Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

            DETAILED ACTION

1.	This action is responsive to:  an original application filed on 26 March 2021.	
2.	Claims 21-40 are currently pending and rejected; claims 21, 31 and 40 are independent claims. 
             
                                                          Pre-Amendment

3.	Preliminary amendment filed on 9 April 2021 has been considered by the examiner.

      Priority

4.	Priority claimed from its parent’s provisional application no. 62/133,172, filed on 13 March 2015.

Information Disclosure Statement

5.	The information disclosure statement (IDS) submitted are following the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
   Drawings

6.	The drawings filed on 26 March 2021 are accepted by the examiner. 

       Double Patenting

7.	The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.  A nonstatutory double patenting rejection is appropriate where the claims at issue are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO internet Web site contains terminal disclaimer forms which may be used.  Please visit http://www.uspto.gov/forms/.  The filing date of the application will determine what form should be used.  A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission.  For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents /process/ file/efs/guidance /eTD-info-I.jsp.  
Claims 21-40 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1-24 and 26 of US Patent No. 10965459.  
Although the conflicting claims are not identical, they are not patentably distinct from each other because, the notion of the claim does reefers to the same invention. In both claims disclose "key recovery method” based on security policy” of an application. And it is obvious to anyone in the art, time of invention that is to use of "key recovery method” based on security policy” to prevent and protect data/device from the unwanted user.

			       Claim Rejections - 35 USC § 102

8.	The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –	
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


Claims 21-40 are rejected 35 U.S.C §102 (a)(2) as being anticipated by applicant admitted prior art, Rich et al. (US Publication No. 20130044878), hereinafter Rich.

