Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendment
The amendment filled on 01/12/2026 has been accepted and considered in this office action. Claims 1, 9, 13 and 17 have been amended. No claims have been cancelled. No new claims have been added.
Response to Arguments
Applicant's arguments, filed in 01/12/2026, with respect to the amended claim limitations of independent claim 1, 13 and 17 have been fully considered and are persuasive.
However, upon further consideration, a new ground(s) of rejection is made with the discovery of new prior art in view of Strobel (US 6751732 B2).
Specification
Applicant is reminded of the proper language and format for an abstract of the disclosure.
The abstract should be in narrative form and generally limited to a single paragraph on a separate sheet within the range of 50 to 150 words in length. The abstract should describe the disclosure sufficiently to assist readers in deciding whether there is a need for consulting the full patent text for details.
The language should be clear and concise and should not repeat information given in the title. It should avoid using phrases which can be implied, such as, “The disclosure concerns,” “The disclosure defined by this invention,” “The disclosure describes,” etc. In addition, the form and legal phraseology often used in patent claims, such as “means” and “said,” should be avoided.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 2, 12, 13, 14, 17 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Haslam (US 12182302 B1) in view of Pan (US 20230401300 A1) in view of Strobel (US 6751732 B2).
Regarding Claim 1, Haslam teaches:
obtaining a data access request for a portion of the data, the data access request being from a user located in an environment, and the data access request being obtained from a requesting device being used by the user (Haslam, Col 9, lines 57-67, Col 10, lines 1-12, discloses at block 62, the processor 42 may receive an indication indicative of data (e.g., image data, audio data, video data) to be presented on a computing device 12. The indication may be sent by the computer device 12 or any other suitable computing device, such as the external device 14, in response to detecting that a request for data has been received. For example, the processor 42 may receive the indication in response to the user opening an email using the computing device 12, the user requesting that an email be read via the external device 14; Col 11, lines 56-65, Haslam discloses device being used in a public location)
making a first determination regarding whether the requesting device and the user can be validated (Haslam, Col 11, lines 66 - Col 12, line 5, discloses the processor 42 may determine whether the user (e.g., an authorized user) is using the computing device 12 in a public location or in an area in which unknown or unwanted individuals or devices may have access to view or acquire the sensitive information based on the sensor image data received from the electronic sensor devices 18.)
making a first determination that the portion of data comprises sensitive data (Haslam, Col 10, lines 25-41, discloses that the processor use technologies like optical character recognition, pattern matching to determine if the email includes sensitive information.)
and in a first instance of the first determination where both the requesting device and the user are validated, and the portion of the data comprises the sensitive data: performing an environmental check based on activity in the environment, the environment being monitored by an environmental monitoring system to determine whether the environment is secure (Haslam, Col 11, lines 31-65, discloses the environmental checking using various sensors like camera, temperature sensor to acquire image data, video data, audio data to assess security.)
Haslam does not teach; However, Pan teaches:
and in a first instance of the environmental check where the environment is secure: identifying a portion of a first key pair that is associated with respective identifiers of each and all of the user, the requesting device, a display device associated with the requesting device, and at least one component making up the environmental monitoring system (Pan (para 88-94) teaches that the process is gated by the user's unique biometric feature (para 61, fingerprint, face, voiceprint etc.), associated with the data transfer. Pan's (para 102) negotiation key is generated to encrypt the user-associated sensitive data. Pan (para 102) discloses the negotiation key is generated based on device private key preset in the trusted execution environment. This private key is unique to the device. Furthermore, the authentication process (Fig 5. steps 502-503) relies on a device certificate which includes any one or any combination of information, such as an identity number (ID), manufacturer information (for example, a name or trademark of a manufacturer), delivery time information, version information, or model information, of the second electronic device (para 114) which is the unique hardware identifiers associated with the key. Pan (para 64-66) discloses that the electronic device us a portable terminal that includes a display 194. Since the key is generated for the device that contains the display and is used to decrypt data, the key is associated with the display device of the electronic device. Pan (para 66) discloses that the electronic device's structure incudes a sensor module 180, which inturn contains various components such as a fingerprint sensor 180H. These sensors are components that make up the device's environmental monitoring system or are used for biometrics, which informs the security check. Hence, the generated negotiation key is associated with user, requesting device, display device and sensor component as disclosed by the teachings of Pan.);
encrypting the sensitive data of the portion of the data using the portion of the first key pair to obtain encrypted data (Pan, para 102, discloses encrypting the sensitive data by the first electronic device by using the negotiation key);
It would have been obvious to a person of ordinary skill in the art before the effective filing data to have modified Haslam’s system to incorporate the teaching of Pan’s technique of identifying and exchanging cryptographic key associated with the user, device, display and sensor identifiers to encrypt sensitive data. One would be motivated to make this modification on Haslam’s system to strengthen Haslam’s access control system by cryptographically binding the validated entities to the key used encrypt and deliver the sensitive data.
