetermined encryption key by the user stored in the key management computer of the Hiroshi for the purpose of enhancing the security.
Hiroshi does not explicitly disclose, however, Tomeyoshi discloses wherein the instructions of adding the predetermined modification comprising  save restriction instructions or (i) permitting saving of the data file only if the data file is encrypted using a predetermined encryption key, and only  if a predetermined area in the information storage area from being designated as the storage destination of the data file.
Even though Hiroshi discloses the limitation as: [Decoding of files, ¶¶47-53, FIG, 12 is a flowchart showing a procedure when the user A reads out the encrypted data stored in the storage device 111by the application program 106. operating the terminal 101…using the user key obtained from the key Management server 112, the encrypted file encryption key LIQ) is decrypted to obtain the original file encryption key (Step 1216). (0052 Subsequently, the encrypted data corresponding to the request of the application program 106 is read from the encrypted file body 1103, and decrypted using the decrypted file encryption key (Step 121). Note that details of the decoding procedure will be described with reference to FIG. 19], and [see claim 9].
Furthermore, Tomeyoshi discloses this limitation as: [¶9, in the information processing control program and the information processing apparatus of the present invention, the 1 storage area is designated as the storage destination of the data instead of the 2-storage area designated in advance by the operating system, and the file data is stored in the encrypted virtual file. File data can be accessed only from a dedicated program, and information security can he enhanced], and ¶34, the information processing control program 301 provides a viewer function of the viewer control unit 304 of the viewer program 302 and a hook function for an instruction such as a file operation Function, a copy print, and the like. Farther, the information processing control program 301 includes a unique file system 309, Generally, a file system defines a method for staring and managing files on a storage medium, and an operating system 331 includes a unique file system 333, and a file system 333 included In the operating system 331 typically stores and manages files, However, under the predetermined condition described tater, the file is stored and managed by the unique file system 309 provided by the information processing control program 301 instead of the file system 333 included in the operating system 331], and  [¶¶83-84,  (1) in place of a predetermined area of a storage device such as a C drive designated in advance, a predetermined area of another area of the same storage device or a removable storage device such as a G drive is designated as the storage destination of the data, and the file data is stored in the encrypted virtual file. File data can be accessed only from a dedicated program, and information security can be enhanced, (2) By storing the encrypted virtual file in a removable storage device such as a USE memory and removing the storage device Tram the personal computer, the virtual File itself is not left on the personal computer, so that the information security can be further enhanced], and [Abstract]
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Hiroshi with the teaching of Tomeyoshi in order to implement an information processing control program and the information processing
apparatus which the 1 storage area is designated as the storage destination of the data instead of the 2-storage area designated in advance by the operating system, and the file data is stored in the encrypted virtual file. File data can be accessed only from a dedicated program, and information security can be enhanced [ Tomeyoshi, ¶9].
Regarding claims 2, and 13, Hiroshi discloses wherein the save restriction instructions are further for encrypting the data file using the predetermined encryption key when the data file is not encrypted using the predetermined encryption key [Decoding of files, ¶¶47-53, FIG, 12 is a flowchart showing a procedure when the user A reads out the encrypted data stored in the storage device 111by the application program 106. operating the terminal 101…using the user key obtained from the key Management server 112, the encrypted file encryption key LIQ) is decrypted to obtain the original file encryption key (Step 1216). (0052 Subsequently, the encrypted data corresponding to the request of the application program 106 is read from the encrypted file body 1103, and decrypted using the decrypted file encryption key (Step 121}. Note that details of the decoding procedure will be described with reference to FIG. 19], and [see claim 9].
Regarding claims 6, and 17, Hiroshi does not explicitly disclose, however Tomeyoshi discloses, wherein the instructions of adding the predetermined modification further includes  external transmission restriction instructions of restricting the data file unencrypted using the predetermined encryption key or the data file decrypted using the predetermined encryption key from being transmitted to other terminals different from a terminal that stores the data file unencrypted using the predetermined encryption key or the data file decrypted using the predetermined encryption key [¶40, as described above, the file downloaded from the server device 1 of Company A is not stored in the normal area of the storage device 37 of the personal computer 3, since it is stored as file data in an encrypted virtual file in a predetermined area in the USB memory 4 or the storage device 37, even if the information security of the personal computer 3 is insufficient, it is  possible to prevent. the information of Company A from leaking from the personal computer 3. Farther, even if the employee a loses or stolen the USB memory 4, the information processing control program 301 cannot read a file stored in the USB memory 4 by another personal computer or the like which has not been downloaded, so that the information of Company A can be prevented from leaking from the USB memory 4], and [¶55].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Hiroshi with the teaching of Tomeyoshi in order to prevent the information of a company from leaking from a personal computer or a USB memory [ Tomeyoshi, ¶40].
