DETAILED ACTION
Notice of AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.


Information Disclosure Statement
The information disclosure statement (IDS) submitted on 2021-06-03 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.


Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


Claims 4, 14, and 19 are rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor regards as the invention.  Specifically, Claim 4 recites the limitation “the destructible data object is embedded within the data portion in obfuscated form”, and it is ambiguous as to whether the prepositional phrase “in obfuscated form” is modifying “the destructible data object” or the “data portion”.  Based on the Specification, it appears there is only adequate written description for the obfuscation of the data itself (e.g. [0040]), i.e. there is no disclosure as to how to execute obfuscated executable code.  Thus, for claim interpretation with respect to prior art, the prepositional phrase “in obfuscated form” will be interpreted as modifying the “data portion”.  Claims 14 and 19 are rejected under a similar rationale.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-4, 6-14, and 16-19 are rejected under 35 U.S.C. 103 as being unpatentable over Holt (US Pre-Grant Publication No. 20130268740-A1, hereinafter “Holt”) in view of Kim et al. (US Pre-Grant Publication No. 20200334372-A1, hereinafter “Kim”).

With respect to independent claim 1, Holt discloses a system for electronic data obfuscation and protection using independent destructible data objects, the system comprising:
a memory device with computer-readable program code stored thereon {para. 0020: “a memory device (e.g., FLASH memory, a random access memory (RAM) device or a read-only memory (ROM) device for storing information (e.g., instructions executed by processor 112 and data operated upon by processor 112 in response to such instructions))”}.
a communication device {para. 0020: “a network interface (e.g., circuitry) for communicating between the processor 110 and the network 104”}.
a processing device operatively coupled to the memory device and the communication device, wherein the processing device is configured to execute the computer-readable program code {para. 0020: “a processor 112 for executing and otherwise processing instructions”} to:
receive a request to store a set of data in a database {para. 0035: “an object is received from the user 202”}.
split the set of data into a data portion and a key portion {paras. 0045-0049, 0056, & 0076: “the hash function is applied to that object to get the partition identification”, wherein “the constrained mapping function is used to map each partition in the file storage system 100 to a plurality of storage pools that are in different zone”; also reads on the division of the “object” itself and the “metadata”; also reads on the “object” itself and the “key”; the claim terms “data portion” and “key portion” are interpreted as labels that do not affect the nature of the partitioning of data or the partitioned data itself}.
store the data portion in a first database and the key portion in a second database {paras. 0045-0049, 0056, & 0076: “the constrained mapping function is used to map each partition in the file storage system 100 to a plurality of storage pools that are in different zone” and/or “the metadata is stored in a machine-readable format next to the data itself. For example, the metadata for a file is stored in a text file or single file database”}.
associate a destructible data object with the data portion, wherein the destructible data object comprises executable code that, when executed, initiates a countdown process {para. 0072: “an automatic file deletion and destruction service. The automatic file deletion and destruction service could work on either at the object level in conjunction with the object service 208, or at the container level, in conjunction with the container service 210. In either embodiment, the result would be files or containers that are destroyed when a trigger event occurs, where the most common triggering event is the passage of a specified amount of time”}, the countdown process comprising:
automatically executing one or more protective actions on the data portion {para. 0072: “files or containers that are destroyed when a trigger event occurs”}.
Although Holt teaches self-destructing data containers that delete the data based on the passage of a specified amount of time, Holt does not explicitly disclose that the passage of time is measured based on decreasing a countdown value; however, Kim discloses:
associate a destructible data object with the data portion, wherein the destructible data object comprises executable code that, when executed, initiates a countdown process {para. 0037: “the secure memory of the data storage device is self-destructed when the mismatch value reaches or exceeds the maximum number of permitted mismatches (e.g., “10”). In alternative embodiments, the mismatch value may initially be set at positive, non-zero value and reduced each time an incorrect authorization password/PIN entered by the user”}, the countdown process comprising:
incrementally decreasing a countdown value associated with the data portion {para. 0037: “the mismatch value may initially be set at positive, non-zero value and reduced each time an incorrect authorization password/PIN entered by the user”}.
detecting that the countdown value has reached a defined countdown threshold {para. 0037: “the secure memory of the data storage device is self-destructed when the mismatch value reaches … the maximum number of permitted mismatches”}.