Pan, para 138, discloses in S609: The first electronic device sends encrypted sensitive data to the second electronic device (which comprises a display device, See, Fig 1A, 1B).)
Pan does not explicitly teach; However, Strobel teaches:
Wherein the display device is a separate and independently operating computing device from the requesting device and comprises a first processor that is independent of a second processor of the requesting device (Strobel, Fig. 1, discloses the mobile device 20, the requesting device and the destination printing device 22, the display device (Col 5, lines 24-31) are separate and independent devices);
Providing at least the encrypted data directly to the display device while circumventing the requesting device (Strobel, Col 4, lines 36-65, discloses the request originates from the mobile device, the data center transmits the encrypted documents to the destination printing device, thereby avoiding the delivery of the encrypted document to the mobile device.);
the encrypted data being provided using a secured channel established directly between the data storage system and the display device (Strobel, Col 4, lines 36-65, discloses establishing a communication line (Bluetooth or IEEE 802.11, Col 4, lines 11-35) between data center and the printing device.)
It would have been obvious to a person of ordinary skill in the art before the effective filing data to have modified Haslam’s system to incorporate the teaching of Strobel’s technique of delivering encrypted data from a data center to a user-selected printing device rather than routing the sensitive data through the mobile device. One would be motivated to make this modification on Haslam’s system improve security by reducing exposure of sensitive data on the requesting device and ensuring that the sensitive content is delivered only to the intended output device.
Regarding Claim 2, Haslam/Pan/Strobel teaches the method of claim 1,
Haslam teaches:
after the sensitive data has been accessed by the user: performing a second environmental check to determine whether the environment is secure (Haslam, Fig 3, Step 70; Col 11, lines 31-65, provide for periodically proceeding to step 70, for checking the environment periodically;
col 15, lines 15-31, provides for the sensors acquiring data "continuously")
and in a first instance of the second environmental check where the environment is unsecure: performing an obfuscation operation rendering the sensitive data temporarily inaccessible. (Haslam, Col 11, lines 15-31, provides for a previous secure display of sensitive data, and subsequently identifying the environment is unsecure; Fig 3, step 71, col 13, line 41 - col 14, line 6 provides for obscuring the data.)
Regarding Claim 12, Haslam/Pan/Strobel teaches the method of claim 1,
Haslam teaches:
in a second instance of the first determination where both the requesting device and the user are validated (Haslam, Col 11, lines 66-67, Col 12, lines 1-5, discloses the processor 42 may determine whether the user (e.g., an authorized user) is using the computing device 12 in a public location or in an area in which unknown or unwanted individuals or devices may have access to view or acquire the sensitive information based on the sensor image data received from the electronic sensor devices 18.);
and the portion of the data comprises insensitive data, providing the portion of the data to the requesting device (Haslam, Fig 3, Step 64, 66, discloses that if the data does not include sensitive information, display the data.)