Regarding claims 7, and 18, Hiroshi does not explicitly disclose, however Tomeyoshi discloses wherein the instructions of adding the predetermined modification further includes a-transmission destination restriction instructions of restricting the data file from being transmitted to a transmission destination other than a predetermined transmission destination [¶9, in the information processing control program and the information processing apparatus of the present invention, the 1 storage area is designated as the storage destination of the data instead of the 2 storage area designated in advance by the operating system, and the file data is stored in the encrypted virtual file. File data can be accessed only from a dedicated program, and information security can he enhanced], and ¶34, the information processing control program 301 provides a viewer function of the viewer control unit 304 of the viewer program 302 and a hook function for an instruction such as a file operation Function, a copy print, and the like. Farther, the information processing control program 301 includes a unique file system 309, Generally, a file system defines a method for staring and managing files on a storage medium, and an operating system 331 includes a unique file system 333, and a file system 333 included In the operating system 331 typically stores and manages files, However, under the predetermined condition described tater, the file is stored and managed by the unique file system 309 provided by the information processing control program 301 instead of the file system 333 included in the operating system 331], and  [¶¶83-84,  (1) in place of a predetermined area of a storage device such as a C drive designated in advance, a predetermined area of another area of the same storage device or a removable storage device such &s a0 drive is designated as the storage destination of the data, and the file data is stored in the encrypted virtual file. Pile data can be accessed only from a dedicated program, and information security can be enhanced, (2) By storing the encrypted virtual file in a removable storage device such as a USE memory and removing the storage device Tram the personal computer, the virtual Tile itself is not left on the personal computer, so that the information security can be further enhanced], and [Abstract]
tate, classify, assign, screen capture, CAD product manufacturing information, or many others
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Hiroshi with the teaching of Tomeyoshi in order to implement an information processing control program and the information processing
apparatus which the 1 storage area is designated as the storage destination of the data instead of the 2-storage area designated in advance by the operating system, and the file data is stored in the encrypted virtual file. File data can be accessed only from a dedicated program, and information security can be enhanced [ Tomeyoshi, ¶9].
Regarding claims 8, and 19, Hiroshi discloses wherein the instructions of adding the predetermined modification further includes a-confirmation instructions of confirming that the data file stored in the predetermined area is the data file encrypted using the predetermined encryption key [ See claim 5, the key management computer manages an encryption key for each user who uses the computer, and when the computer takes the encryption key from the key management computer, the computer Fs. used. An identification information for identifying the user is input to a user who operates an application program which has made a request for reading or writing data. The date storage method according to claim 1 or 2, wherein the identification information is sent to the key management computer, and the correctness of the identification information is confirmed by the key management computer, and the encryption key corresponding to the user is taken], and [¶¶16, 26, 36, 54, 87 see claim 6].
Regarding claim 9, Hiroshi discloses, the application program; the operating system; and the predetermined area storing the data file [¶14, , AS an example ta be used in the following description, Windows (registered trademark of Microsoft Corporation) is used as an operating system (0S) of the personal computer 3], and [¶9, in the information processing control program and the information processing apparatus of the present invention, the 1 storage area is designated as the storage destination of the data instead of the 2 storage area designated in advance by the operating system, and the file data is stored in the encrypted virtual file. File data can be accessed only from a dedicated program, and information security can he enhanced].
Examiner Note: Tomeyoshi also discloses this limitation as: [¶34, (Encryption of Files} Fig 5 is a Flowchart shaving a procedure when the user 128 (here, user A) encrypts data created on the terminal 101 and stores it in the storage device 111. This procedure: starts when the user A attempts to save data created by the application program 106 in the storage device 111.First, when the application program 106 issues a file save request to the operating system 106, the file access hook unit 107 receives the file save request before the operating system 108 processes the request (step 501], [¶¶21-23], and [ see Claim 8, a data storage method according to any one of claims 1to 7, wherein in said storage device; encryption or decryption is performed for only data in a file designated in-advance by a user or data in all files in a designated directory], and [¶5, 16], and [¶93 Further, by configuring a file or a directory to be automatically encrypted automatically when the user stores the file, encryption or decryption can be performed only on the designated file or the Pile below the designated directory, Thus, a directory representing a storage medium such as a floppy disk can he designated as a place to be encrypted and stored, so that important information can be prevented from being copied and taken out].
