Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsInfokeyvault Technology Co. Ltd. › 18369432
Last updated: April 19, 2026
Application No. 18/369,432

FILE SHARING SYSTEM AND METHOD

Non-Final OA §103§112
Filed
Sep 18, 2023
Examiner
KHAN, MOEEN
Art Unit
2436
Tech Center
2400 — Computer Networks
Assignee
Infokeyvault Technology Co. Ltd.
OA Round
1 (Non-Final)
69%
Grant Probability
Favorable
1-2
OA Rounds
2y 11m
To Grant
99%
With Interview

Interview Optional

+59.7% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 228 resolved cases, 2023–2026

Examiner Intelligence

KHAN, MOEEN View full profile →
Grants 69% — above average
69%
Career Allow Rate
158 granted / 228 resolved
+11.3% vs TC avg
Strong +60% interview lift
Without
With
+59.7%
Interview Lift
resolved cases with interview
Typical timeline
2y 11m
Avg Prosecution
33 currently pending
Career history
261
Total Applications
across all art units

Statute-Specific Performance

§101
8.7%
-31.3% vs TC avg
§103
62.1%
+22.1% vs TC avg
§102
6.9%
-33.1% vs TC avg
§112
12.7%
-27.3% vs TC avg
Black line = Tech Center average estimate • Based on career data from 228 resolved cases