Holt and Kim are analogous art because they are from the same field of endeavor or problem-solving area of self-destruction of memory.  Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Holt and Kim before him or her, to modify/develop the self-destruction trigger of Holt’s system to utilize the trigger of self-destruction based on a countdown of invalid authorizations and/or modification of the timer trigger to use a countdown process (e.g. countdown timer).  The suggestion and/or motivation for doing so would have been because it is merely combining prior art elements according to known methods to yield predictable results, i.e. enhancing security by using incorrect password entry as a self-destruction trigger and/or using countdown timers to track the passage of time.  Therefore, it would have been obvious to combine the self-destruction trigger in Holt’s system with the trigger of self-destruction based on a countdown of invalid authorizations and/or modification of the timer trigger to use a countdown process (e.g. countdown timer) to obtain the invention as specified in the instant claim(s).  The Examiner notes that this motivation applies to all dependent and/or otherwise subsequently addressed claims.

With respect to dependent claim 2, Kim discloses wherein the countdown process further comprises:
receiving an authorization input from a trusted computing system {para. 0042: “upon such connection with and authorization from the remote device 16”}.
resetting the countdown value {para. 0042: “Offline Counter of the data storage device 12 may be reset”; although this is a different counter, it would be obvious to apply the reset to the invalid password entry counter upon entry of a correct password, as in common in many operating systems and web-sites}.

With respect to dependent claim 3, Holt discloses wherein the destructible data object is a data wrapper, wherein associating the destructible data object with the data portion comprises encapsulating the data portion in the destructible data object {paras. 0075-0077: “encrypted file would then be wrapped in a second layer of encryption” as part of “the automatic file deletion and destruction service”}.

With respect to dependent claim 4, Holt discloses wherein the destructible data object is embedded within the data portion in obfuscated form {para. 0076: “each object would be encrypted and the key kept in a separate file”; although Holt does not explicitly disclose the embedding of the container code in the object, the storage of the data object in any location is obvious and trivial; See MPEP § 2144.04(VI)(C) “Rearrangement of Parts”}, wherein the destructible data object is automatically executed when the data portion is accessed {paras. 0073 & 0097-0105: “automatic file deletion and destruction service may include instructions that, when executed by a processor”, wherein there is a “Self-Deleting Files API”; note that the instructions for the self-destruction of the object will not execute until the data portion storing the time for deletion has been accessed and it is determined that the deletion time trigger is satisfied}.

With respect to dependent claim 6, Kim discloses wherein decreasing the countdown value is an iteration-based process comprising decreasing the countdown value each time that the data portion is accessed {paras. 0037 & 0041: “the mismatch value may initially be set at positive, non-zero value and reduced each time an incorrect authorization password/PIN entered by the user”, and/or “Each time the data storage device 12 is offline and connected in data communication with the host device 14, the offline occurrence value will be reduced by one by the Offline Counter”}.

With respect to dependent claim 7, Holt discloses wherein the one or more protective actions comprises:
reversibly altering the data portion such that the set of data cannot be reconstituted by combining the data portion with the key portion {para. 0076: “each object would be encrypted and the key kept in a separate file”; regardless of what is interpreted as the “key portion”, a simple combination will not result in data reconstitution – decryption is necessary}.
receiving an authorization input from a trusted computing system {para. 0094: receiving “a request for an object” from the user}.
reversing alteration of the data portion {para. 0094: “the object is retrieved, decrypted if necessary, and returned”}.