Regarding Claim 13, Haslam teaches:
obtaining a data access request for a portion of the data, the data access request being from a user located in an environment, and the data access request being obtained from a requesting device, the requesting device being used by the user (Haslam, Col 9, lines 57-67, Col 10, lines 1-12, discloses at block 62, the processor 42 may receive an indication indicative of data (e.g., image data, audio data, video data) to be presented on a computing device 12. The indication may be sent by the computer device 12 or any other suitable computing device, such as the external device 14, in response to detecting that a request for data has been received. For example, the processor 42 may receive the indication in response to the user opening an email using the computing device 12, the user requesting that an email be read via the external device 14; Col 11, lines 56-65, Haslam discloses device being used in a public location)
making a first determination regarding whether the requesting device and the user can be validated (Haslam, Col 11, lines 66 - Col 12, line 5, discloses the processor 42 may determine whether the user (e.g., an authorized user) is using the computing device 12 in a public location or in an area in which unknown or unwanted individuals or devices may have access to view or acquire the sensitive information based on the sensor image data received from the electronic sensor devices 18.)
making a first determination that the portion of data comprises sensitive data (Haslam, Col 10, lines 25-41, discloses that the processor use technologies like optical character recognition, pattern matching to determine if the email includes sensitive information.)
and in a first instance of the first determination where both the requesting device and the user are validated, and the portion of the data comprises the sensitive data: performing an environmental check based on activity in the environment, the environment being monitored by an environmental monitoring system to determine whether the environment is secure (Haslam, Col 11, lines 31-65, discloses the environmental checking using various sensors like camera, temperature sensor to acquire image data, video data, audio data to assess security.)
Haslam does not teach; However, Pan teaches:
and in a first instance of the environmental check where the environment is secure: identifying a portion of a first key pair that is associated with respective identifiers of each and all of the user, the requesting device, a display device associated with the requesting device, and at least one component making up the environmental monitoring system (Pan (para 88-94) teaches that the process is gated by the user's unique biometric feature (para 61, fingerprint, face, voiceprint etc.), associated with the data transfer. Pan's (para 102) negotiation key is generated to encrypt the user-associated sensitive data. Pan (para 102) discloses the negotiation key is generated based on device private key preset in the trusted execution environment. This private key is unique to the device. Furthermore, the authentication process (Fig 5. steps 502-503) relies on a device certificate which includes any one or any combination of information, such as an identity number (ID), manufacturer information (for example, a name or trademark of a manufacturer), delivery time information, version information, or model information, of the second electronic device (para 114) which is the unique hardware identifiers associated with the key. Pan (para 64-66) discloses that the electronic device us a portable terminal that includes a display 194. Since the key is generated for the device that contains the display and is used to decrypt data, the key is associated with the display device of the electronic device. Pan (para 66) discloses that the electronic device's structure incudes a sensor module 180, which inturn contains various components such as a fingerprint sensor 180H. These sensors are components that make up the device's environmental monitoring system or are used for biometrics, which informs the security check. Hence, the generated negotiation key is associated with user, requesting device, display device and sensor component as disclosed by the teachings of Pan.);
encrypting the sensitive data of the portion of the data using the portion of the first key pair to obtain encrypted data (Pan, para 102, discloses encrypting the sensitive data by the first electronic device by using the negotiation key);
It would have been obvious to a person of ordinary skill in the art before the effective filing data to have modified Haslam’s system to incorporate the teaching of Pan’s technique of identifying and exchanging cryptographic key associated with the user, device, display and sensor identifiers to encrypt sensitive data. One would be motivated to make this modification on Haslam’s system to strengthen Haslam’s access control system by cryptographically binding the validated entities to the key used encrypt and deliver the sensitive data.
Pan, para 138, discloses in S609: The first electronic device sends encrypted sensitive data to the second electronic device (which comprises a display device, See, Fig 1A, 1B).)
Pan does not explicitly teach; However, Strobel teaches:
Wherein the display device is a separate and independently operating computing device from the requesting device and comprises a first processor that is independent of a second processor of the requesting device (Strobel, Fig. 1, discloses the mobile device 20, the requesting device and the destination printing device 22, the display device (Col 5, lines 24-31) are separate and independent devices);
Providing at least the encrypted data directly to the display device while circumventing the requesting device (Strobel, Col 4, lines 36-65, discloses the request originates from the mobile device, the data center transmits the encrypted documents to the destination printing device, thereby avoiding the delivery of the encrypted document to the mobile device.);
the encrypted data being provided using a secured channel established directly between the data storage system and the display device (Strobel, Col 4, lines 36-65, discloses establishing a communication line (Bluetooth or IEEE 802.11, Col 4, lines 11-35) between data center and the printing device.)