Office Action

§103 §112
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Detail action Claims 1-14 are pending and being considered. Claims 1-11 have been elected by the applicant. Claims 12-14 are withdrawn from consideration. Specification The specification filed on September 18, 2023 is accepted. The title of the invention is not descriptive. A new title is required that is clearly indicative of the invention to which the claims are directed. The following title is suggested: A SYSTEM AND METHOD FOR FILE SHARING UNDER ACCESS-RIGHT MANAGEMENT. Drawings The drawings filed on September 18, 2023 are accepted. Information Disclosure Statement The information disclosure statement (IDS) submitted on 05/09/2024 was filed after the mailing date of the application no. 18/369432 on 09/18/2023. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Claim Objections Claim 1 objected to because of the following informalities: Claim 1 recites “…the system comprising:” should read as “the file sharing system comprising:” Claim 1, 7 and 9 recites “a first credential” the examiner suggests to clarify the purpose of “first credential” because the claims merely recite generating first credential, storing the first credential and retrieving a key material from first credential. Similar remarks for “second credential” in claim 6. Claim 7 and 9 recites “the method comprising:” should read as “the file share method comprising:” Appropriate correction is required. CLAIM INTERPRETATION The following is a quotation of 35 U.S.C. 112(f): (f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. The following is a quotation of pre-AIA 35 U.S.C. 112, sixth paragraph: An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art. The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is invoked. As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph: (A) the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; (B) the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and (C) the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. Such claim limitation(s) is/are: a key manager unit and “a storage unit” in claim 1-2 and an identity verification unit in claim 5. Claim limitation(s) “a key manager unit and “a storage unit” in claim 1-2 and an identity verification unit” of claim 5 gives their broadest reasonable interpretation of the claim elements with a limited description in the specification the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. The examiner notes the specification fails to disclose. Accordingly claims 1-2 and 5 invoke 35 U.S.C. 112 (f) or sixth paragraph and 112. For detail see the 112 rejections below. Because these claim limitation(s) are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof. If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, applicant may: (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claim limitation “a key manager unit and “a storage unit” in claim 1-2 and an identity verification unit” of claim 5 invokes 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. The specification on [0017] discloses “The key manager unit 11, for example, may be but not limited to a cloud server. The file storage unit 12, for example, may be but not limited to a cloud storage or a network attached storage (NAS). The file, for example, may be but not limited to a digital data file that can be saved and transmitted. The user, for example, may be but not limited to a computer, a smart phone or any other suitable information device” Therefore, the claim is indefinite and is rejected under 35 U.S.C. 112(b) or pre-AIA 35 U.S.C. 112, second paragraph. Applicant may: (a) Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph; (b) Amend the written description of the specification such that it expressly recites what structure, material, or acts perform the entire claimed function, without introducing any new matter (35 U.S.C. 132(a)); or (c) Amend the written description of the specification such that it clearly links the structure, material, or acts disclosed therein to the function recited in the claim, without introducing any new matter (35 U.S.C. 132(a)). If applicant is of the opinion that the written description of the specification already implicitly or inherently discloses the corresponding structure, material, or acts and clearly links them to the function so that one of ordinary skill in the art would recognize what structure, material, or acts perform the claimed function, applicant should clarify the record by either: (a) Amending the written description of the specification such that it expressly recites the corresponding structure, material, or acts for performing the claimed function and clearly links or associates the structure, material, or acts to the claimed function, without introducing any new matter (35 U.S.C. 132(a)); or (b) Stating on the record what the corresponding structure, material, or acts, which are implicitly or inherently set forth in the written description of the specification, perform the claimed function. For more information, see 37 CFR 1.75(d) and MPEP §§ 608.01(o) and 2181. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-11 are rejected under 35 U.S.C. 103 as being unpatentable over MU et al (hereinafter MU) (CN 110602075) (attached English translation is used for examination) in view of Li et al (hereinafter Li) (CN 112199688) (attached English translation is used for examination). Regarding claim 1 MU teaches a file sharing system adapted to be used with at least a first file and a first user (MU on [page 5 line 5-10] teaches a file sharing system. See on [page 2 5th last para] teaches a first file and first user); the first file corresponding to a first file identifier (MU on [page 2 5th last para] a file corresponding to a file identifier); the first user having a first key pair of an asymmetric type, the first key pair including at least a first user identifier, a first public key and a first private key, and the system comprising: (MU on [page 6 line 6-12] teaches a first user having first user identifier, first public key and first private key pair); a key manager unit realizing a correspondence between the first user identifier and the first public key in response to a registration request of the first user (MU on [page 8 step S101 and page 11 step S302] teaches receiving a file uploading request sent by a first user, wherein the file uploading request indicates the file and corresponding file information, and the file information comprises a first user identifier of the first user. The first user identifier may be any identifier representing the first user, the first user may be any user registered on the document management system, the first user identification is the first user public key, i.e., the first user public key of the first user is used to identify the first user as correspondence between user identifier and the first public key); generating a first key material for encrypting the first file into a first encrypted file (MU on [page 3 line 5-7] teaches generating a file key (i.e., a first key material) for encrypting the first file. See on [page 8 step S102] teaches generating file key according to rule for encrypting the first file); and generating a first credential according to the first user identifier, the first file identifier, the first public key and the first key material after receiving an access-right claim request to the first file from the first user (MU on [page 8 step S103] teaches generating file credential comprising file identifier a file key (i.e., first key material), wherein the first user can obtain the correspondence file according to the file credential information. See also on [page 10 step S202 and step S205] teaches generating file credential information. The credential information has one- to – one correspondence relationship with the file and the authorized user. Further teaches the authorized user identifier or the authorized user public key can be correspondingly stored with the file credential information and the authorized file credential information identifier, so that the user can acquire the corresponding file credential