DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Remarks
The present application having Application No. 18/165,249 filed on 02/06/2023 presents claims 1-20 for examination.
Priority
This application is a continuation of International Application PCT/JP2020/037596 filed on October 2, 2020. Applicant’s claim for the benefit of a prior-filed application is acknowledged.
Examiner Notes
Examiner cites particular columns and line numbers in the references as applied to the claims below for the convenience of the applicant. Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested that, in preparing responses, the applicant fully consider the references in entirety as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the examiner.
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Information Disclosure Statement
The information disclosure statements (IDSs) submitted on 02/06/2023, 10/19/2023 and 01/19/2024 are acknowledged, the submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the cited references have been considered by the examiner.
Drawings
The applicant’s drawings submitted are acceptable for examination purposes.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-2, 8, 12-15, 17-19 and 20 are rejected under AIA 35 U.S.C. 103 as being unpatentable over Bailey et al. (US 2018/0054480 A1) (hereinafter Bailey) in view of Hill et al. (US 2019/0334757 A1) (hereinafter Hill).
As per claim 1, Bailey discloses A control method for a computer to execute a process (e.g. Bailey: [0020-0021] discloses embodiments may be implemented as a computer-implemented method, a computing system, or as an article of manufacture, such as a computer program product or computer readable media.) comprising: detecting, by a first information processing device, a first data operation for a cloud service executed by an information processing system (e.g. Bailey: [Fig. 2] [0045] diagram 200 illustrates a client device 202 with detection engine, a datacenter comprising a cloud-based storage services executed by servers 216, and remote storage managed by storage servers 218. [0047] discloses the detection engine 208 monitor a usage pattern associated with the user in conjunction with the content. The detection engine monitors operations performed on the content by the user, an account size of the user, and a frequency at which the user performs operations on the content. [0048] the detection engine detects an attempted operation performed on the content by the user. The attempted operation may include a deletion of the content, an encryption of the content, or an update of the content, among other types of alterations to the content. Thus, client device with a detection engine detects an attempted operation on content used with the cloud-based storage service. [Fig. 1] [0023-0024] discloses a system that includes datacenter that hosts a storage service, such as cloud-based storage service. The cloud-based storage service may be configured to provide storage for content that may be accessed across multiple client devices/users. [0031] discloses the detection engine may detect an operation attempted to be performed on the content by the user. The attempted operation may be performed on the client device. The attempted operation may be provided to the server. [Fig. 3] [0057] also discloses one or more server 314 may detect an operation attempted to be performed on the content by the user. Also see [0004] [0015] [0075] [0077] [0081] [0088] [0099] [0103-0104] [0111]. Thus, detection engine can be integrated in any device.); notifying, by the first information processing device, a second information processing device of content of the first data operation (e.g. Bailey: [0025] discloses detection engine may provide an encryption notification to the client device. [0031] discloses detection engine detects an operation attempted to be performed on the content by the user and further detects metadata associated with the attempted operation, such as the amount of the content being altered, the time period between alterations, a process initiating alteration, content extensions, the size of the content before and after the alterations, a presence of particular signatures, etc. [0035] [0037] [0049] discloses the detection engine provides a notification of the attempted operation to the client device. Also see [0040-0041] [0057] [0060] [0066] [0068] [0076] [0088].); determining, by the second information processing device, to execute first processing on data that is a target of the first data operation based on the notified content of the first data operation (e.g. Bailey: [0032-0033] discloses the detection engine may retrieve the model and compare the attempted operations to the model, including the metadata to determine whether the attempted operation deviates. If the attempted operation does not deviate, then the attempted operation may be labeled as intentional…Therefore, the operation may be executed. If the attempted operation deviates, then the attempted operation is labeled/determined as unwarranted. [0034] discloses comparing the amount of content (associated with the attempted operation) altered against a total amount of content to determine whether the attempted operation deviates or not. Detection engine may be configured to halt an execution of the attempted operation; the detection engine may prevent or place hold on synchronization of the content between the client device and the cloud-based storage service. [0036] the detection engine may detect/determine an approval of the attempted operation. Thus, the detection engine on the server uses the content of the attempted data operation to determine whether to allow execution or halt it. [0041] discloses putting attempted operation on hold based on the content until the user approves or rejects the execution of the attempted operation. Also see [0049] [0110].); instructing, by the second information processing