DETAILED ACTION
This is a non-final Office Action in response to amendments and a request for continuation received on 01/07/2026. Claims 1, 4, 8, 21, 23, 27, and 29-30 are amended. Claims 10-20 were canceled. Claims 1-9 and 21-31 are examined and are pending. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set
forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this
application is eligible for continued examination under 37 CFR 1.114, and the fee set
forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on
08/05/2024 has been entered.
Response to Arguments
Applicant’s amendments to claims 1, 21 and 29 filed on 01/07/2026, have been fully considered.
Applicant’s Remarks regarding 103 have been considered, but have not been found persuasive.
Consequently, the rejection of the claims under 35 U.S.C. 103 is sustained.
With respect to the Applicant’s argument on pages 10-11 on the Remarks that Alsina does not teach: "establishing, by the client device, an access-code recovery process comprising:
generating a plurality of shares of the access code by dividing the access code into
the plurality of shares that can be combined to reconstruct the access code, and
distributing the plurality of shares to a plurality of trusted devices, wherein at least
a subset of the plurality of shares is required for reconstructing the access code,". However, the amendments made to claim 1 add new features to the claims and change the scope of the claims and require further search and consideration. Therefore, the arguments are moot.
With respect to the Applicant’s argument on page 11 on the Remarks that Pettit does not reconstruct an underlying secret key or access code. However, the Examiner respectfully disagrees. Pettit in Paras. [0185]-[0193], [0196] teaches generating secret shares of a private key, and threshold reconstruction of a signature. Therefore, it generates shares of secret values using a secret-sharing scheme. Since Pettit uses a secret sharing technique to split a private key into shares, it would be obvious to split the DRM key (access code) of Alsina, and reconstruct it, using the same technique used by Pettit.
With respect to the Applicant’s argument on page 11 on the Remarks that “Pettit fails to teach, describe or suggest "dividing the access code into the plurality of shares that can be combined to reconstruct the access code," as recited in currently amended independent claim 1, and as similarly recited in currently amended claim 21”. However, the amendments made to claim 1 add new features to the claims and change the scope of the claims and require further search and consideration. Therefore, the arguments are moot.
With respect to the Applicant’s argument on pages 11-12 on the Remarks that Alsina “fails to teach, describe, or suggest:
"establishing, by the client device, an access-code recovery process comprising:
generating a plurality of shares of the access code by dividing the access code into
the plurality of shares that can be combined to reconstruct the access code, and
distributing the plurality of shares to a plurality of trusted devices, wherein at least
a subset of the plurality of shares is required for reconstructing the access code". However, the amendments made to claim 1 add new features to the claims and change the scope of the claims and require further search and consideration. Therefore, the arguments are moot.
With respect to the Applicant’s argument on pages 12-13 on the Remarks that “As Byrne, Koorapati, and Richards fail to contemplate either the division of an access code or the aggregation of access code shares, the cited references also fail to teach, describe, or suggest:
"establishing, by the client device, an access-code recovery process comprising:
generating a plurality of shares of the access code by dividing the access code into
the plurality of shares that can be combined to reconstruct the access code, and
distributing the plurality of shares to a plurality of trusted devices, wherein at least
a subset of the plurality of shares is required for reconstructing the access code". However, the amendments made to claim 1 add new features to the claims and change the scope of the claims and require further search and consideration. Therefore, the arguments are moot.
With respect to the Applicant’s argument on page 14 on the Remarks that “Alsina does not discuss a DRM key in an encrypted form, but rather “the DRM key can enable the client device to decrypt and operate the content item”. Thus, it is the content item in an encrypted form, and not the DRM key, thereby fully exposing the DRM key to the system”. However, the Examiner respectfully disagrees. The limitation of claim 1 recites: “generating, by the client device, an access code for encrypting and/or decrypting content items”, there is no citation that shows the access code itself is encrypted. The DRM in Alsina as the access code, enables the client device to decrypt and operate the content item.
The remaining arguments regarding the independent claim 29 on page 10 on the remarks without presenting additional arguments, a similar response applies.