It would have been obvious to a person of ordinary skill in the art before the effective filing data to have modified Haslam’s system to incorporate the teaching of Strobel’s technique of delivering encrypted data from a data center to a user-selected printing device rather than routing the sensitive data through the mobile device. One would be motivated to make this modification on Haslam’s system improve security by reducing exposure of sensitive data on the requesting device and ensuring that the sensitive content is delivered only to the intended output device.
Regarding Claim 14, Haslam/Pan/Strobel teaches the non-transitory machine-readable medium of claim 13,
Haslam teaches:
after the sensitive data has been accessed by the user: performing a second environmental check to determine whether the environment is secure (Haslam, Fig 3, Step 70; Col 11, lines 31-65, provide for periodically proceeding to step 70, for checking the environment periodically;
col 15, lines 15-31, provides for the sensors acquiring data "continuously")
and in a first instance of the second environmental check where the environment is unsecure: performing an obfuscation operation rendering the sensitive data temporarily inaccessible. (Haslam, Col 11, lines 15-31, provides for a previous secure display of sensitive data, and subsequently identifying the environment is unsecure; Fig 3, step 71, col 13, line 41 - col 14, line 6 provides for obscuring the data.)
Regarding Claim 17, Haslam teaches:
obtaining a data access request for a portion of the data, the data access request being from a user located in an environment, and the data access request being obtained from a requesting device, the requesting device being used by the user (Haslam, Col 9, lines 57-67, Col 10, lines 1-12, discloses at block 62, the processor 42 may receive an indication indicative of data (e.g., image data, audio data, video data) to be presented on a computing device 12. The indication may be sent by the computer device 12 or any other suitable computing device, such as the external device 14, in response to detecting that a request for data has been received. For example, the processor 42 may receive the indication in response to the user opening an email using the computing device 12, the user requesting that an email be read via the external device 14; Col 11, lines 56-65, Haslam discloses device being used in a public location)
making a first determination regarding whether the requesting device and the user can be validated (Haslam, Col 11, lines 66 - Col 12, line 5, discloses the processor 42 may determine whether the user (e.g., an authorized user) is using the computing device 12 in a public location or in an area in which unknown or unwanted individuals or devices may have access to view or acquire the sensitive information based on the sensor image data received from the electronic sensor devices 18.)
making a first determination that the portion of data comprises sensitive data (Haslam, Col 10, lines 25-41, discloses that the processor use technologies like optical character recognition, pattern matching to determine if the email includes sensitive information.)
and in a first instance of the first determination where both the requesting device and the user are validated, and the portion of the data comprises the sensitive data: performing an environmental check based on activity in the environment, the environment being monitored by an environmental monitoring system to determine whether the environment is secure (Haslam, Col 11, lines 31-65, discloses the environmental checking using various sensors like camera, temperature sensor to acquire image data, video data, audio data to assess security.)