Regarding claim 10, Hiroshi does not explicitly disclose, however Tomeyoshi discloses, wherein the predetermined area is located in a storage unit of a terminal in which the application program and the operating system are activated [¶40, as described above, the file downloaded Prom the server device 1 of Company A is not stored in the normal area of the storage device 37 of the personal computer 3, since it is  stored as file data in an encrypted virtual file in a predetermined area in the USB memory 4 or the storage device 37].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Hiroshi with the teaching of Tomeyoshi in order for the data file be accessed only from a dedicated program and hence, enhance information security [ Tomeyoshi, ¶9].
Regarding claim 11, Hiroshi discloses a replicating means replicating the data file stored in the predetermined area and saving the data file in a storage unit of another terminal communicably connected to the terminal [¶17, when the encrypted data and the encryption Key are stored in the storage device physically separated from each other, even if the portable terminal in which the encrypted confidential data is stored is stolen, the risk of decryption is reduced compared with the case where these data are stored in the same storage device, For example, an encrypted data is stored in a portable terminal, and when it is desired to access the data in a company, if is connected to an in-house LAN and remotely accessed From the outside of the company].
Examiner Note: Tomeyoshi also discloses this limitation as: [¶81, a partial copy operation or a print operation of file data].

Claims 3, and 14 are rejected under 35 U.S.C. 103 as being unpatentable over application No. JP11149414(filed in IDS on 07/19/2019) issued to Miyazaki Hiroshi hereafter referred to as” Hiroshi” and in view of application No. JP2010282606(filed in IDS on 07/19/2019) issued to TAMURA TOMEYOSHI hereafter referred to as “Tomeyoshi” and further in view of application No. 10,387,669 issued to LIM.
Regarding claims 3, and 14, Hiroki discloses wherein the state if an encrypted state [ ¶52,  the encrypted data corresponding to the request of the application program 106 is read from the encrypted file body 1103], and [¶16, The write request is preempted, the encryption key for encrypting the data in the write request is retrieved from a key management computer connecting in the network, the data is encrypted with the encryption key and stored in the storage device, the encrypted data is read from the storage device in the read request, and a key for decrypting the encrypted data is retrieved from the key management computer.​
Hiroshi and Tomeyoshi do not explicitly disclose, however LIM discloses replication restricting instructions or (i) replicating part of information of the data file(ii) permitting the replicated past of the information of the data file to be saved only in a state readable by the application program, and (iii) transmitting one or more alerts to at least one of a user and a plurality of other programs when an attempt is made to paste the replicated part of the information of the data file to a document being edited in a program other than the application program [Col.11 lines 8-35, Examples of application programs include word processor (e.g., Microsoft® Word or Apple Pages®), spreadsheet (e.g., Microsoft Excel® or Apple Numbers®), presentation program (e.g., Microsoft PowerPoint® or Apple Keynote®), document viewer (e.g., Adobe Reader® or Microsoft® XPS Viewer), web browser (e.g., Microsoft Internet Explorer®, Mozilla Firefox®, Apple Safari®, Google Chrome™ or Microsoft® Edge), e-mail client (e.g., Microsoft Outlook® or Apple® Mail), instant messenger (e.g., Microsoft® Office Communicator, Microsoft Skype®), and many others. Trademarks are the property of their respective owners, Examples of application program operations include opening a file, copy a file, moving a file, renaming a file, deleting a file, printing a document, copying content of a document, changing document classification, saving a document into a different file, uploading a file to a Web site, opening a web page, showing a data page of an application (e.g., a component listing on a SAP® client application, a product plan or design page on an Dassault Systèmes Enovia™ client, a marketing plan or product specification on a Microsoft SharePoint® page), sending an e-mail message, attaching a file to an e-mail message, sending a message through instant messenger, inviting a user to join a video conference, capturing a screen image, and many others ], and [Col. 188 lines 23-34, a user who is granted an edit right may modify an opened information or document and save modifications to the opened information or document. A user who is granted a copy right may create a copy of an opened information or document. A copy is required to have the same file format as the original. A common application program operation associated with a copy right is a “Save As” operation under a File menu], and [Col.133 lines18-39, Col.17 lines 61-67], and [Col.27, lines 3-14, an auditor 407 logs interceptions and policy evaluations at a data protection client. It also gathers additional information on computing environment that may be used in an audit, performance analysis or diagnosis. An auditor typically caches log data locally so that it may continue to operate while a client computer is offline. Log data is transmitted to a central log server (or report server) when a client computer is online. The log data collected in a log server may be used to analyze information or documents usage pattern, analyze policy effectiveness, identify threats, generate alerts, or produce reports].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Hiroshi and Tomeyoshi with the teaching of LIM in order to implement a technique and system to protect documents at rest and in motion using declarative policies, access rights, and encryption. Methods, techniques, and systems control access to documents and use of content in documents to support information management policies [ LIM, Abstract].