The remaining arguments regarding the dependent claims with respect to independent claims without presenting additional arguments, a similar response applies.
The remaining arguments fail to comply with 37 C.F.R. 1.111(b) because they amount to a general allegation that the claims define a patentable invention without specifically pointing out how the language of the claims patentably distinguishes them from the references.
In addition, Applicant’s remaining arguments filed 01/07/2026, with respect to the rejection of claims 1-9, 21-31 under 35 USC § 103 have been fully considered but are moot because newly added claim limitations requiring “establishing, by the client device, an access-code recovery process comprising: generating a plurality of shares of the access code by dividing the access code into the plurality of shares that can be combined to reconstruct the access code”, require new grounds of rejection necessitated by the amendments.
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
The following is a quotation of the first paragraph of pre-AlA 35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.
Claims 1 and 21 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AlA), first paragraph, as failing to comply with the enablement requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to enable one skilled in the art to which it pertains, or with which it is most nearly connected, to make and/or use the invention.
In regard to claims 1 and 21, the claims as recited require at most a share of the access code is exposed to the CMS, the recitation “wherein at most a share of the access code is exposed to the CMS” does not appear enabled by the disclosure. The originally filed Specification fails to disclose a share of the access code being exposed to the CMS as reflected in the claims. There is no teaching or suggestion how a person having ordinary skill in the art would determine how to expose only a share of the access code to the CMS. Furthermore, there doesn't appear to be any indication of a proper correlation between “the access code is not entirely exposed to the CMS” per specification and a at most a share of the access code being exposed to the CMS as recited in the claims, that would enable a person having skill in the art to understand how at most a share of the access code is exposed to the CMS.
Claim 29 is rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AlA), first paragraph, as failing to comply with the enablement requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to enable one skilled in the art to which it pertains, or with which it is most nearly connected, to make and/or use the invention.
In regard to claim 29, the claims as recited require at most a share of the access code is exposed to the CMS, the recitation “at most a share of the access code is not entirely exposed to the content management system” does not appear enabled by the disclosure. The originally filed Specification fails to disclose a share of the access code not being entirely exposed to the CMS as reflected in the claim. There is no teaching or suggestion how a person having ordinary skill in the art would determine how to not entirely expose a share of the access code to the CMS. Furthermore, there doesn't appear to be any indication of a proper correlation between “the access code is not entirely exposed to the CMS” per specification and a at most a share of the access code not being entirely exposed to the CMS as recited in the claims, that would enable a person having skill in the art to understand how at most a share of the access code is not entirely exposed to the CMS.
There are many factors to be considered when determining whether there is sufficient evidence to support a determination that a disclosure does not satisfy the enablement requirement and whether any necessary experimentation is "undue." These factors include, but are not limited to:
(A) The breadth of the claims; The claims necessitate a person having ordinary skill in the art to ascertain how “at most a share” of the access code is exposed to the CMS. Without clear guidance, it’s not possible to make or use the invention without undue experimentation
(B) The nature of the invention; The phrase “at most a share of the access code is exposed to the CMS” as used in the claims is not common in the field of secret sharing
(C) The state of the prior art; The phrase ““at most a share of the access code is exposed to the CMS” as used in the claims is not readily known in the field of secret sharing
(D) The level of one of ordinary skill; A person having ordinary skill in the art of secret sharing would not be able to ascertain the values associated with the recited ““at most a share of the access code is exposed to the CMS” for every situation without undue experimentation
(E) The level of predictability in the art; A person having ordinary skill in the art of secret sharing would not be able to predict how to expose at most a share of the access code to the CMS for every situation without undue experimentation
(F) The amount of direction provided by the inventor; As explained above, the Specification fails to provide adequate direction to allow a person having ordinary skill in the art to make or use the invention without undue experimentation
(G) The existence of working examples; and
(H) The quantity of experimentation needed to make or use the invention based on the content of the disclosure.