Haslam does not teach; However, Pan teaches:
and in a first instance of the environmental check where the environment is secure: identifying a portion of a first key pair that is associated with respective identifiers of each and all of the user, the requesting device, a display device associated with the requesting device, and at least one component making up the environmental monitoring system (Pan (para 88-94) teaches that the process is gated by the user's unique biometric feature (para 61, fingerprint, face, voiceprint etc.), associated with the data transfer. Pan's (para 102) negotiation key is generated to encrypt the user-associated sensitive data. Pan (para 102) discloses the negotiation key is generated based on device private key preset in the trusted execution environment. This private key is unique to the device. Furthermore, the authentication process (Fig 5. steps 502-503) relies on a device certificate which includes any one or any combination of information, such as an identity number (ID), manufacturer information (for example, a name or trademark of a manufacturer), delivery time information, version information, or model information, of the second electronic device (para 114) which is the unique hardware identifiers associated with the key. Pan (para 64-66) discloses that the electronic device us a portable terminal that includes a display 194. Since the key is generated for the device that contains the display and is used to decrypt data, the key is associated with the display device of the electronic device. Pan (para 66) discloses that the electronic device's structure incudes a sensor module 180, which inturn contains various components such as a fingerprint sensor 180H. These sensors are components that make up the device's environmental monitoring system or are used for biometrics, which informs the security check. Hence, the generated negotiation key is associated with user, requesting device, display device and sensor component as disclosed by the teachings of Pan.);
encrypting the sensitive data of the portion of the data using the portion of the first key pair to obtain encrypted data (Pan, para 102, discloses encrypting the sensitive data by the first electronic device by using the negotiation key);
It would have been obvious to a person of ordinary skill in the art before the effective filing data to have modified Haslam’s system to incorporate the teaching of Pan’s technique of identifying and exchanging cryptographic key associated with the user, device, display and sensor identifiers to encrypt sensitive data. One would be motivated to make this modification on Haslam’s system to strengthen Haslam’s access control system by cryptographically binding the validated entities to the key used encrypt and deliver the sensitive data.
Pan, para 138, discloses in S609: The first electronic device sends encrypted sensitive data to the second electronic device (which comprises a display device, See, Fig 1A, 1B).)
Pan does not explicitly teach; However, Strobel teaches:
Wherein the display device is a separate and independently operating computing device from the requesting device and comprises a first processor that is independent of a second processor of the requesting device (Strobel, Fig. 1, discloses the mobile device 20, the requesting device and the destination printing device 22, the display device (Col 5, lines 24-31) are separate and independent devices);
Providing at least the encrypted data directly to the display device while circumventing the requesting device (Strobel, Col 4, lines 36-65, discloses the request originates from the mobile device, the data center transmits the encrypted documents to the destination printing device, thereby avoiding the delivery of the encrypted document to the mobile device.);
the encrypted data being provided using a secured channel established directly between the data storage system and the display device (Strobel, Col 4, lines 36-65, discloses establishing a communication line (Bluetooth or IEEE 802.11, Col 4, lines 11-35) between data center and the printing device.)
It would have been obvious to a person of ordinary skill in the art before the effective filing data to have modified Haslam’s system to incorporate the teaching of Strobel’s technique of delivering encrypted data from a data center to a user-selected printing device rather than routing the sensitive data through the mobile device. One would be motivated to make this modification on Haslam’s system improve security by reducing exposure of sensitive data on the requesting device and ensuring that the sensitive content is delivered only to the intended output device.
Regarding Claim 18, Haslam/Pan/Strobel teaches the data processing system of claim 17,
Haslam teaches:
after the sensitive data has been accessed by the user: performing a second environmental check to determine whether the environment is secure (Haslam, Fig 3, Step 70; Col 11, lines 31-65, provide for periodically proceeding to step 70, for checking the environment periodically;
col 15, lines 15-31, provides for the sensors acquiring data "continuously")
and in a first instance of the second environmental check where the environment is unsecure: performing an obfuscation operation rendering the sensitive data temporarily inaccessible. (Haslam, Col 11, lines 15-31, provides for a previous secure display of sensitive data, and subsequently identifying the environment is unsecure; Fig 3, step 71, col 13, line 41 - col 14, line 6 provides for obscuring the data.)
Claims 3, 4, 5, 6, 7, 8, 11, 15, 16, 19 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Haslam (US 12182302 B1) in view of Pan (US 20230401300 A1) in view of Strobel (US 6751732 B2) in view of John (US 11227060 B1).
Regarding Claim 3, Haslam/Pan/Strobel teaches the method of claim 2,
Pan does not teach, John teaches:
performing the obfuscation operation comprises disabling the display device that is displaying the sensitive data (John, Col 28, lines 63-67, discloses if an unauthorized user is detected within the viewable range of the screen, the system may lock the screen, scramble the screen, or restrict access.)