information according to the authorized user identifier or the authorized user public key); and a file storage unit in communication with the key manager unit for storing the first encrypted file and the first credential (MU on [page 10 step S202 and Step S205] storing encrypted file and encrypted credential information). MU fails to explicitly teach whereby, the first user uses the first user identifier, the first file identifier and the first private key to retrieve the first key material out of the first credential, and uses the first key material to decrypt the first encrypted file into the first file, however Li from analogous art teaches whereby, the first user uses the first user identifier, the first file identifier and the first private key to retrieve the first key material out of the first credential, and uses the first key material to decrypt the first encrypted file into the first file (Li on [page 2 line 3-7] teaches confirming whether the authentication code matches the user profile of the accessing user (i.e., user identifier), if the file identifier is matched with the key identifier, searching the corresponding encrypted file and the corresponding encrypted key according to the file identifier, the file identification information, the key identifier and the key identification information, after receiving the encrypted file and the encryption key (i.e., first credential), the access user decrypts the encryption key by using the private key to obtain a file key (i.e., key material), and then decrypts the encrypted file by using the file key to obtain the file). Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Li into the teaching of MU by retrieving file key from credential information based on user identifier, file identifier and private key for decrypting the encrypted file. One would be motivated to do so in order to enhance security of electronic document by protecting the documents from unauthorized access (LI [page 5 line 5-15]). Regarding claim 7 MU teaches a file sharing method (MU on [page 5 line 5-10] teaches a file sharing method); adapted to be used with a key manager unit, a first file and a first user (MU on [page 5 line 5-10] teaches a file sharing system. See on [page 2 5th last para] teaches a first file and first user); the first file corresponding to a first file identifier (MU on [page 2 5th last para] a file corresponding to a file identifier); the first user having a first key pair of an asymmetric type, the first key pair including at least a first user identifier, a first public key and a first private key, and the method comprising: (MU on [page 6 line 6-12] teaches a first user having first user identifier, first public key and first private key pair); the key manager unit realizing a correspondence between the first user identifier and the first public key in response to a registration request of the first user (MU on [page 8 step S101 and page 11 step S302] teaches receiving a file uploading request sent by a first user, wherein the file uploading request indicates the file and corresponding file information, and the file information comprises a first user identifier of the first user. The first user identifier may be any identifier representing the first user, the first user may be any user registered on the document management system, the first user identification is the first user public key, i.e., the first user public key of the first user is used to identify the first user as correspondence between user identifier and the first public key); the key manager unit generating a first key material for encrypting the first file into a first encrypted file (MU on [page 3 line 5-7] teaches generating a file key (i.e., a first key material) for encrypting the first file. See on [page 8 step S102] teaches generating file key according to rule for encrypting the first file); the key manager unit generating a first credential according to the first user identifier, the first file identifier, the first public key and the first key material after receiving an access-right claim request to the first file from the first user (MU on [page 8 step S103] teaches generating file credential comprising file identifier a file key (i.e., first key material), wherein the first user can obtain the correspondence file according to the file credential information. See also on [page 10 step S202 and step S205] teaches generating file credential information. The credential information has one- to – one correspondence relationship with the file and the authorized user. Further teaches the authorized user identifier or the authorized user public key can be correspondingly stored with the file credential information and the authorized file credential information identifier, so that the user can acquire the corresponding file credential information according to the authorized user identifier or the authorized user public key); and storing the first encrypted file and the first credential (MU on [page 10 step S202 and Step S205] storing encrypted file and encrypted credential information). MU fails to explicitly teach whereby, the first user uses the first user identifier, the first file identifier and the first private key to retrieve the first key material out of the first credential, and uses the first key material to decrypt the first encrypted file into the first file, however Li from analogous art teaches whereby, the first user uses the first user identifier, the first file identifier and the first private key to retrieve the first key material out of the first credential, and uses the first key material to decrypt the first encrypted file into the first file (Li on [page 2 line 3-7] teaches confirming whether the authentication code matches the user profile of the accessing user (i.e., user identifier), if the file identifier is matched with the key identifier, searching the corresponding encrypted file and the corresponding encrypted key according to the file identifier, the file identification information, the key identifier and the key identification information, after receiving the encrypted file and the encryption key (i.e., first credential), the access user decrypts the encryption key by using the private key to obtain a file key (i.e., key material), and then decrypts the encrypted file by using the file key to obtain the file). Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Li into the teaching of MU by retrieving file key from credential information based on user identifier, file identifier and private key for decrypting the encrypted file. One would be motivated to do so in order to enhance security of electronic document by protecting the documents from unauthorized access (LI [page 5 line 5-15]). Regarding claim 2 the combination of MU and Li teaches all the limitations of claim 1 above, Mu further teaches wherein the key manager unit executes a hash algorithm based on a part of the first file to generate a random number as the first key material (MU on [page 6 line 5-7 and page 8 step S102] teaches applying hash on file to generated hash value). Regarding claim 3 the combination of MU and Li teaches all the limitations of claim 1 above, Mu further teaches wherein the first credential is stored as an extensive data of the first encrypted file (MU on [page 10 step S202 and Step S205] storing encrypted file and encrypted credential information). Regarding claim 4 the combination of MU and Li teaches all the limitations of claim 1 above, Mu further teaches wherein the first credential is stored in a storage zone specific to credential data, and the storage zone specific to credential data is searchable by the first user according to the first user identifier and the first file identifier (Li on [page 2 line 3-7] teaches confirming whether the authentication code matches the user profile of the accessing user (i.e., user identifier), if the file identifier is matched with the key identifier, searching the corresponding encrypted file and the corresponding encrypted key according to the file identifier, the file identification information, the key identifier and the key identification