A conclusion of lack of enablement means that, based on the evidence regarding each of the above factors, the specification, at the time the application was filed, would not have taught one skilled in the art how to make and/or use the full scope of the claimed invention without undue experimentation. In re Wright, 999 F.2d 1557,1562, 27 USPQ2d 1510, 1513 (Fed. Cir. 1993).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-3, 5, 21-22, and 24 are rejected under 35 U.S.C. 103 over Cheruvath (US 2015/0244522) in view of Alsina (US 2015/0347996).
Regarding claim 1, Cheruvath discloses the limitations of claim 1 as follows:
A method, comprising: initiating, by a client device, an enrollment process between the client device and a content management system; (Cheruvath, [0044]-[0052], shows communication between electronic device 104 and MDM server 102, policy, monitoring, and recovery request (i.e., enrollment process)).
generating, by the client device, an access code for encrypting and/or decrypting content items associated with a user account, (Cheruvath, Paras. [0044]-[0052], user enters a passcode/password (i.e., generating an access code). The passcode (or its hash) is used to encrypt file system keys. Data is encrypted using passcode-related keys (i.e., for encrypting/decrypting content items)). wherein at most a share of the access code is exposed to the content management system; (Cheruvath, Paras. [0045]-[0047], [0063], the passcode (or encrypted hash) is divided into secret shares, and a threshold number of shares is required to reconstruct the passcode. “The secret shares are then distributed to three entities--One share is sent to the MDM server 102, another share is kept within the secure storage of the electronic device 104 and other one is sent to user email through the SMIME”. Therefore, the MDM server receives only a share and not the full passcode (i.e., at most a share of the access code is exposed)).
using, by the client device, the access code to encrypt a content item to provide an encrypted content item; (Cheruvath, Paras. [0033], [0044]-[0047], [0063], discloses encrypting data in secure container, encrypting file metadata and file content, and encrypting file system encryption keys using the passcode (or its hash)).
establishing, by the client device, an access code recovery process comprising:
generating a plurality of shares of the access code by dividing the access code into the plurality of shares that can be combined to reconstruct the access code, (Cheruvath, Paras. [0045]-[0047], [0053]-[0063], discloses a passcode recovery process and reconstruction from shares. Generating encrypted key shares using Shamir's secret sharing algorithm or a Blakeley's scheme (splitting/dividing), and reconstructing it based on a threshold number of shares (i.e., to reconstruct the access code)).
distributing the plurality of shares to a plurality of trusted devices, wherein at least a subset of the plurality of shares is required for reconstructing the access code. (Cheruvath, Paras. [0045]-[0048], [0053]-[0063], discloses distributing them to secure storage on device 104, MDM server, email account, and administrators as trusted entities. And a threshold k is required for reconstruction/recovery the passcode).
Cheruvath does not explicitly teach:
An enrollment process,
Encrypting and/or decrypting content items,
However, Alsina teaches:
An enrollment process, (Alsina, Paras. [0035], [0040]-[0042], teaches user creating an account with CMS 105, and associating a device with a CMS (i.e., enrollment process)).
Encrypting and/or decrypting content items, (Alsina, Paras. [0035], [0040]-[0042], teaches content items managed by the CMS. However, the encryption data in secure container in Cheruvath can be applied to the content items in Alsina)).
Alsina is combinable with Cheruvath, because both are from the same field of protection of data in distributed computing systems. It would have been obvious to a person having ordinary skill in the art before the effective filling date of the invention to utilize content items, as taught by Alsina with Cheruvath’s method of secret-sharing encryption, in order to improve security of CMS content/distributed content.
Regarding per claim 21, claim 21 encompass same or similar scope as claim 1. Therefore, claim 21 is rejected based on the reasons set forth above in rejecting claim 1.
Regarding claim 2, Cheruvath-Alsina disclose the limitations of claim 1. Cheruvath and Alsina disclose claim 2 as follows:
The method of claim 1, further comprising: uploading, by the client device, the encrypted content item to the user account. (Alsina, Paras. [0036]-[0037], and Figs. 1, 5-6, a user uploads content items from one of client devices 115 to content management system 105. The purchased and uploaded content items are assigned to the user's account and then accessed by the user from any of client devices 115. Cheruvath teaches encrypting data).
