DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 6/30/2022 has been entered.
 
Response to Amendment / Arguments
Regarding claims rejected under 35 USC 103:
Applicant’s arguments, in view of the amended claims, have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of “Security Analysis on One-to-Many Order Preserving Encryption-Based Cloud Data Search.”

Regarding claims rejected under 35 USC 101:
Applicant's arguments have been fully considered but they are not persuasive.
Applicant argues that “the amended claims recite the utility, the unencrypted utility log, the encrypted utility log, and the service provider host as integral elements of the claims, as opposed to being referenced in passing. In addition, the claims now affirmatively recite that the encrypted utility log is encrypted with a k-deterministic encryption scheme that protects low- entropy data while upper-bounding each plain text encryption to k probabilistically-computed ciphertexts, where k is an integer greater than 1. The utility transferring and the service provider host receiving an encrypted utility log with a k-deterministic encryption scheme that protects low-entropy data while upper-bounding each plain text encryption to k probabilistically- computed ciphertexts, with k being an integer greater than 1, are claim elements that are fully integrated into the claims and as a whole amount to a practical application of any mathematical concept judicial exception, as well as amounting to significantly more than an abstract idea, thus contributing to an inventive concept.”
In response, it is first noted that further specifying the first and second entity as being a utility and a service provider host appears to merely be linking the use of the judicial exception to a particular technological environment or field of use. In this case, the judicial exception is a searchable encryption algorithm between exemplary Alice and Bob. The additional specification the utility and service provider host appears to merely be further specifying the Alice and Bob analogues. However, the actual implementation of the searchable encryption claimed appears to be unchanged: i.e., the “receiving,” the encryption, “analyzing,” “generating,” and “transferring” steps are implemented in the same way. Further specifying that the log is a utility log likewise appears to be merely be linking the use of the judicial exception to a particular technological environment or field of use. In this case, the data encrypted and queried is merely assigned a category without changing the actual implementation of the claimed searchable encryption.
With respect to the k-deterministic encryption scheme as claimed, it is first noted that “a k-deterministic encryption scheme that protects low- entropy data while upper-bounding each plain text encryption to k probabilistically-computed ciphertexts, where k is an integer greater than 1” is considered to be part of the judicial exception of a mathematical concept without significantly more. Protecting low-entropy data with a deterministic encryption scheme is considered to be a potential improvement to the technical field, but the specific protection afforded does not appear to be part of the claim. For instance, “protecting low-entropy data” may be interpreted as a consequence of any form of encryption, since the details of the protection are not claimed. 