It would have been obvious to a person of ordinary skill in the art before the effective filing data to have modified Haslam/Strobel/Pan’s system to incorporate the teaching of John’s technique to render obfuscated operation in a sense that the disables the display device. One would be motivated to make this modification on Haslam/Strobel/Pan’s system to ensure security and prevent access to sensitive information from unauthorized users thereby, safeguarding the overall safety and security of the system. (John, Page 1, 2)
Regarding Claim 4, Haslam/Pan/Strobel/John teaches the method of claim 3,
Pan does not teach, Haslam teaches:
wherein performing the environmental check comprises: collecting environmental data using sensing devices of the environmental monitoring system, the environmental data comprising a type of data selected from a group of types of data consisting of audio data, video data, thermal data, and electromagnetic data (Haslam, Col 15, lines 15- 31, teaches provides receiving various environmental data such as audio data, video data, image capture data, text etc. using sensor device.)
making, based on the environmental data, a second determination regarding whether an unauthorized person is within a minimum proximity to the display device and in a first instance of the second determination where the unauthorized person is within a proximity inferior to the minimum proximity: performing the obfuscation operation rendering the sensitive data temporarily inaccessible (Haslam, Col 7, lines 21-44, teaches provides censoring sensitive information shown on a user’s device based on how close an unauthorized person gets to the device. If someone unauthorized moves closer, the amount of censoring automatically increases, making the sensitive data harder to see or temporarily unreadable.)
Regarding Claim 5, Haslam/Pan/Strobel/John teaches the method of claim 4,
Haslam teaches:
wherein the environmental monitoring system uses the sensing devices to record the environmental data and the sensing devices comprising at least one sensing device selected from a group of sensing devices consisting of a camera, a microphone, and a proximity sensor (Haslam, Col 15, lines 15- 31; Col 12, lines 1-16, teaches provides receiving various environmental data such as audio data, video data, image capture data, text and a user's proximity etc. using sensor device.)
Regarding Claim 6, Haslam/Pan/Strobel/John teaches the method of claim 5,
Haslam teaches:
the display device comprises the sensing device (Haslam, Col 5, lines 50-65, teaches provides the electronic sensor device 18 may be a part of the computing device which includes display device).
Regarding Claim 7, Haslam/Pan/Strobel/John teaches the method of claim 5,
Haslam teaches:
wherein the sensing device is separate from the display device (Haslam, Col 5, lines 28-65 discloses that the electronic sensor devices 18 may be disposed inside of a structure associated with the property 26, or outside the structure and communicatively coupled to the computing device 12.)
and the display device is at least partially in a field of sensing of the sensing device (Haslam, Col 5, lines 28-65 discloses that if the sensing device is a microphone, then the nearby display device is in a field of sensing.)
Regarding Claim 8, Haslam/Pan/Strobel/John teaches the method of claim 5,
Pan does not teach, John teaches:
wherein the activity in the environment comprises presence of an unauthorized person in a portion of the environment monitored by the sensing devices, or absence of an authorized user in the portion of the environment (John, Col 28, lines 63-67, Col 29, lines 1-11, teaches provides the system continuously monitors the environment for the presence of authorized or unauthorized user in the viewing range of the screen.)
and the authorized user having requested the sensitive data. (John, Col 32, lines 25-48, Col 29, lines 1-11, discloses upon authentication of the user 504, the system server and/or the user device 502 may then generate and execute software programs and/or algorithms to unlock the screen, unscramble the screen, unscramble content on the screen such that content is readable by a human, and/or display sensitive data on the screen.)
It would have been obvious to a person of ordinary skill in the art before the effective filing data to have modified Haslam/Strobel/Pan’s system to incorporate the teaching of John’s system to collect user’s environment data, determine if the user is unauthorized and perform obfuscation. One would be motivated to make this modification on Haslam/Strobel/Pan’s system to ensure security and prevent access to sensitive information from unauthorized users thereby, safeguarding the overall safety and security of the system. (John, Page 1, 2)
Regarding Claim 11, Haslam/Pan/Strobel teaches the method of claim 1,
Pan does not teach, John teaches:
in a second instance of the environmental check where the environment is unsecure: denying the data access request. (John, Col 28, lines 63-67, Col 29, lines 1-3, discloses the user computing device 402 or the system server, upon identifying that the unauthorized user 406 is within the viewable range of the screen, may generate and execute software programs to lock the screen, scramble the screen, scramble the content on the screen such that content is not readable by a human, and/or hide sensitive data displayed on the screen (and only display insensitive data).)