Regarding claims 5, and 16, Hiroshi does not explicitly disclose, however, Tomeyoshi discloses print restriction instructions or restricting printing of the information of the data file by referring to a list of permitted and/or unpermitted print destinations
Tomeyoshi discloses [¶5, when a necessary file is carried back to home or the like using a USB memory or the like, if the USB memory is handed over to the hand of a third party, there is a possibility that information of a company or the like leaks to the outside. As a countermeasure, a technique is known in which an access to a USB memory is permitted on condition that authentication of a user is performed by biometric authentication such as input of a password or fingerprint authentication], and  [¶34, the information processing control program 301 provides a viewer function of the viewer control unit 304 of the viewer program 302 and a hook function for an instruction such as a file operation Function, a copy print, and the like]. , and [¶81, in addition, when a partial copy operation or a print operation of file data is prohibited, the hook module rejects its execution when the instruction is hooked], and[ ¶87, printing prohibition].It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Hiroshi with the teaching of Tomeyoshi in order for when the print instruction is hooked, the hook module rejects the execution when a partial copy operation or a print operation of file data is prohibited [ Tomeyoshi, ¶81].
And Furthermore, LIM discloses: [[Col. 10 lines 14-20, controlling use of information or documents includes allowing or denying copying content of a document, printing a document, saving a document into a different file, copying a file, attaching a file to an e-mail message, adding a file to an archive such as a zip file, stored a file into a document, merging two documents, sending an e-mail message to a recipient, uploading a file to a Web site, or more], and [Col. 11 lines 7-21; Clo.16 lines 35-63; Col.18 lines 1-22], and [Col.13. lines 10-35, The present invention enforces access control policies, use control policies, rights control policies, or a combination of these to protection information or documents. Access, use and rights control policies are declarative policies. In an embodiment, a policy language is declarative. This means policies may be used to make declarative statement of policy without burdened by implementation details. The declarative aspect of the policy language is another benefit provided by providing abstraction. For example, an access control policy may specify who may access a resource (e.g., a file) on what device in what time period. A use control policy may specify how a user may use (e.g., e-mail, print or edit) a resource in a particular computing environment or location. A rights control policy may specify who may read but not e-mail, print or duplicate a resource (e.g., a file). A typical access or use control policy specifies one or more actions that the policy may be applied. An access or use control policy specifies what action (e.g., open, save or send) a user may perform on a resource. On the other hand, a rights control policy specifies what rights (e.g., view, save or copy) a user may have or not have (i.e., granted or revoked) on a resource. Many policy objectives may be achieved using either access, use or rights control policies. In fact, a particular policy objective may be implemented using access control policies, use control policies, rights control policies, or a combination of two or more types of policies].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Hiroshi and Tomeyoshi with the teaching of LIM in order to implement a technique and system to protect documents at rest and in motion using declarative policies, access rights, and encryption. Methods, techniques, and systems control access to documents and use of content in documents to support information management policies [ LIM, Abstract].

Claims 4, and 15 are rejected under 35 U.S.C. 103 as being unpatentable over application No. JP11149414(filed in IDS on 07/19/2019) issued to Miyazaki Hiroshi hereafter referred to as” Hiroshi” and in view of application No. JP2010282606(filed in IDS on 07/19/2019) issued to TAMURA TOMEYOSHI hereafter referred to as “Tomeyoshi” and further in view of application No. (US2013/0247220 A1) issued to Bingell.