The same motivation to combine utilized in claim 1 is equally applicable in the instant claim.
Regarding claim 3, Cheruvath-Alsina disclose the limitations of claim 1. Cheruvath and Alsina disclose claim 3 as follows:
The method of claim 2, further comprising: receiving, by a second client device, a request to access the encrypted content item; determining, by the second client device, that the second client device does not have access to the access code; and responsive to the determining, blocking, by the second client device, access to the encrypted content item. (Alsina, Paras. [0052]-[0056], [0075], [0097]-[0099], and Figs. 2A-C, the content item is unavailable and/or inaccessible to a user of the client device 115.sub.i when the DRM key assigned to a specific content item is not available to a client device 115.sub.i (please see the graphs provided in the cited figures, and example of user account 210 which doesn’t have access to content items 11-12 or 14-16). The owner of the account can revoke/add another account or devices to access the content items. Before a content item is transmitted, the system checks whether the user requesting access is the one assigned to the content item. Cheruvath teaches encrypting data).
The same motivation to combine utilized in claim 1 is equally applicable in the instant claim.
Regarding claim 5, A Cheruvath-Alsina disclose the limitations of claim 1. Alsina discloses claim 5 as follows:
The method of claim 1, further comprising: receiving, by the client device, a second request from a second client device to gain access to the content items; and granting, by the client device, the second request to the second client device, wherein granting the second request to the second client device comprises sending the access code from the client device to the second client device. (Alsina, Paras. [0052]-[0056], [0075], [0097]-[0099], and Figs. 2A-C, 5-6, at step 505, user request to download content item (i.e., a second client device), at step 510, the system checks whether the content is assigned to the user, then enforce access if the answer is yes. At step 515-525, transmits the DRM key to the second user).
The same motivation to combine utilized in claim 1 is equally applicable in the instant claim.
Regarding claim 22, Cheruvath-Alsina disclose the limitations of claim 21. Cheruvath and Alsina disclose claim 22 as follows:
The non-transitory computer readable medium of claim 21, wherein the instructions further cause the computing system to: send a request to access the encrypted content item to a the CMS, wherein the CMS determines that the client device does not have access to the access code; (Alsina, Paras. [0052]-[0056], [0075], [0097]-[0099], and Figs. 2A-C, the content item is unavailable and/or inaccessible to a user of the client device 115.sub.i when the DRM key assigned to a specific content item is not available to a client device 115.sub.i (please see the graphs provided in the cited figures, and example of user account 210 which doesn’t have access to content items 11-12 or 14-16). The owner of the account can revoke/add another account or devices to access the content items. Before a content item is transmitted, the system checks whether the user requesting access is the one assigned to the content item).
and receive an indication that the client device does not have access to the encrypted content item. (Cheruvath, Paras. [0030], [0043], [0060], for accessing the encrypted data, the user needs to enter the passcode, and without the password the encrypted data becomes inaccessible and won’t be recovered (i.e., does not have access)).
The same motivation to combine utilized in claim 21 is equally applicable in the instant claim.
Regarding claim 24, Cheruvath-Alsina disclose the limitations of claim 21.. Alsina discloses claim 24 as follows:
The non-transitory computer readable medium of claim 21, wherein the instructions further cause the computing system to: transmit, by the client device, a request to the CMS to transfer the access code to a second client device; in response to the CMS granting the request, establish a secure exchange protocol with the second client device to send the access code from the client device to the second client device; and forward, by the client device, the access code to the second client device. (Alsina, Paras. [0052]-[0056], [0075], [0097]-[0099], and Figs. 2A-C, 5-6, at step 505, user request to download content item (i.e., a second client device), at step 510, the system checks whether the content is assigned to the user, then enforce access if the answer is yes. At step 515-525, transmits the DRM key to the second user).