With respect to dependent claim 8, Holt discloses wherein the one or more protective actions comprises irreversibly altering the data portion such that the set of data cannot be reconstituted by combining the data portion with the key portion {para. 0075: “a secure overwrite protocol, wherein each replica is locked, simultaneously deleted, and then overwritten one or more times with zeroes, ones, or random bits”}.

With respect to dependent claim 9, Holt discloses wherein the one or more protective actions comprises wiping the data portion {para. 0075: “a secure overwrite protocol, wherein each replica is locked, simultaneously deleted, and then overwritten one or more times with zeroes, ones, or random bits”}.

With respect to dependent claim 10, Holt discloses wherein the data portion is obfuscated using one or more masking algorithms {para. 0076: “each object would be encrypted and the key kept in a separate file”}, wherein the one or more protective actions comprises altering the data portion to remain in an obfuscated state {para. 0076: “the automatic file deletion service, the secure key file would be deleted, modified, or replaced with regular tombstone file. In this way, the encrypted contents of the encrypted object file would be first destroyed (by rendering them unintelligible)”}.

With respect to claims 11-14, a corresponding reasoning as given earlier in this section with respect to claims 1-4 applies, mutatis mutandis, to the subject matter of claims 11-14; therefore, claims 11-14 are rejected, for similar reasons, under the grounds as set forth for claims 1-4.

With respect to claims 16-19, a corresponding reasoning as given earlier in this section with respect to claims 1-4 applies, mutatis mutandis, to the subject matter of claims 16-19; therefore, claims 16-19 are rejected, for similar reasons, under the grounds as set forth for claims 1-4.


Claims 5, 15, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Holt in view of Kim and Peng.

With respect to dependent claim 5, although Holt-Kim teaches both an expiration time-based self-destruct trigger and a separate event-based count-down, Holt-Kim does not explicitly disclose a time-based countdown; however, Peng discloses wherein decreasing the countdown value is a time-based process comprising:
detecting a passage of time based on at least one of a system clock, internet time, and a number of clock cycles {para. 0892: “the second user obtains the timing status sent by the server, and displays the timing status by using the first interface output by the second terminal corresponding to the second user. When the first interface displays the timing status, the second terminal may trigger a timer of the second terminal based on the obtained timing status of the timer to start countdown”}.
decreasing the countdown value according to the passage of time {para. 0892: “second terminal triggers the timer of the second terminal to start countdown”}.

Holt-Kim and Peng are analogous art because they are from the same field of endeavor or problem-solving area of self-destruction of memory.  Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Holt-Kim and Peng before him or her, to modify/develop the self-destruction time-based trigger of Holt-Kim’s system to utilize a countdown timer.  The suggestion and/or motivation for doing so would have been because it is merely combining prior art elements according to known methods to yield predictable results, i.e. a countdown timer is a well-known mechanism for triggering an even after passage of a specified period of time.  Therefore, it would have been obvious to combine the self-destruction time-based trigger in Holt-Kim’s system with a countdown timer to obtain the invention as specified in the instant claim(s).  The Examiner notes that this motivation applies to all dependent and/or otherwise subsequently addressed claims.

With respect to claim 15, a corresponding reasoning as given earlier in this section with respect to claim 5 applies, mutatis mutandis, to the subject matter of claim 15; therefore, claim 15 is rejected, for similar reasons, under the grounds as set forth for claim 5.

With respect to claim 20, a corresponding reasoning as given earlier in this section with respect to claim 5 applies, mutatis mutandis, to the subject matter of claim 20; therefore, claim 20 is rejected, for similar reasons, under the grounds as set forth for claim 5.


Any inquiry concerning this communication or earlier communications from the examiner should be directed to Kevin Bechtel whose telephone number is (571)270-5436. The examiner can normally be reached Monday - Friday, 09:00 - 17:00 ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 571-272-3972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/Kevin Bechtel/Primary Examiner, Art Unit 2491