device, the first information processing device to execute the first processing (e.g. Bailey: [0031-0032] discloses attempted operation may be performed on the client device or the attempted operation may be provided to the server executing the cloud-based storage service. [0035-0036] [0049-0050] discloses the notification prompts user to approve or reject the attempted operation. When the detection engine detects an approval of the attempted operation, the detection engine may remove the hold on execution of the attempted operation and may allow the synchronization process. Thus, the server sends instructions/notifications to the client device that effectively control whether the attempted operation is allowed. [0057-0058] discloses attempted operation may be performed at the client device and then provided to the cloud-based storage service. If the attempted operation does not deviate, then the operation may be identified as intentional. Then, the attempted operation may be executed and the synchronization process may be executed. Also see [0016] [0061] [0076] [0110].); and executing, by the first information processing device, the first processing on the data when instructed to execute the first processing on the data (e.g. Bailey: [0031-0032] discloses the attempted operation may be performed on the client device. The attempted operation may be provided to the server executing the cloud storage service…If the attempted operation does not deviate, then the attempted operation may be labeled as intentional. Therefore, the operation may be executed and synchronization process may be enabled such that the content as altered by the operation may be synchronized. [0049] discloses in response to a determination that the content altered during the attempted operation does not exceed the threshold, execution of the operation may be enabled. Following execution of the attempted operation, the content, as altered by the attempted operation, may be synchronized between the client device and the cloud-based storage service. [0061] discloses upon approval of the attempted operation, the attempted operation may be executed and the synchronization process may be enabled. [0110] discloses in response to detecting an approval of the attempted operation, the processor may be further configured to remove the hold on executing the attempted operation and allow the synchronization process to occur. Thus, when the server removes the hold, the client device executes the operation on the content and synchronizes it. Also see [0016] [0076-0077]).
As discussed above, Bailey discloses detection engine detecting content of the attempted operation and providing the attempted operation to the client device or the server executing the cloud-storage device, but does not expressly disclose two-device interaction in a way that matches “first device detects, then notifies second device of content of the first operation.
However, Hill discloses notifying, by the first information processing device, a second information processing device of content of the first data operation (e.g. Hill: [0040] discloses cloud agent 106 of processing resource 104 transmits a notification to a second, policy-handling cloud agent executing on a second processing resource. Cloud agent 106 may transmit the notification to the policy-handling cloud agent upon detecting an event executed in or associated with cloud provider network. Also see [0059] [0068-0069] [0076] [0078]. These passages explicitly disclose a first device detecting and operation and then notifying a second device of the even’s content.).
Furthermore, Hill also discloses detecting, by a first information processing device, a first data operation for a cloud service executed by an information processing system (e.g. Hill: [0034] discloses cloud agent 106 includes functionality to detect events executed by the processing resource 104. Cloud agent 106 may continuously monitor the directories, to detect any changes to files in the directories. [0040] discloses cloud agent 106 may transmit the notification upon detecting an event executed in or associated with cloud provider network. Also see [0068-0069] [0078].); instructing…and executing, by the first information processing device, the first processing on the data when instructed to execute the first processing on the data (e.g. Hill: [0040] Cloud agent may transmit the notification to the policy-handling cloud agent upon detecting an event executed in cloud provider network 102. The policy-handling agent may identify a policy corresponding to an event. The policy-handling cloud agent may further initiate operation in other cloud, based on the identified policy. [0071-0073] discloses the cloud computing agent determines whether the policy specifies an operation on a back-up computing cloud. Based on the policy, the cloud computing agent determines that the policy specifies an operation on a back-up computing cloud. The cloud computing agent initiates the operation on the back-up computing cloud…The cloud computing agent may transmit data and specify operations to execute on a resource of the back-up computing cloud. Also see [0055] [0061-0062]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the two-device policy driven method/system of detecting event, notifying and instructing another device to execute cloud operations as taught by Hill into Bailey’s model-based detection and gating of user operations on cloud-synchronized content which protects against accidental or malicious modifications because the combination would provide a predictable, policy-controlled, two-device architecture for safely managing cloud-stored content and responds directly to unknown problems of accidental or malicious operations in cloud-sync services; the elements are used according to their ordinary functions, and the resulting system is an unsurprising improvement over either reference alone.