information, after receiving the encrypted file and the encryption key (i.e., first credential), the access user decrypts the encryption key by using the private key to obtain a file key (i.e., key material), and then decrypts the encrypted file by using the file key to obtain the file). Regarding claim 5 the combination of MU and Li teaches all the limitations of claim 1 above, Mu further teaches further comprising an identity verification unit in communication with the first user and the key manager unit for executing verification of the first user, and notifying the key manager unit to process the access-right claim request to the first file from the first user depending on the verification result (MU on [page 1 Step S107 and page 11 step S302] teaches the validity of the identity of the first user is ensured by verifying the signature information of the first user before the file is uploaded). Regarding claim 6 and 8 the combination of MU and Li teaches all the limitations of claims 1 and 7 above, Mu further teaches adapted to be used with a second user, the second user having a second key pair of an asymmetric type, the second key pair including at least a second user identifier, a second public key and a second private key (MU on [page 6 line 12-25] teaches second user with second user ID, second user public key and second user private key); wherein the key manager unit realizes a correspondence between the second user identifier and the second public key in response to a registration request of the second user (MU on [page 8 step S101] teaches receiving a file uploading request sent by a first user, wherein the file uploading request indicates the file and corresponding file information, and the file information comprises a first user identifier of the first user. The first user identifier may be any identifier representing the first user, the first user may be any user registered on the document management system, the first user identification is the first user public key, i.e., the first user public key of the first user is used to identify the first user as correspondence between user identifier and the first public key. See on [page 12 step S401] teaches the file credential information acquisition request further indicates a second user digest signed with a second user private key; and decrypting the received second user digest according to a second user public key so as to verify the second user identity); generates a second credential according to the second user identifier, the first file identifier, the second public key and the first key material after receiving an access-right claim request to the first file from the second user (MU on [page 8 step S103] teaches generating file credential comprising file identifier a file key (i.e., first key material), wherein the first user can obtain the correspondence file according to the file credential information. See also on [page 10 step S202 and step S205] teaches generating file credential information. The credential information has one- to – one correspondence relationship with the file and the authorized user. Further teaches the authorized user identifier or the authorized user public key can be correspondingly stored with the file credential information and the authorized file credential information identifier, so that the user can acquire the corresponding file credential information according to the authorized user identifier or the authorized user public key); and the second credential is stored into the file storage unit and associated with the first encrypted file (MU on [page 10 step S202 and Step S205] storing encrypted file and encrypted credential information) Li teaches whereby the second user uses the second user identifier, the first file identifier and the second private key to retrieve the first key material out of the first credential, and uses the first key material to decrypt the first encrypted file into the first file (Li on [page 2 line 3-7] teaches confirming whether the authentication code matches the user profile of the accessing user (i.e., user identifier), if the file identifier is matched with the key identifier, searching the corresponding encrypted file and the corresponding encrypted key according to the file identifier, the file identification information, the key identifier and the key identification information, after receiving the encrypted file and the encryption key (i.e., first credential), the access user decrypts the encryption key by using the private key to obtain a file key (i.e., key material), and then decrypts the encrypted file by using the file key to obtain the file). Regarding claim 9 MU teaches a file sharing method (MU on [page 5 line 5-10] teaches a file sharing method); adapted to be used with a key manager unit and a specified file owned by a first user and to be shared with a second user (MU on [page 5 line 5-10 and page 12 step S401] teaches transmission of file sharing among different users); the specified file corresponding to a file identifier (MU on [page 2 5th last para] a file corresponding to a file identifier); the first user having a first user identifier, a first system public key and a first system private key (MU on [page 6 line 6-12] teaches a first user having first user identifier, first public key and first private key pair); the second user having a second user identifier, a second system public key and a second system private key, and the method comprising: (MU on [page 6 line 12-25] teaches second user with second user ID, second user public key and second user private key); the key manager unit realizing a correspondence between the first user identifier and the first system public key in response to a first registration request of the first user and realizing a correspondence between the second user identifier and the second system public key in response to a second registration request of the second user (MU on [page 8 step S101] teaches receiving a file uploading request sent by a first user, wherein the file uploading request indicates the file and corresponding file information, and the file information comprises a first user identifier of the first user. The first user identifier may be any identifier representing the first user, the first user may be any user registered on the document management system, the first user identification is the first user public key, i.e., the first user public key of the first user is used to identify the first user as correspondence between user identifier and the first public key. See on [page 12 step S401] teaches the file credential information acquisition request further indicates a second user digest signed with a second user private key; and decrypting the received second user digest according to a second user public key so as to verify the second user identity); the key manager unit acknowledging the specified file and an access- right claim request to the specified file provided by the first user, wherein the access-right claim request comprises the second user identifier and the file identifier (Mu on [page 12 step S401] teaches receiving a file credential information obtaining request sent by a second user, where the file credential information obtaining request indicates a file credential information identifier for identifying that the file belongs to the second user. See on [page 11 step S302] if the first user identity is consistent with the second user identity, the first user identity passes verification, namely the first user identity is legal, and subsequent file uploading and authorization operations are continuously executed); the key manager unit generating a specified key material for encrypting the specified file into an encrypted file (MU on [page 3 line 5-7] teaches generating a file key (i.e., key material) for encrypting the first file. See on [page 8 step S102] teaches generating file key according to rule for encrypting the first file); and generating a specified credential according to the second user identifier and the file identifier in the access-right claim request, the second system public key and the specified key