The same motivation to combine utilized in claim 21 is equally applicable in the instant claim.
Claims 4, 7, 23, and 26 are rejected under 35 U.S.C. 103 over Cheruvath (US 2015/0244522) in view of Alsina (US 2015/0347996), and further in view of Pettit (US 2023/0308287).
Regarding claim 4, Cheruvath-Alsina disclose the limitations of claims 1-3. Pettit discloses claim 4 as follows:
The method of claim 3, further comprising: receiving, by the client device, a representation of the access code from a trusted device, of the plurality of trusted devices, that initiated the access code recovery process. (Pettit, Paras. [0014], [0097], [0117], [0154], and Figs. 3A-B, and 4, the first participant reveals a key share to the verifying party to initiate the reconstruction process. Each participants recovers/retrieves a key share that was previously stored).
Pettit is combinable with Cheruvath and Alsina, because all are from the same field of protection of data in distributed computing systems. It would have been obvious to a person having ordinary skill in the art before the effective filling date of the invention to initiate code recovery process by utilizing a share of the access code, as taught by Pettit with Cheruvath-Alsina’s method in order to ensure that no single participant has the full key to initiate the recovery process.
Regarding claim 7, Cheruvath-Alsina disclose the limitations of claim 1. Pettit discloses claim 7 as follows:
The method of claim 1, wherein the content management system comprises at least one trusted device of the plurality of trusted devices. (Pettit, Paras. [0105]-[0110], and Figs. 4-5, participants 401a-c (i.e., at least one trusted device)).
The same motivation to combine utilized in claim 4 is equally applicable in the instant claim.
Regarding claim 23, Cheruvath-Alsina disclose the limitations of claim 21. Pettit discloses claim 23 as follows:
The non-transitory computer readable medium of claim 21, wherein the instructions further cause the computing system to: initiate, by the client device, the recovery process with a trusted device, wherein the trusted device is configured to prompt the plurality of trusted devices to provide their share of the access code; (Pettit, Paras. [0185], and Fig. 4, Participants 401a-c).
and receive, by the client device, a representation of the access code from the trusted device, that initiated the recovery process, and the plurality of trusted devices. (Pettit, Paras. [0014], [0097], [0117], [0154], and Figs. 3A-B, and 4, a distributed recovery mechanism where a secret is shared among multiple participants, and can only be reconstructed when a sufficient number of shares/threshold are provided. A user requests access to a lost key/secret, and a trusted set of participants provide their shared of the secret, and reconstruct the secret).
Pettit is combinable with Cheruvath and Alsina, because all are from the same field of protection of data in distributed computing systems. It would have been obvious to a person having ordinary skill in the art before the effective filling date of the invention to initiate code recovery process by utilizing a share of the access code, as taught by Pettit with Cheruvath-Alsina’s method in order to ensure that no single participant has the full key to initiate the recovery process.
Regarding claim 26, Cheruvath-Alsina disclose the limitations of claim 21. Pettit discloses claim 26 as follows:
The non-transitory computer readable medium of claim 21, wherein the content management system is one trusted device of the plurality of trusted devices. (Pettit, Paras. [0105]-[0110], and Figs. 4-5, participants 401a-c (i.e., at least one trusted device)).
The same motivation to combine utilized in claim 23 is equally applicable in the instant claim.
Claims 6, 25, 29, and 31 are rejected under 35 U.S.C. 103 over Cheruvath (US 2015/0244522) in view of Alsina (US 2015/0347996), and further in view of Koorapati (US 2022/0188273).