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 13-34 are rejected under 35 U.S.C. 101 because the claimed invention is directed to the judicial exception of a mathematical concept without significantly more. The claim(s) recite(s) a searchable encryption process of sending encrypted queries for encrypted data, which are mathematical operations. This judicial exception is not integrated into a practical application because generally linking the judicial exception to a particular technological environment or field of use is not sufficient—see MPEP 2106.05(h). In this case, the claims link the judicial exception to that of entities including a utility and a service provider, and do not appear to provide any improvement to the entities, nor any action or transformation involving the entities other than that of the judicial exception. The entities are merely involved in a searchable encryption algorithm, and appear to be a cryptographic Alice and Bob equivalent. As such, the claims appear to be directed to the judicial exception itself, rather than to a practical application of the judicial exception.
Abstract idea limitations (exemplary claim 13): A method for analyzing a utility log of [a first entity], the method comprising: receiving, at [a second entity], an encrypted utility log from the [first entity], the encrypted utility log encrypted with a k-deterministic encryption scheme, k being an integer greater than 1, the k-deterministic encryption scheme protecting low-entropy data while upper-bounding each plain text encryption to k probabilistically-computed ciphertexts; receiving, at the [second entity], an encrypted query from [first entity], the encrypted query encrypted with the k-deterministic encryption scheme; analyzing, at the [second entity], the encrypted utility log by using the encrypted query; generating an encrypted analysis result at the [second entity] without decrypting the encrypted utility log or the encrypted query; and transferring the encrypted analysis result from the [second entity] to the [first entity] for decryption and verification, and detection of suspicious behavior by the [first entity] based on the encrypted analysis result; thereby preserving privacy of the encrypted utility log and the encrypted query from the [second entity].
Claim elements which may be considered to be additional elements: the [first entity] being a device or a plurality of devices of a utility; the [second entity] being a service provider host (exemplary claim 13); wherein the utility is a cluster of utilities (exemplary claim 14); wherein the log is a security log of a utility (exemplary claim 17); wherein the log is a log of industrial equipment, a security log of a network or a log of an industrial controller (exemplary claim 18); wherein the log is a log of an entire system that comprises multiple device (exemplary claim 19); wherein transfers between the utility and the service provider host are performed via a secure channel (exemplary claim 21).
In the case of exemplary language from claims 13, 14, 17, 18, and 19 above, the claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because adding the words “apply it” (or an equivalent) with the judicial exception, or mere instructions to implement an abstract idea on a computer, or merely uses a computer as a tool to perform an abstract idea / generally linking the judicial exception to a particular technological environment or field of use are not sufficient—see MPEP 2106.05(f)&(h). Here, the claim language merely recites generic computing devices for performing the judicial exception (“a device,” “multiple devices,” a system comprising devices); the identity of the entities as being specific organizations. 
In the case of exemplary language from claim 21, Simply appending well-understood, routine, conventional activities previously known to the industry, specified at a high level of generality, to the judicial exception is not considered to be sufficient. Secure channels for transferring data are well known, routine, and conventional activities known in, e.g., the searchable encryption field of art. For instance, refer to at least Col. 28, Ll. 50-55 of the Trepetin reference, stating that “we can readily encrypt our queries and result sets by encrypting the channel between clients (or some intermediary gateway) and the database server. A scheme such as SSL, IPSEC, etc. can be implemented to protect against known-plaintext attacks and similar kinds of attacks in the literature, if needed.” The exemplary claim language does not appear to further specify the secure channel, other than at a high level of generality.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 13-15 and 17-22 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. Claim 13 recites the limitation "receiving… an encrypted query from utility," where “utility” is not preceded by an appropriate article.  There is insufficient antecedent basis for this limitation in the claim. The dependent claims do not address this deficiency and are therefore likewise rejected.

Claims 13-15 and 17-34 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. Each of independent claims 13, 23, and 30 comprises, e.g., “a k-deterministic encryption scheme, k being an integer greater than 1, the k-deterministic encryption scheme protecting low-entropy data while upper-bounding each plain text encryption to k probabilistically-computed ciphertexts.” It is not clear whether “while upper-bounding each plain text encryption to k probabilistically-computed ciphertexts” is intended to be interpreted as the algorithm specifically generating up to k probabilistically-computer ciphertexts, or whether the bound exists as a mathematical property of the algorithm (i.e., whether the outcome of the k-deterministic scheme is being compared to probabilistic encryption, or if it implements probabilistic encryption). As such, the scope of the claims is unclear. Further, since the dependent claims do not address this deficiency, they are likewise rejected.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 13-15, 17-20 and 22-32 is/are rejected under 35 U.S.C. 103 as being unpatentable over Obermeier (EP 2 677 441 A1) in view of Chase (US 8,429,421 B2) and “Security Analysis on One-to-Many Order Preserving Encryption-Based Cloud Data Search,” herein after “Li.”