It would have been obvious to a person of ordinary skill in the art before the effective filing data to have modified Haslam/Strobel/Pan’s system to incorporate the teaching of John’s system to collect user’s environment data, determine if the user is unauthorized and perform obfuscation. One would be motivated to make this modification on Haslam/Strobel/Pan’s system to ensure security and prevent access to sensitive information from unauthorized users thereby, safeguarding the overall safety and security of the system. (John, Page 1, 2)
Regarding Claim 15, Haslam/Pan/Strobel teaches the non-transitory machine-readable medium of claim 14,
Pan does not teach, John teaches:
performing the obfuscation operation comprises disabling the display device that is displaying the sensitive data (John, Col 28, lines 63-67, discloses if an unauthorized user is detected within the viewable range of the screen, the system may lock the screen, scramble the screen, or restrict access.)
It would have been obvious to a person of ordinary skill in the art before the effective filing data to have modified Haslam/Strobel/Pan’s system to incorporate the teaching of John’s technique to render obfuscated operation in a sense that the disables the display device. One would be motivated to make this modification on Haslam/Strobel/Pan’s system to ensure security and prevent access to sensitive information from unauthorized users thereby, safeguarding the overall safety and security of the system. (John, Page 1, 2)
Regarding Claim 16, Haslam/Pan/Strobel/John teaches the non-transitory machine-readable medium of claim 15,
Pan does not teach, Haslam teaches:
wherein performing the environmental check comprises: collecting environmental data using sensing devices of the environmental monitoring system, the environmental data comprising a type of data selected from a group of types of data consisting of audio data, video data, thermal data, and electromagnetic data (Haslam, Col 15, lines 15- 31, teaches provides receiving various environmental data such as audio data, video data, image capture data, text etc. using sensor device.)
making, based on the environmental data, a second determination regarding whether an unauthorized person is within a minimum proximity to the display device and in a first instance of the second determination where the unauthorized person is within a proximity inferior to the minimum proximity: performing the obfuscation operation rendering the sensitive data temporarily inaccessible (Haslam, Col 7, lines 21-44, teaches provides censoring sensitive information shown on a user’s device based on how close an unauthorized person gets to the device. If someone unauthorized moves closer, the amount of censoring automatically increases, making the sensitive data harder to see or temporarily unreadable.)
Regarding Claim 19, Haslam/Pan/Strobel teaches the data processing system of claim 18,
Pan does not teach, John teaches:
performing the obfuscation operation comprises disabling the display device that is displaying the sensitive data (John, Col 28, lines 63-67, discloses if an unauthorized user is detected within the viewable range of the screen, the system may lock the screen, scramble the screen, or restrict access.)
It would have been obvious to a person of ordinary skill in the art before the effective filing data to have modified Haslam/Strobel/Pan’s system to incorporate the teaching of John’s technique to render obfuscated operation in a sense that the disables the display device. One would be motivated to make this modification on Haslam/Pan’s system to ensure security and prevent access to sensitive information from unauthorized users thereby, safeguarding the overall safety and security of the system. (John, Page 1, 2)
Regarding Claim 20, Haslam/Pan/Strobel/John teaches the data processing system of claim 19,
Pan does not teach, Haslam teaches:
wherein performing the environmental check comprises: collecting environmental data using sensing devices of the environmental monitoring system, the environmental data comprising a type of data selected from a group of types of data consisting of audio data, video data, thermal data, and electromagnetic data (Haslam, Col 15, lines 15- 31, teaches provides receiving various environmental data such as audio data, video data, image capture data, text etc. using sensor device.)
making, based on the environmental data, a second determination regarding whether an unauthorized person is within a minimum proximity to the display device and in a first instance of the second determination where the unauthorized person is within a proximity inferior to the minimum proximity: performing the obfuscation operation rendering the sensitive data temporarily inaccessible (Haslam, Col 7, lines 21-44, teaches provides censoring sensitive information shown on a user’s device based on how close an unauthorized person gets to the device. If someone unauthorized moves closer, the amount of censoring automatically increases, making the sensitive data harder to see or temporarily unreadable.)