As per claim 2, the combination of Bailey and Hill discloses The control method according to claim 1 [See rejection to claim 1 above], wherein the content of the first data operation includes data information regarding a storage destination of the data and an attribute of the data, provided by the cloud service, wherein the process further comprising determining, by the second information processing device, executing the first processing based on management information that indicates a relationship between processing and the data information (e.g. Bailey: [0031-0032] discloses the detection engine may detect metadata associated with the attempted operation and may retrieve the model from the data stores to compare the attempted operation to the model, including the metadata. [0053] discloses that “a cloud-based storage service may be configured to store content in a remote data store associated with the cloud-based storage service. The content may include one or more items, files, and/or folders.” [0067] discloses detecting a request to modify one or more items, files, and/or folders associated with the content…execution of the attempted operation will modify the one or more items, files, and/or folders associated with the content on the client device and on the cloud-based storage service.” Hill: [0034-0035] further discloses cloud agent may manage one or more directories for the storage of file and continuously monitor the directories, to detect any changes to files in the directories. A data policy may specify actions associated with data storage and data processing, resources for data storage, etc. For example, an event, storing data to Directory X in cloud provider network, maps to a corresponding data policy, back up the data to directory Y in another cloud provider network. [0084-0085] discloses identifying a policy that maps to the event, the cloud agent retrieves the policy from configuration file. The policy indicates location, to store the data to XYZ cloud’s long-term in the closest region. Bailey teach that the cloud-based storage services stores items/files/folders in a remote data store and that an attempted operation “to modify one or more items/files/folders” is detected, with the system/method also detecting “metadata associated with the attempted operation,” including content extension and sizes before and after the alteration. This implies that the content of the first data operation includes both which cloud-stored items/files/folders are being operated on (identifying storage location) and various attributes of the content (metadata) that the service uses. Hill makes the storage-destination aspect explicit by stating that cloud agent manages directories for the storage of files and that an event of storing data to Directory X is the basis for selecting a data policy that backs up the data to Directory Y, thereby showing that directory information (storage location) is part of the event content and that data policies specify actions based on that destination. Bailey then shows that a second processing entity uses stored model and the detected metadata to determine whether the attempted operation should be executed and synchronized. Accordingly, Bailey and Hill together teach that the content of the first data operation include data information about the storage destination (items/files/ in particular folder or directories in the cloud) and attributes/metadata of the data, and that a second device determines whether and how to execute first processing based on management information (models and/or data policies) that relate data information to the processing to be performed.).