Regarding claim 29, Cheruvath discloses the limitations of claim 29 as follows:
A method, comprising: facilitating, by a content management system (CMS), an enrollment process between a client device and the CMS, wherein the enrollment process is initiated by the client device; (Cheruvath, [0044]-[0052], shows communication between electronic device 104 and MDM server 102, policy, monitoring, and recovery request (i.e., enrollment process)).
receiving, by a server, a first share of a plurality of shares of an access code for decrypting content items associated with a user account, (Cheruvath, Paras. [0033], [0044]-[0054], [0057]-[0059], [0063]-[0068], [0071]-[0074], discloses receiving a secret share of a passcode or its hash at a server, and using reconstruction information to decrypt encrypted data/content item. Therefore, decrypting a file system encryption key, using the reconstruction passcode (or its hash)).
wherein at most a share of the access code is not entirely exposed to the content management system and the content management system is designated as a trusted user to facilitate a recovery process; (Cheruvath, Paras. [0045]-[0047], [0063], the passcode (or encrypted hash) is divided into secret shares, and a threshold number of shares is required to reconstruct the passcode. “The secret shares are then distributed to three entities--One share is sent to the MDM server 102, another share is kept within the secure storage of the electronic device 104 and other one is sent to user email through the SMIME”. Therefore, the MDM server receives only a share and not the full passcode (i.e., at most a share of the access code is not entirely exposed)).
enabling, by the server, an access code recovery process , wherein enabling the access code recovery process is initiated by the client device, (Cheruvath, Paras. [0054], [0074]-[0075], the method 600 includes receiving a recovery request, the recovery request is received at the MDM server 102. When a user forget his passcode, the user sends a passcode reset request to the admin of the MDM 102 (i.e., is initiated by the client device)).
the access-code recovery process comprises combining at least a subset of the plurality of shares to reconstruct the access code. (Cheruvath, Paras. [0058]-[0063], [0071]-[0075], discloses recovery process by reconstruction of the passcode from distributed secret shares from the plurality of shares from the plurality of multiple entities as Shamir’s or Blakley’s secret-sharing).
Cheruvath does not explicitly teach:
An enrollment process,
Encrypting and/or decrypting content items,
However, Alsina teaches:
An enrollment process, (Alsina, Paras. [0035], [0040]-[0042], teaches user creating an account with CMS 105, and associating a device with a CMS (i.e., enrollment process)).
Encrypting and/or decrypting content items, (Alsina, Paras. [0035], [0040]-[0042], teaches content items managed by the CMS. However, the encryption data in secure container in Cheruvath can be applied to the content items in Alsina)).
Alsina is combinable with Cheruvath, because both are from the same field of protection of data in distributed computing systems. It would have been obvious to a person having ordinary skill in the art before the effective filling date of the invention to utilize content items, as taught by Alsina with Cheruvath’s method of secret-sharing encryption, in order to improve security of CMS content/distributed content.
Cheruvath modified by Alsina do not explicitly teach:
limiting, by the server, access to a vaulted folder based on the access code;
However, Koorapati teaches:
limiting, by the server, access to a vaulted folder based on the access code;
(Koorapati, Paras. [0101], [0119]-[0121], [0136]-[0138], and Fig. 5, the vault folders are treated as a special content type with specific access and modification rules (disallowing move or delete). a restrictive condition (e.g., a condition limiting a behavior for a content item to a specific access level, policy, group membership, etc.), and/or any other conditions are specified (i.e., limiting access)).
Koorapati is combinable with Cheruvath-Alsina, because all are from the same field of distributed data control and secure communication. It would have been obvious to a person having ordinary skill in the art before the effective filling date of the invention to limit access to vault folders, as taught by Koorapati with Cheruvath-Alsina’s method in order to ensure that only authorized users or devices can access sensitive information.
Regarding claim 31, Cheruvath-Alsina modified by Koorapati discloses the limitations of claim 29. Alsina discloses claim 31 as follows:
The method of claim 29, further comprising: transmitting, from the client device, a request to the content management system (CMS) to transfer the access code to a second client device; and in response to the CMS granting the request, forwarding the access code from the client device to the second client device. (Alsina, Paras. [0052]-[0056], [0075], [0097]-[0099], and Figs. 2A-C, 5-6, at step 505, user request to download content item (i.e., a second client device), at step 510, the system checks whether the content is assigned to the user, then enforce access if the answer is yes. At step 515-525, transmits the DRM key to the second user).