Claims 9 and 10 are rejected under 35 U.S.C. 103 as being unpatentable over Haslam (US 12182302 B1) in view of Pan (US 20230401300 A1) in view of Strobel (US 6751732 B2) in view of Edwards (US 20230156002 A1).
Regarding Claim 9, Haslam/Pan/Strobel teaches the method of claim 1,
Haslam does not teach; However, Pan teaches:
the registration process obtaining the first key pair and distributing portions of the first key pair to the display device and the data storage system (Pan, para 106, discloses that two devices each generate a pair of a random public key and a random private key, perform signature on the random public key by using respective device private keys, and exchange the signed random public keys. After the exchange, the two devices perform the foregoing manner (1) or manner (2) to obtain the negotiation key.)
Pan does not teach; However, Edwards teaches:
prior to obtaining the data access request: performing a registration process for the user, the requesting device, the display device, and the environmental monitoring system with respect to the data storage system (Edwards, para 67, discloses that the server device may receive, before receiving the first message, a first registration request from the user device and a second registration request from the monitoring device, and may determine, based on the first registration request and the second registration request, first identification information concerning the user device, the monitoring device, or the user of the user device.)
and the registration process grouping the unique identifiers of each and all of the user, the requesting device, the display device, and the at least one component making up the environmental monitoring system into a user and device combination and using the user and device combination for the obtaining of the first key pair (Edwards, para 67, discloses determining the identification information concerning the user device, monitoring device, and/or the user of the user device during registration; para 62, Edwards discloses the subsequent creation of the session token is based on authenticating the user device, the monitoring device and/or the user of the user device and confirming their collocation, which implies the grouping of all the identifiers into the user/device combination.)
It would have been obvious to a person of ordinary skill in the art before the effective filing data to have modified Haslam/Strobel/Pan’s system to incorporate the teaching of Edwards’s technique to register the trusted devices and the user before obtaining the data access request. One would be motivated to make this modification on Haslam/Pan’s system to improve the efficiency and security of the key establishment process by ensuring that identities of all the participating entities are pre-registered and verified before a data access request occurs, thereby enabling smoother key distribution and secure environmental validation while reducing authentication latency and minimizing the risk of unregistered or rogue devices participation.
Regarding Claim 10, Haslam/Pan/Strobel/Edwards teaches the method of claim 9,
Haslam/Edwards does not teach; However, Pan teaches:
obtaining a first public key certificate based on a first public key of the first key pair (Pan, para 129, discloses that in S603: The first electronic device performs session key negotiation by using a device public key in the device certificate of the second electronic device, and generates a session key negotiation field.)
and providing the first public key certificate to the data storage system, the data storage system associating the first public key certificate with the user, the requesting device, the display device, the environmental monitoring system. (Pan, para 128, discloses that the device certificates exchanged in this operation are device certificates preset in the electronic devices on a production line. For example, as shown in FIG. 6B, a device certificate preset in the first electronic device on the production line is a device certificate at a trusted execution environment (TEE) level. Device certificates preset in the second electronic device on the production line are a device certificate at the TEE level and a device certificate at a secure element (SE) level.)
It would have been obvious to a person of ordinary skill in the art before the effective filing data to have modified Haslam/Strobel/Edwards’s system to incorporate the teaching of Pan’s technique of retrieving public key based on first key pair and providing it to the storage system. One would be motivated to make this modification on Haslam/Strobel/Edwards’s system to ensure security and safety during secure transmission of sensitive information that includes biometric feature data. (Pan, Page 1)
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AMIT KHADKA whose telephone number is (703)756-1440. The examiner can normally be reached Monday - Friday, 8:00 am - 5:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey L. Nickerson can be reached at (469) 295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/AMIT KHADKA/Examiner, Art Unit 2432
/Jeffrey Nickerson/Supervisory Patent Examiner, Art Unit 2432
Prosecution Insights