material (MU on [page 8 step S103] teaches generating file credential comprising file identifier a file key (i.e., first key material), wherein the first user can obtain the correspondence file according to the file credential information. See also on [page 10 step S202 and step S205] teaches generating file credential information. The credential information has one- to – one correspondence relationship with the file and the authorized user. Further teaches the authorized user identifier or the authorized user public key can be correspondingly stored with the file credential information and the authorized file credential information identifier, so that the user can acquire the corresponding file credential information according to the authorized user identifier or the authorized user public key); and storing the encrypted file and the specified credential (MU on [page 10 step S202 and Step S205] storing encrypted file and encrypted credential information). MU fails to explicitly teach whereby, the first user uses the first user identifier, the first file identifier and the first private key to retrieve the first key material out of the first credential, and uses the first key material to decrypt the first encrypted file into the first file, however Li from analogous art teaches whereby, the second user uses the second user identifier, the file identifier and the second system private key to retrieve the specified key material out of the specified credential, and uses the specified key material to decrypt the encrypted file into the specified file (Li on [page 2 line 3-7] teaches confirming whether the authentication code matches the user profile of the accessing user (i.e., user identifier), if the file identifier is matched with the key identifier, searching the corresponding encrypted file and the corresponding encrypted key according to the file identifier, the file identification information, the key identifier and the key identification information, after receiving the encrypted file and the encryption key (i.e., first credential), the access user decrypts the encryption key by using the private key to obtain a file key (i.e., key material), and then decrypts the encrypted file by using the file key to obtain the file). Regarding claim 10 the combination of MU and Li teaches all the limitations of claim 9 above, Mu further teaches wherein the first user further has a first authentication public key and a first authentication private key; the second user further has a second authentication public key and a second authentication private key (Mu on [page 6 line 20-25] teaches a second user digest signed with a second user private key; and decrypting the received second user digest according to a second user public key so as to verify the second user identity. See on [page 12 last para] teaches the file credential information acquisition request further indicates a second user digest signed with a second user private key; and decrypting the received second user digest according to a second user public key so as to verify the second user identity. Specifically, the file credential information acquisition request further indicates a digest plaintext corresponding to the second user digest, the second user public key is used for decryption to acquire the second user digest, whether the second user digest is consistent with the digest plaintext is judged, if so, the identity authentication is passed i.e., Note that public and private keys are also used for authentication based on digital signature as authentication public and private keys). the key manager unit realizes a correspondence between the first user identifier and the first authentication public key in response to the first registration request of the first user and realizing a correspondence between the second user identifier and the second authentication public key in response to the second registration request of the second user (MU on [page 8 step S101] teaches receiving a file uploading request sent by a first user, wherein the file uploading request indicates the file and corresponding file information, and the file information comprises a first user identifier of the first user. The first user identifier may be any identifier representing the first user, the first user may be any user registered on the document management system, the first user identification is the first user public key, i.e., the first user public key of the first user is used to identify the first user as correspondence between user identifier and the first public key. See on [page 12 step S401] teaches the file credential information acquisition request further indicates a second user digest signed with a second user private key; and decrypting the received second user digest according to a second user public key so as to verify the second user identity); and the key manager unit executes verification of the second user before the second user is authorized to access the specified file (MU on [page 1 Step S107 and page 11 step S302] teaches the validity of the identity of the first user is ensured by verifying the signature information of the first user before the file is uploaded. Further teaches if the first user identity is consistent with the second user identity, the first user identity passes verification, namely the first user identity is legal, and subsequent file uploading and authorization operations are continuously executed). Regarding claim 11 the combination of MU and Li teaches all the limitations of claim 10 above, Mu further teaches wherein the verification of the second user is executed by: the key manager unit generating a specified byte string randomly to the second user, and requesting a digital signature, which is derived from the second verification private key and the specified byte string, from the second user; and the key manager unit executing authentication of the digital signature with the second authentication public key to determine whether the second user is eligible for requesting the specified credential from the key manager unit (Mu on [page 6 line 20-25] teaches a second user digest signed with a second user private key; and decrypting the received second user digest according to a second user public key so as to verify the second user identity. See on [page 12 last para] teaches the file credential information acquisition request further indicates a second user digest signed with a second user private key; and decrypting the received second user digest according to a second user public key so as to verify the second user identity. Specifically, the file credential information acquisition request further indicates a digest plaintext corresponding to the second user digest, the second user public key is used for decryption to acquire the second user digest, whether the second user digest is consistent with the digest plaintext is judged, if so, the identity authentication is passed). Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Yoon et al (US 20140208104) is directed towards method for storing an encrypted file by a server is provided. The server receives a first encrypted file identifier from a client. The server generates a random number and transmits the random number to the client, when the first encrypted file identifier is present in a first database. The server generates a first verification value using the random number. In addition, the server confirms whether or not the client possesses a first encrypted file corresponding to the first encrypted file identifier among encrypted files stored in a second database by comparing the first verification value and a second verification value based on the random number with each other, when receiving the second verification value from the client. Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOEEN KHAN whose telephone number is (571)272-3522. The examiner can normally be reached 7AM-5PM EST M-TH Alternate Fridays. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached at (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /MOEEN KHAN/ Primary Examiner, Art Unit 2436
Read full office action