As per claim 8, the combination of Bailey and Hill discloses The control method according to claim 1 [See rejection to claim 1 above], wherein the first processing is processing of copying the data to a second cloud service executed by a second information processing system, wherein the process further comprising: acquiring, by the first information processing device, the data from the cloud service when instructed to execute the first processing; and transmitting, by the first information processing device, the data to the second cloud service (e.g. Bailey: [0031-0032] discloses an operation attempted to be performed on the content may be provided to the server executing the cloud-based storage service. A synchronization process may be executed wherein the attempted operation may be one of a creation, a deletion, a modification, and an encryption of the content…The operation may be executed and synchronization may be enabled such that the content as altered by the operation may be synchronized (coping data) between the local storage of the client device and the remote data stores of the cloud-based storage service. [0001] discloses cloud-based storage service for storing and sharing content between multiple client devices executes a synchronization process to synchronize the content between client devices and cloud-based storage services. [0016] discloses the cloud-based storage service may remove the hold on executing the attempted operation and may allow the synchronization process to occur. The synchronization process may synchronize modified content (copying the data) between the client device and the cloud-based storage device. Hill: [0021] [0034-0035] [0039] also discloses synchronizing data from one cloud service to another cloud service. Thus, the synchronization process of copying/synchronizing data from one cloud service to another, where the first device acquires content/data from the first cloud service and transmits it to a second, third-party cloud service in response to instructions from the policy engine. Also see [0081-0085].).
As per claim 12, the combination of Bailey and Hill discloses The control method according to claim 1 [See rejection to claim 1 above], wherein the process further comprising executing, by the first information processing device, authentication processing on the cloud service when instructed to execute the first processing; when the authentication processing completes, acquiring, by the first information processing device, the data from the cloud service, and executing the first processing on the data (e.g. Bailey: [0066-0068] discloses providing notification in response to detecting attempted operation, the notification may prompt use to provide credential to approve the attempted operation. In response to verifying the authentication credentials, the attempted operation may be executed. Further, the synchronization process may be executed to synchronize the modified content between client device and the cloud-based storage service. Also see [0076-0077] [0112-0114]. Hill: [0039-0040] discloses cloud agent includes functionality to initiate operations in another cloud provider network. The operation may include data synchronization to third-party cloud storage. The cloud agent may be assigned access credentials such as user names, passwords, digital certificates, authentication tokens, and/or authentication protocols for accessing other cloud services. The cloud agent may initiate operations in other clouds based on authentication process.).
As per claim 13, the combination of Bailey and Hill discloses The control method according to claim 12 [See rejection to claim 12 above], wherein the process further comprising instructing, by the second information processing device, an authentication protocol used for the authentication processing to the first information processing device (e.g. Bailey: [0061] [0068] discloses prompting user to provide authentication to approve the attempted operation. [0076] discloses prompting user to provide authentication to approve. Upon authorization/authentication, the cloud-based storage service may then execute an attempted operation. Hill: [0039] further discloses using authentication protocols for authentication processing.).
As per claim 14, this is a non-transitory computer-readable storage medium claims having similar limitations as cited in method claim 1. Thus, claim 14 is also rejected under the same rationale as cited in the rejection of rejected claim 1. Furthermore, Bailey expressly discloses embodiments of the present invention can be implemented as an article of manufacture, such as a computer program product or computer readable media. The computer program product may be a computer storage medium readable by a computer system and encoding a computer program that comprises instructions for causing a computer to performed processes (e.g. Bailey: [0020]).
As per claims 15, 17, 18 and 19 these are computer readable storage medium claims having similar limitations as cited in method claims 2, 8, 12 and 13, respectively. Thus, claims 15, 17, 18 and 19 are also rejected under the same rationale as cited in the rejection of rejected claims 2, 8, 12 and 13, respectively.
As per claim 20, this is a device/system claim having similar limitations as cited in method claim 1. Thus, claim 20 is also rejected under the same rationale as cited in the rejection of rejected claim 1. Baily further discloses embodiments of present invention may be implemented as a computing system (e.g. Bailey: [0020]).
Claims 3-6, 11 and 16 are rejected under AIA 35 U.S.C. 103 as being unpatentable over Bailey in view of Hill and further in view of et al. (US 2018/0054480 A1) (hereinafter Bailey) in view of Peterson et al. (US 2011/0314371 A1) (hereinafter Peterson).