The same motivation to combine utilized in claim 29 is equally applicable in the instant claim.
Regarding claim 6, Cheruvath-Alsina disclose the limitations of claim 1. Koorapati in the same field of endeavor discloses claim 6 as follows:
The method of claim 1, wherein the user account comprises a vaulted folder comprising the content items. (Koorapati, Paras. [0119], [0137]-[0138], and Fig. 5, node attribute 504 identifies an associated content item as a vault folder).
Koorapati is combinable with Cheruvath-Alsina, because all are from the same field of distributed data control and secure communication. It would have been obvious to a person having ordinary skill in the art before the effective filling date of the invention to utilize a vaulted folder to store sensitive information, as taught by Koorapati with Cheruvath-Alsina’s method in order to enhance security for sensitive data, and restrict sharing the content item. [see Para. 0138]
Regarding claim 25, A Cheruvath-Alsina disclose the limitations of claim 21. Koorapati in the same field of endeavor discloses claim 25 as follows:
The non-transitory computer readable medium of claim 21, wherein the user account comprises a vaulted folder comprising the content items. (Koorapati, Paras. [0119], [0137]-[0138], and Fig. 5, node attribute 504 identifies an associated content item as a vault folder).
Koorapati is combinable with Cheruvath-Alsina, because all are from the same field of distributed data control and secure communication. It would have been obvious to a person having ordinary skill in the art before the effective filling date of the invention to utilize a vaulted folder to store sensitive information, as taught by Koorapati with Cheruvath-Alsina’s method in order to enhance security for sensitive data, and restrict sharing the content item. [see Para. 0138]
Claims 8-9, and 27-28 are rejected under 35 U.S.C. 103 over Cheruvath (US 2015/0244522) in view of Alsina (US 2015/0347996), and further in view of Richards (US 2022/0029804).
Regarding claim 8, Cheruvath-Alsina disclose the limitations of claim 1. Richards in the same field of endeavor discloses claim 8 as follows:
The method of claim 1, wherein establishing, by the client device, the recovery process for recovering the access code further comprises: defining a time duration during which the recovery process will be unavailable. (Richards, Paras. [0021], [0032], the event log 139 is used to track access to recovery key 127, and includes timestamps 153 that represent specific moments when a recovery key is displayed on a client device depending on the system rules and settings).
Richards is combinable with Cheruvath-Alsina, because all are from the same field of distributed data control and secure communication. It would have been obvious to a person having ordinary skill in the art before the effective filling date of the invention to utilize a waiting time/delay to proceed to the next recovery process, as taught by Richards with Cheruvath-Alsina’s method in order to reduce the chance of malicious activity. [see Para. 0038]
Regarding claim 9, A Cheruvath-Alsina disclose the limitations of claim 1. Richards teaches the limitations of claim 8. Richards discloses claim 9 as follows:
The method of claim 8, wherein the time duration begins following a most recent authentication between the content management system and the client device using the access code. (Richards, Paras. [0039]-[0041], the system waits a predetermined period of time (waiting time) prior to storing the key rotation command in the command queue 133 which indicates that the recovery key is rotated or replaced with a new one with a delay depending on the system rules and settings before it is changed).
The same motivation to combine utilized in claim 8 is equally applicable in the instant claim.
Regarding claim 27, Cheruvath-Alsina discloses the limitations of claim 21. Richards in the same field of endeavor discloses claim 27 as follows:
The non-transitory computer readable medium of claim 21, wherein the instructions cause the computing system to establish, by the client device, the recovery process for recovering the access code by further causing the computing system to: define a time duration during which the recovery process will be unavailable. (Richards, Paras. [0021], [0032], the event log 139 is used to track access to recovery key 127, and includes timestamps 153 that represent specific moments when a recovery key is displayed on a client device depending on the system rules and settings).