Regarding claim 21: 
receiving a recovery request from the communication device to recover a local key from a secure key storage of an applied key management system (Rich, ¶11).
determining to recover the local key from the secure key storage in response to the local key being authorized by at least one or more policies, a first policy of the one or more policies associated with the local key being based on at least one key attribute indicating one or more security (Rich, ¶59, 10, 46, 60).
and cryptographic considerations of the local key (Rich, ¶44).
and sending the local key to the communication device in response to determining to recover the local key (Rich, ¶51, 60).
Regarding claim 22:
wherein the local key is one or more of a locally-generated encryption key or locally-stored encryption key (Rich, ¶45).
Regarding claim 23:
wherein the local key comprises one or more of a key file for secure data storage, key data for Secure Shell (SSH), or license key for an application (Rich, ¶46, 6).
Regarding claim 24:
wherein the secure key storage is one or more of a Hardware Security Module (HSM), key management server, or secure data storage (Rich, ¶43, 50).
Regarding claim 25:
wherein the recovery request is sent over a network link (Rich, ¶26).
Regarding claim 26:
further comprising: receiving a request from the communication device to register and store the local key, the request including the local key retrieved from a local key store of the communication device; determining acceptability of the local key based on at least on key attribute associated with the local key conforming to one or more policies, the at least one key attribute indicating security and cryptographic considerations; evaluating the request based on at least on first policy of the one or more policies to determine authorization of the request; and sending the request to register and store the local key to the secure key storage in response to determining that the local key is acceptable and that the request is authorized (Rich, ¶51).
Regarding claim 27:
wherein determining to recover the local key from the secure key storage in response to the local key being authorized by the at least one or more policies comprises evaluating one or more of the key attributes of the local key, an application identifier identifying the local application, a user identifier identifying a user authorized to use the local key, a device identifier identifying the communication device, or a time at which the local key may be collected based on the at least one first policy (Rich, ¶12).
Regarding claim 28:
wherein determining to recover the local key from the key storage in response to the local key being authorized by the at least one or more policies comprises: generating an action request based on the recovery request received from the communication device, wherein the action request comprises the one or more of key attributes of the local key, the application identifier identifying the local application, the user identifier identifying the user authorized to use the local key, the device identifier identifying the communication device, or the time at which the local key is collected; and presenting the action request to a policy engine for inspection by the at least one first policy (Rich, ¶54).
Regarding claim 29:
wherein the recovery request recovers a registered and stored local key in the secure key storage, the registration and storage of the local key in response to accepting the local key based on at least one key attribute associated with the local key conforming to the one or more policies and the registering and storing of the local key at the secure key storage being authorized by at least one second policy of the one or more policies, wherein the at least one key attribute indicates that security and cryptographic considerations of the local key are acceptable based on the one or more policies (Rich, ¶44).
Regarding claim 30:
wherein the recovery request received comprises one or more of key attributes of the local key, an application identifier identifying the local application associated with the local key, a user identifier identifying a user authorized to use the local key, a device identifier identifying the communication device, or a time at which the local key is collected (Rich, ¶51).
Regarding claim 31: 
a secure key storage (Rich, ¶45).
a memory (Rich, ¶36-37).
and a processor, the processor configured to: (Rich, ¶44).
receive a recovery request from a communication device to recover a local key from the secure key storage of the applied key management system (Rich, ¶11).
determine to recover the local key from the key storage in response to the local key being authorized by at least one or more policies, a first policy of the one or more policies associated with the local key being based on at least one key attribute indicating one or more security (Rich, ¶10, 46, 59-60).
and cryptographic considerations of the local key (Rich, ¶44).
and send the local key to the communication device in response to determining to recover the local key(Rich, ¶51, 60).
Regarding claim 32:
wherein in determining to recover the local key from the key storage in response to the local key being authorized by the at least one or more policies, the processor is configured to evaluate one or more of the key attributes of the local key, an application identifier identifying the local application, a user identifier identifying a user authorized to use the local key, a device identifier identifying the communication device, or a time at which the local key may be collected based on the at least one first policy (Rich, ¶12).
Regarding claim 33:
wherein in determining to recover the local key from the key storage in response to the local key being authorized by the at least one or more policies, the processor is configured to: generate an action request based on the recovery request received from the communication device, wherein the action request comprises the one or more of key attributes of the local key, the application identifier identifying the local application, the user identifier identifying the user authorized to use the local key, the device identifier identifying the communication device, or the time at which the local key is collected; and present the action request to a policy engine for inspection by the at least one first policy (Rich, ¶12).
Regarding claim 34:
wherein in determining to recover the local key from the secure key storage in response to the local key being authorized by the at least one or more policies, the processor is configured to determine whether the communication device is associated with a node within a hierarchical structure or a classification (Rich, ¶56).
Regarding claim 35: 
wherein in determining to recover the local key from the key storage in response to the local key being authorized by the at least one or more policies, the processor is configured to determine that the local key is authorized to be registered and stored at the secure key storage based on the at least one first policy (Rich, ¶54).
Regarding claim 36:
wherein the recovery request is sent via a first network link (Rich, ¶26).
Regarding claim 37:
wherein the recovery request comprises one or more of key attributes of the local key, an application identifier identifying the local application associated with the local key, a user identifier identifying a user authorized to use the local key, a device identifier identifying the communication device, or a time at which the local key is collected (Rich, ¶12).
Regarding claim 38:
wherein the recovery request recovers a registered and stored local key in the secure key storage, the registration and storage of the local key in response to accepting the local key based on at least one key attribute associated with the local key conforming to the one or more policies and the registering and storing of the local key at the secure key storage being authorized by at least one second policy of the one or more policies, wherein the at least one key attribute indicates that security and cryptographic considerations of the local key are acceptable based on the one or more policies (Rich, ¶44).
Regarding claim 39:
wherein the recovery request received comprises one or more of key attributes of the local key, an application identifier identifying the local application associated with the local key, a user identifier identifying a user authorized to use the local key, a device identifier identifying the communication device, or a time at which the local key is collected (Rich, ¶51).
Regarding claim 40: 
receive a recovery request from a communication device to recover a local key from a secure key storage of an applied key management system (Rich, ¶11).
to recover the local key from the secure key storage in response to the local key being authorized by at least one or more policies, a first policy of the one or more policies associated with the local key being based on at least one key attribute indicating one or more security (Rich, ¶59, 10, 46, 60).
and cryptographic considerations of the local key (Rich, ¶44).
and send the local key to the communication device in response to determining to recover the local key (Rich, ¶51, 60).

Conclusion

9.	The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Monjour Rahim whose telephone number is (571)270-3890. 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on 571-272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
	Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (in USA or CANANDA) or 571-272-1000.

/Monjur Rahim/
Patent Examiner
United States Patent and Trademark Office
Art Unit: 2436; Phone: 571.270.3890
E-mail: monjur.rahim@uspto.gov
Fax: 571.270.4890