As per claim 3, the combination of Bailey and Hill discloses The control method according to claim 1 [See rejection to claim 1 above], wherein the first processing is a processing of adding signature data to the data, wherein the process further comprising: acquiring, by the first information processing device, the data from the cloud service when instructed to execute the first processing; and transmitting, by the first information processing device, the data with the signature to the cloud service (e.g. Bailey: [0031-0032] discloses detection engine detects metadata associated with the attempted operation a presence of particular signature in the content. The detection engine may retrieve the model form the data stores and may compare the attempted operation to the model, including metadata (particular signature). Thus, the combination implies transmitting the data with the signature to the cloud service.).
The combination does not expressly disclose wherein the first processing is a processing of adding signature data to the data.
However, Peterson discloses wherein the first processing is a processing of adding signature data to the data, wherein the process further comprising: acquiring, by the first information processing device, the data from the cloud service when instructed to execute the first processing; and transmitting, by the first information processing device, the data with the signature to the cloud service (e.g. Peterson: [0005-0006] [0014] discloses method/system/medium for facilitating electronic signature, transmitting URL or other identifier that identifies a template that specifies required electronic signature data; receiving a request based on the transmitted URL; in response to the received request, preparing a form based on the template, presenting the form; and receiving the required electronic signature data. The electronic signature service stores the provided signature data for use by other components or parties. Also see [0021] [0029-0030] [0035-0037] [0042]. Thus, Peterson teaches a first processing that is expressly “adding signature data” and a client workflow in which the request to add signature is presented and in response signature data is returned to and stored by the service.).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the method/process of adding signature data to the data as taught by Peterson into the combination of Bailey and Hill because using Peterson’s signature data step as the first processing within Bailey’s cloud-synch context and Hill’s agent instruction/execute framework would offer a predictable, routine enhancement to support compliance and authenticity requirement for cloud document/data, leveraging standard e-signature mechanisms. This combination yields no unexpected results and aligns with enterprise document workflows where policy triggers controlled synchronization/copy operation based on authentic signature associated with the data/content.
As per claim 4, the combination of Bailey, Hill and Peterson discloses The control method according to claim 3 [See rejection to claim 3 above], Peterson further discloses wherein the process further comprising: displaying, by the first information processing device, a screen that receives an input to start to add the signature to the data by a user; and when receiving the input to start, acquiring, by the first information processing device, the first processing on the data by acquiring the data from the cloud service (e.g. Peterson: [0020-0021] discloses user interface controls that are configured to obtain the required signature data from the signer. The prepared form is transmitted to the client device, where it is presented to the signer, such as withing the context of a browser or other client application. The signer then provides the required signature data via the prepared from to the ESS. ESS then stores the received required signature data. The signature data is then made available for access by other components. Also see [0005-0007] [0029-0030] [0054-0056].).
As per claim 5, the combination of Bailey, Hill and Peterson discloses The control method according to claim 3 [See rejection to claim 3 above], wherein the process further comprising: determining, by the second information processing device, a format of the signature according to the content of the first data operation; and instructing, by the second information processing device, the determined format to the first information processing device (e.g. Bailey: [0031-0032] the detection engine may detect an operation attempted to be performed on the content. The attempted operation may be performed on the client device or the attempted operation may be provided to the server executing the cloud-based storage service. The attempted operation may be one of a creation, a deletion, a modification, and an encryption of the content. The detection engine further detects metadata associated with the attempted operation content including a presence of particular signatures. The detection engine may retrieve the model and compare the attempted operation to the model, including the metadata, to determine whether the attempted operation deviates from the usage pattern. Peterson: [0016] discloses the created template specifies/identifies required electronic signature data, such as signer name, a signature, a date, and the like [signature format]. [0024-0025] discloses the process provides dynamically generated form based on a received request that identifies a form template that specifies required electronic signature data. [0028-0029] the process prepares a form based on the template and the received request. Preparing the form may include dynamically generating a form based on the template…the process presents the form by transmitting the form to a client device and receives the required signature data as user inputs to the form. The format of the signature corresponds to “template that specifies required electronic signature data”—what fields and signature elements are required. The ESS determines this format by selecting the appropriate template and generating a form from it “based on the template and the received request.).