Richards is combinable with Cheruvath-Alsina, because all are from the same field of distributed data control and secure communication. It would have been obvious to a person having ordinary skill in the art before the effective filling date of the invention to utilize a waiting time/delay to proceed to the next recovery process, as taught by Richards with Cheruvath-Alsina’s method in order to reduce the chance of malicious activity. [see Para. 0038]
Regarding claim 28, Cheruvath-Alsina disclose the limitations of claim 21. Richards discloses claim 28 as follows:
The non-transitory computer readable medium of claim 21, wherein a time duration begins following a most recent authentication between the content management system and the client device using the access code. (Richards, Paras. [0039]-[0041], the system waits a predetermined period of time (waiting time) prior to storing the key rotation command in the command queue 133 which indicates that the recovery key is rotated or replaced with a new one with a delay depending on the system rules and settings before it is changed).
The same motivation to combine utilized in claim 27 is equally applicable in the instant claim.
Claim 30 is rejected under 35 U.S.C. 103 over Cheruvath (US 2015/0244522) in view of Alsina (US 2015/0347996), and further in view of Koorapati (US 2022/0188273) and Pettit (US 2023/0308287).
Regarding claim 30, Cheruvath-Alsina modified by Koorapati disclose the limitations of claim 29. Pettit discloses claim 30 as follows:
The method of claim 29, wherein enabling the recovery process comprises: prompting, by the server hosting the content management system, a plurality of trusted devices to provide their respective shares of the access code to the client device via secure communication; (Pettit, Paras. [0185], and Fig. 4, Participants 401a-c).
facilitating, by the server, a secure exchange protocol to enable transfer of the shares from the plurality of trusted devices to the client device over a public network; (Pettit, Paras. [0109]-[0111], [0165], [0199], a secure communication channel).
generating, by the server, reconstructed access code by the client device upon receipt of a minimum threshold number of shares; and facilitating a secure transfer of the reconstructed access code from the client device to another device using the secure exchange protocol. (Pettit, Paras. [0014], [0097], [0117], [0154], and Figs. 3A-B, and 4, a distributed recovery mechanism where a secret is shared among multiple participants, and can only be reconstructed when a sufficient number of shares/threshold are provided. The protocol requires at least t+1 shares to reconstruct the secret).
and receive, by the client device, a representation of the access code from the trusted device, that initiated the recovery process, and the plurality of trusted devices. (Pettit, Paras. [0014], [0097], [0117], [0154], and Figs. 3A-B, and 4, a distributed recovery mechanism where a secret is shared among multiple participants, and can only be reconstructed when a sufficient number of shares/threshold are provided. A user requests access to a lost key/secret, and a trusted set of participants provide their shared of the secret, and reconstruct the secret).
Pettit is combinable with Cheruvath-Alsina modified by Koorapati, because all are from the same field of protection of data in distributed computing systems. It would have been obvious to a person having ordinary skill in the art before the effective filling date of the invention to reconstruct the access code utilizing multiple trusted devices to participate in the process, as taught by Pettit with Cheruvath-Alsina-Koorapati’s method in order to ensure that no single participant has the full key to initiate the recovery process.
References Considered But Not Relied Upon
Griffin (US 10,505,723) – discloses a secret sharing scheme, and a cryptographic technique to protect the confidentiality of a message by dividing it into multiple shares. Mohassel (US 2020/0259651) – discloses an encryption technique using a shared or distributed secret key, and reconstruct the secret key using the retrieved key shares for use in encryption/decryption.
Conclusion
Accordingly, claims 1-9 and 21-31 are rejected.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to PEGAH BARZEGAR whose telephone number is (703)756-4755.
The examiner can normally be reached M-F, 9:00 - 5:00. Examiner interviews are available via telephone using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T Arani can be reached on 571-272-3787. The fax phone number for the Application/Control Number: 17/470,067 Page 17 Art Unit: 2438 organization where this application or proceeding is assigned is 571-273- 8300. Application/Control Number: 17/386,076 Page 25 Art Unit: 2438 Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patentcenter for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272- 1000.
/P.B./Examiner, Art Unit 2438
/TAGHI T ARANI/Supervisory Patent Examiner, Art Unit 2438