Regarding claim 13, Obermeier discloses: A method for analyzing a utility log of a device or a plurality of devices of a utility (e.g., operational data of industrial systems as in [0002] of Obermeier), the method comprising: 
receiving, at a service provider host, an encrypted utility log from the utility; 
Refer to at least [0045]-[0051] of Obermeier with respect to encrypting and storing operational data to a server database.
receiving, at the service provider host, an encrypted query from utility; 
Refer to at least [0053]-[0059] of Obermeier with respect to an encrypted query to the server database. 
analyzing, at the service provider host, the encrypted utility log by using the encrypted query; 
generating an encrypted analysis result at the service provider host; 
transferring the encrypted analysis result from the service provider host to the utility for decryption and detection of suspicious behavior (e.g., [0001]-[0002] of Obermeier with respect to operational data such as sensor measurements, production data, and control data, which is inherently obtained for determining normal operations of an industrial system) by the utility based on the encrypted analysis result while preserving privacy of the encrypted utility log and the encrypted query from the service provider host ("for decryption and verification, and detection of suspicious behavior by the utility based on the encrypted analysis result" is an intended use of the "transferring" step).
Refer to at least the abstract and [0061]-[0065] of Obermeier with respect to the server database performing the query and sending an encrypted query result. The query result is decrypted. 
Refer to at least [0004]-[0005], [0012] and [0060] of Obermeier with respect to preserving privacy and no encoding or encryption scheme having to be provided to the server.
Obermeier does not appear to disclose: that the encrypted analysis result is also verified by the utility in addition to decryption. Obermeier further does not disclose: the encrypted utility log encrypted with a k-deterministic encryption scheme, k being an integer greater than 1, the k-deterministic encryption scheme protecting low-entropy data while upper-bounding each plain text encryption to k probabilistically-computed ciphertexts; the encrypted query encrypted with the k-deterministic encryption scheme. However, Obermeier in view of Chase discloses: that the encrypted analysis result is also verified by the utility in addition to decryption;
Refer to at least FIG. 5 and Col. 12, Ll. 16-30 of Chase with respect to receiving, decrypting, and verifying an encrypted query result at a client. 
the encrypted utility log encrypted with a [deterministic encryption scheme]; the encrypted query encrypted with the [deterministic encryption scheme].
Refer to at least Col. 4, Ll. 30-44 and Ll. 53-67 of Chase with respect to a deterministic algorithm for encrypting / decrypting. 
The teachings of Obermeier and Chase concern searchable encryption and are considered to be within the same field of endeavor and combinable as such. 
Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Obermeier to include verifying the encrypted query result for at least the purpose of ensuring a true positive, as per the cited portions of Chase (i.e., improved usability). It further would have been obvious to utilize a deterministic algorithm because the substitution of one known element for another would have yielded predictable results to one of ordinary skill in the art at the time (i.e., substituting one encryption algorithm for another, since Obermeier is drawn to a generic encoding function).
Obermeier-Chase does not specify the deterministic encryption scheme being: the encrypted utility log encrypted with a k-deterministic encryption scheme, k being an integer greater than 1, the k-deterministic encryption scheme protecting low-entropy data while upper-bounding each plain text encryption to k probabilistically-computed ciphertexts; the encrypted query encrypted with the k-deterministic encryption scheme. However, Obermeier-Chase in view of Li discloses: the encrypted utility log encrypted with a k-deterministic encryption scheme, k being an integer greater than 1, the k-deterministic encryption scheme protecting low-entropy data (said protection interpreted as a byproduct of the encryption) while upper-bounding each plain text encryption to k probabilistically-computed ciphertexts; the encrypted query encrypted with the k-deterministic encryption scheme. 
Refer to at least section III.A of Li with respect to a deterministic OPE scheme, wherein the range of ciphertexts is divided into random-sized buckets which are selected by a binary search based on a random HGD sampler. After the selection, a plaintext is mapped to a ciphertext from within the bucket. The randomized buckets correspond to the set of ciphertexts.
The teachings of Obermeier-Chase and Li concern searchable encryption and are considered to be within the same field of endeavor and combinable as such. 
Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Obermeier-Chase to implement the deterministic OPE scheme because the substitution of one known element for another would have yielded predictable results to one of ordinary skill in the art at the time (i.e., substituting one encryption algorithm for another, since Obermeier is drawn to a generic encoding function). Further, a deterministic scheme is generally faster, while an OPE scheme allows for additional search operators.

Regarding claim 14, Obermeier-Chase-Li discloses: The method of claim 13, wherein the utility is a cluster of utilities.
Refer to at least Fig. 1 of Obermeier, where industrial plant 16 and its computing devices are in communication with service provider 14 and its servers and database for performing data storage and search.

Regarding claim 15, Obermeier-Chase-Li discloses: The method of claim 13, wherein the encrypted utility log and the encrypted query are encrypted by a first private/secret key that is not known by the service provider host.
Refer to at least [0016]-[0017] and [0060] of Obermeier with respect to a private key and homomorphic encryption.

Regarding claim 17, Obermeier-Chase-Li discloses: The method of claim 13, wherein the utility log is a security utility log of the utility.
Refer to at least [0002] of Obermeier with respect to exemplary forms of the operational data, such as measurement data from sensors and configuration data for control devices. 

Regarding claim 18, it is rejected for substantially the same reasons as claims 13 and 17 above (i.e., the citations).

Regarding claim 19, it is rejected for substantially the same reasons as claims 13 and 17 above (i.e., the citations).