As per claim 6, the combination of Bailey, Hill and Peterson discloses The control method according to claim 3 [See rejection to claim 3 above], wherein the process further comprising: notifying, by the first information processing device, the second information processing device of that the first processing completes; and storing, by the second information processing device, a history of the first processing in a memory (e.g. Peterson: [Fig. 2] [0025-0030] discloses at block 208, the process presents the form…The browser then renders the transmitted from and receives the required signature data as user inputs to the form. At block, 210, the process receives the required electronic signature data. For example, the process may receive the required electronic signature data from the browser that is execution on a client device. [0020-0021] discloses the signer provides the required signature data and ESS stores the received required signature data in the signature data repository. The required signature data is then made available for access by other components or users. [0042] On completion of document signing results (e.g. signature data) are available for download. Results of completed documents are visible via the console. [0056-0057] After completion, all signing data, document and signing history are made available for download. When the signer completes the signing operation on the client, the browser transmits the completed form data (including signature data) back to the ESS. This transmission after the user submits the form is the client notifying the service that the first processing (signature addition) has completed. The ESS then stores the received signature data in a persistent repository (signature data repository) and exposes completed signature data and their results via a console and download mechanisms, which amounts to keeping a history of completed signature data. ).
As per claim 11, the combination of Bailey and Hill discloses The control method according to claim 8 [See rejection to claim 8 above], wherein the first processing includes processing of adding signature to the data before the copying (e.g. Bailey: [0016] [0031-0032] discloses execution of attempted operation includes content synchronization process (copying data). [0061] [0068] discloses user authentication process to approve the attempted operation. The attempted operation requiring synchronization of the modified content (copying data) between client device and the cloud-based storage service is performed after verifying the authentication credentials. Hill: [0085-0087] discloses ABC cloud agent transmits the data to XYZ cloud log-term storage.).
The combination of Bailey and Hill does not expressly disclose adding signature to the data.
However, Peterson discloses wherein the first processing includes processing of adding signature to the data before the copying (e.g. Peterson: [0054-0057] discloses user adopts a signature, and adds any required signatures and completes the signing. On completion of a document signing, results (signature data) are available for download. Thus, Peterson’s process inherently sign-then-distribute: first the service and client complete signature addition; only then is the signed document propagated to others.).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the method/process of adding signature data to the data as taught by Peterson into the combination of Bailey and Hill because using Peterson’s signature data step as the first processing within Bailey’s cloud-synch context and Hill’s agent instruction/execute framework would offer a predictable, routine enhancement to support compliance and authenticity requirement for cloud document/data, leveraging standard e-signature mechanisms. This combination yields no unexpected results and aligns with enterprise document workflows where policy triggers controlled synchronization/copy operation based on authentic signature associated with the data/content.
As per claim 16, this is a medium claim having similar limitations as cited in method claim 3. Thus, claim 16 is also rejected under the same rationale as cited in the rejection of rejected claim 3.
Allowable Subject Matter
Claims 7, 9 and 10 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Hiren Patel whose telephone number is (571) 270-3366. The examiner can normally be reached on Monday-Friday 9:30 AM to 6:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) Form at https://www.uspto.gov/patents/uspto-automated- interview-request-air-form.
If attempts to reach the above noted Examiner by telephone are unsuccessful, the Examiner’s supervisor, April Y. Blair, can be reached at the following telephone number: (571) 270-1014. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from Patent Center and the Private Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from Patent Center or Private PAIR. Status information for unpublished applications is available through Patent Center or Private PAIR to authorized users only. Should you have questions on access to Patent Center or the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).
November 28, 2025
/HIREN P PATEL/Primary Examiner, Art Unit 2196