Prosecution Timeline

Sep 18, 2023
Application Filed
Sep 13, 2025
Non-Final Rejection — §103, §112 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

18/056,557
Patent 12587531
BROWSER PROFILE SEPARATION FOR A MANAGED USER ACCOUNT
2y 5m to grant Granted Mar 24, 2026
19/002,162
Patent 12580730
METHOD AND SYSTEM FOR IMPROVING HOMOMORPHIC ENCRYPTION PERFORMANCE BASED ON TRUSTED EXECUTION ENVIRONMENT
2y 5m to grant Granted Mar 17, 2026
18/506,259
Patent 12574244
DC-SCM AUTHENTICATION SYSTEM
2y 5m to grant Granted Mar 10, 2026
18/196,390
Patent 12562896
SYSTEM AND METHOD FOR PROVIDING SECURE COMMUNICATION USING EPHEMERAL KEYS WITH A LIFETIME ASSOCIATED WITH A TYPE OF DATA BEING SECURED
2y 5m to grant Granted Feb 24, 2026
18/581,988
Patent 12556364
OPTIMIZED AUTHENTICATION SYSTEM FOR A MULTIUSER DEVICE
2y 5m to grant Granted Feb 17, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

1-2
Expected OA Rounds
69%
Grant Probability
99%
With Interview (+59.7%)
2y 11m
Median Time to Grant
Low
PTA Risk
Based on 228 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month