Regarding claim 20, Obermeier-Chase-Li discloses: The method of claim 13, wherein the steps of receiving the encrypted utility log, analyzing the encrypted utility log and transferring the encrypted analysis result are executed periodically.
Refer to at least [0053] of Obermeier with respect to the data historian requesting data it doesn’t have and/or a user requesting specific data.
Refer to at least Col. 6, Ll. 43-51 of Chase with respect to performing subsequent queries.
All of the claimed elements were known in the prior art (i.e., performing queries as cited) and one skilled in the art could have combined the elements as claimed by known methods with no change in their respective functions (i.e., the data historian or the user performing subsequent queries), and the combination would have yielded predictable results to one of ordinary skill in the art at the time of the invention (i.e., performing subsequent queries via the gateway and database of Obermeier).

Regarding claim 22, Obermeier-Chase-Li discloses: The method of claim 13, wherein the encrypted query is a filter query for locating and identifying a specific value in the utility log or an occurrence query for evaluating whether a particular value is present in the utility log.
Refer to at least FIG. 4 and Col. 9, Ll. 55-Col. 10, Ll. 12 of Chase with respect to query entries and identifying corresponding values. 
The claim would have been obvious because the substitution of one known element for another would have yielded predictable results to one of ordinary skill in the art at the time (i.e., the specific form of the query, which is generic in Obermeier).

Regarding independent claim 23, it is substantially similar to independent claim 13 above, and is therefore likewise rejected for substantially the same reasons (i.e., the citations and obviousness rationale).

Regarding claims 24-26, they are substantially similar to claims 14, 17, and 20 above, and are therefore likewise rejected.

Regarding claim 27, Obermeier-Chase-Li discloses:  The method of claim 23, wherein the utility log is organized in columns and rows and the encrypted utility log is generated by encrypting one or more of: only parts of the columns separately; only parts of the rows separately.
Refer to at least 120 in FIG. 4 of Chase with respect to the encrypted records. 
The claim would have been obvious because the substitution of one known element for another would have yielded predictable results to one of ordinary skill in the art at the time (i.e., the specific form for organizing the encrypted data, which is generic in Obermeier).

Regarding claim 28, Obermeier-Chase-Li discloses: The method claim 27, wherein the utility log comprises additional dummy rows, dummy columns or dummy entries.
Refer to at least FIG. 6 and Col. 11, Ll. 46-49 of Chase with respect to dummy entries.
Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Obermeier to include dummy entries for at least the purpose of increased security through obfuscation.

Regarding claim 29, it is rejected for substantially the same reasons as claims 23 and 27 above (i.e., encryption as the permutation). 

Regarding independent claim 30, it is substantially similar to independent claim 13 above, and is therefore likewise rejected for substantially the same reasons (i.e., the citations and obviousness rationale).

Regarding claim 31, it is substantially similar to claim 14 above, and is therefore likewise rejected.

Regarding claim 32, it is substantially similar to claim 20 above, and is therefore likewise rejected.

Claims 21 and 33-34 is is/are rejected under 35 U.S.C. 103 as being unpatentable over Obermeier-Chase-Li as applied to claims 13-15, 17-20 and 22-32 above, and further in view of Trepetin (US 9,946,810 B1).

Regarding claim 21, Obermeier-Chase-Li does not disclose: wherein the encrypted utility log and the encrypted query are received from the utility via a secure channel. However, Obermeier-Chase-Li in view of Trepetin discloses: wherein the encrypted utility log and the encrypted query are received from the utility via a secure channel. 
Refer to at least Col. 28, Ll. 50-55 of Trepetin with respect to encrypting the channel between client and database server for queries and result sets.
The teachings of Obermeier-Chase and Trapetin concern searchable encryption and are considered to be within the same field of endeavor and combinable as such. 
Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Obermeier-Chase-Li to include a secure channel for at least the purpose of increasing security / privacy of communications. 

Regarding independent claim 33, it is substantially similar to independent claim 13 above, and is therefore likewise rejected for substantially the same reasons (i.e., the citations and obviousness rationale). It further includes elements of dependent claim 21 above (i.e., the secure channel), and is therefore further rejected in view of Trapetin with respect to the secure channel between client and database server. 

Regarding claim 34, it is substantially similar to claim 14 above, and is therefore likewise rejected.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to VADIM SAVENKOV whose telephone number is (571)270-5751. The examiner can normally be reached 12PM-8PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey L Nickerson can be reached on (469) 295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Jeffrey Nickerson/Supervisory Patent Examiner, Art Unit 2432                                                                                                                                                                                                        




/V.S/Examiner, Art Unit 2432