Regarding claims 4, and 15, Hiroshi does not explicitly disclose, however Tomeyoshi discloses wherein the instructions of adding the predetermined modification further comprise:  image replication restricting instructions or (i) restricting replication of image information of the data file displayed on a display device based on the information of the data file [¶18, The viewer program 302 resisters the application program 321 to be controlled by the information processing control program 301 and manages its startup. In practices, & viewer function is provided to display various files stored in a virtual file of the USS memory 4 or the storage device 37 as if they exist in a normal directory position (e.g. a C drive in the case of Windows). The viewer program 302 includes a launcher control unit 303, a viewer control unit 304, and a hook module 305], and [¶¶19-20, 31, 37, 39, 62, 64].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Hiroshi with the teaching of Tomeyoshi in order to indicate that  the window of the viewer screen is provided with a special display such as a red frame on the outline of the window by the dialog control, so that the user can recognize that security protect by the virtual file is performed, [ Tomeyoshi, ¶20].
Hiroshi, and Tomeyoshi do not explicitly disclose, however, Bingell discloses disabling input of a signal for executing screen capture [¶44, in step 228, image messaging client 121 employs additional security measures intended to further help prevent unauthorized distribution of the image by the second user and other access to the image by third parties. In a preferred embodiment, step 228 involves image messaging client 121 disabling print screen and other screen capture functionalities on computing device 120 and pulsing the display of computing device 120 to prevent a camera from capturing a picture of the content on the display. For example, computing device 120 can continually alternate between displaying content to the second user (e.g., the image in step 230) and displaying a blank white screen, or computing device 120 can modify the refresh rate of the display to obscure any pictures taken by a camera].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Hiroshi, and Tomeyoshi with the teaching of Bingell in order to implement security measures to prevent an unauthorized user from accessing the digital images and unauthorized distribution of the images [Bingell, ¶¶7,44]. 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 

Brannon (US2014/0258711) [¶17, Other restrictions may prevent any and/or all devices participating in the communication from capturing the contents of the message, such as by preventing logging and/or disabling screen capture capabilities].
Chen (US2010/0205561) [ [¶20, In an embodiment, a disabling signal is generated immediately after the image of the selected area is copied. In response to the disabling signal, the screen capture program is disabled].
He (US8826452) [ (9) …  A data loss prevention system may prevent data loss from screen captures by disabling the print screen key of a computer with sensitive documents.].
WO2016175334 (terminal device and computer program, Abstract].
Blenkhorn [ software service for encrypting and decrypting data, ¶25].
JP2005178070A [Printing processing system]. 
JP2005130028A [ ENCRYPTION KEY, AND ENCRYPTION APPARATUS AND DECRYPTION APPARATUS USING THE SAME, In the personal computer 2 that has received the automatic encryption setting information, the controller 22 checks whether or not the automatic encryption setting information designates the USB key 1 as the storage destination of the encrypted file (step S22). If it is determined in step S22 that the USB key 1 is designated as the encryption file storage destination, the personal computer 2 transmits the encryption file to the USB key 1 (step S23). In the USB key 1 that has received the encrypted file, the USB controller 12 stores the received encrypted file in the data area of the memory (step S36).  On the other hand, if it is determined in step S22 that the USB key 1 is not designated as the encryption file storage destination, the personal computer 2 stores the encryption file in the memory inside the personal computer 2 designated by the input unit 3. Save (step S24)].
EP1380916A1[data protection program, method and apparatus, FIG.18].
AU2005200290A1[data processing apparatus and data processing, method, see claim 2].
                                                                                                                                                                                              Applicants are encouraged to take advantage of the After Final Consideration Pilot 2.0 (AFCP 2.0) which authorizes non-production time for consideration of responses filed after a final rejection. The purpose of the pilot is to compact prosecution of the case. The request must include 1) A signed AFCP request form (PTO/SB/434 or equivalent) that includes a statement that applicant is requesting consideration under the AFCP; 2) An amendment to at least one independent claim that does not broaden the scope of the independent claim in any aspect; and 3) A statement that applicant is willing and available to participate in any interview initiated by the examiner concerning the present response.  In the limited amount of non-production time if the examiner’s consideration of a proper AFCP 2.0 request and response does not result in a determination that all pending claims are in condition for allowance, the examiner will request an interview with the applicant to discuss the response. For more info, please visit http://www.uspto.gov/patent/initiatives/after-final-consideration-pilot-20

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAHRIAR ZARRINEH whose telephone number is (571)272-1207. The examiner can normally be reached Monday-Friday, 8:30am-5:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge Ortiz-Criado can be reached on 571-272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SHAHRIAR ZARRINEH/Examiner, Art Unit 2496