CRYPTOGRAPHY AS A SERVICE

§102 §103

DETAILED ACTION This action is in response to the claims filed 10/9/2023. Claims 1-20 are pending. Independent claims 1, 10 and 19, and corresponding dependent claims are directed towards a method, system and non-transitory computer readable medium for cryptography as a service. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Drawings The drawings are objected to because: Fig. 1 items 144 and 146 are not described in the specification. Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance. Specification The disclosure is objected to because of the following informalities: the first recitation of the following acronyms is not expanded: [0094] CD-ROM and CD-R; [0097] OS, I/O and CPU. Appropriate correction is required. Claim Rejections - 35 USC § 102 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention. Claims 1-6, 10-15 and 19-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Agarwal et al. (US 2017/0006064 A1), published Jan. 5, 2017. As to claims 1, 10 and 19, Agarwal discloses a method, system and non-transitory computer readable medium (Agarwal [0004] method, system, non-transitory computer-readable medium), hereinafter referred to as a system, for providing cryptography as a service (Agrawal [Abstract] centralized framework for managing the data encryption of resources), comprising: at least one memory (Agarwal Fig. 22 item 2210; [0202]); and at least one processor coupled to the at least one memory (Agarwal Fig. 22 item 2204; [0202]), the at least one processor and the at least one memory configured to: receive, by a cryptographic provider component (Agarwal Fig. 1 item 104 data encryption service), policy information (Agarwal [0039] data encryption service receives application policy information and determine cryptographic policy to be applied); receive, by the cryptographic provider component, requests from a plurality of applications to perform cryptographic operations, wherein the plurality of applications comprise separate processes from the cryptographic provider component (Agarwal Fig. 1 item 104 data encryption service receiving application requests, also showing application requests from multiple user devices; [0040] perform encryption based on request received); and select, by a cryptographic router of the cryptographic provider component, based on the policy information and information associated with the requests, one or more cryptographic implementation components for servicing each request of the requests (Agarwal [0039]-[0040] data encryption service determines cryptographic policy and encryption objects to be used for encryption for request, then performs the encryption using the encryption objects; [0049] cryptographic policies specify algorithm to be used). As to claims 2, 11 and 20, Agarwal discloses the invention as claimed as described in claims 1, 10 and 19, respectively, including wherein the at least one processor and the at least one memory are further configured to: determine, by the cryptographic router, a policy-related event based on the policy information (Agarwal Fig. 4 row A2 or A3 showing policy actions detected resulting in conditions C1 or C2; [0069] accessing different portions of data results in different conditions/policies/encryption being used); and transfer, by the cryptographic router, servicing of at least one request of the requests from a first cryptographic implementation component to a second cryptographic implementation component based on the policy-related event (Agarwal Fig. 4 row A2 or A3 using different cryptographic policy and encryption object for C1 or C2; [0069] accessing different portions of data results in different conditions/policies/encryption being used). As to claims 3 and 12, Agarwal discloses the invention as claimed as described in claims 1 and 10, respectively, including wherein the at least one processor and the at least one memory are further configured to select, by the cryptographic router, certificate authorities for generating one or more security certificates related to the requests (Agarwal [0152] notification of need to renew certificate sent to local or third party certificate issuing authority). As to claims 4 and 13, Agarwal discloses the invention as claimed as described in claims 1 and 10, respectively, including wherein the at least one processor and the at least one memory are further configured to load, by the cryptographic provider component, the one or more cryptographic implementation components selected for servicing each request of the requests based on a library of available cryptographic techniques associated with the cryptographic provider component (Agarwal [0139] application policy engine acquires relevant encryption objects from application hosting systems 1710 external to server provider system). As to claims 5 and 14, Agarwal discloses the invention as claimed as described in claims 4 and 13, respectively, including wherein the one or more cryptographic implementation components selected for servicing each request of the requests implement one or more cryptographic techniques of the available cryptographic techniques in the library (Agarwal [0039]-[0040] data encryption service determines cryptographic policy and encryption objects to be used for encryption for request, then performs the encryption using the encryption objects). As to claims 6 and 15, Agarwal discloses the invention as claimed as described in claims 1 and 10, respectively, including wherein the requests were routed to the cryptographic provider component by a provider routing component separate from the cryptographic provider component (Agarwal Fig.1 item 126 application data service routing requests from user devices to data encryption service), and wherein the provider routing component routes additional requests to one or more other cryptographic provider components (Agarwal [0045] service provider may have more modules than shown; [0065] “user devices 102 may utilize application data service 120 to utilize the data encryption services provided by subsystems and/or modules of the service provider system” – i.e. application data service can be connected to multiple data encryption services). Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 7-8 and 16-17 are rejected under 35 U.S.C. 103 as being unpatentable over Agarwal et al. (US 2017/0006064 A1), published Jan. 5, 2017, in view of Walter et al. (US 2013/0254758 A1), published Sep. 26, 2013. As to claims 7 and 16, Agarwal substantially discloses the invention as claimed as described in claims 6 and 15, respectively, including a provider routing component for the requests and the additional requests to the cryptographic provider component and the one or more other cryptographic provider components (See above rejections). Agarwal fails to explicitly disclose wherein the provider routing component performs load balancing. Walter describes application construction for execution on diverse computing infrastructures. With this in mind, Walter discloses a load balancing component of a computing system (Walter Fig. 1 item 142; [0017] load balancers 142 in infrastructure as a service 130). It would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains to combine the load balancing of Walter with the application data service routing of Agrawal, such that requests for cryptographic services are routed based on load balancing, as it would advantageously improve performance, reliability and scalability of service providing that comes with load balancing traffic. As to claims 8 and 17, Agarwal and Walter discloses the invention as claimed as described in claims 7 and 16, respectively, including wherein the at least one processor and the at least one memory are further configured to launch, by the provider routing component, the one or more other cryptographic provider components based on an amount of load associated with the cryptographic provider component (Walter [0017] load balancer instantiates and controls the amount of resources based on workload of resources). Claims 9 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Agarwal et al. (US 2017/0006064 A1), published Jan. 5, 2017, in view of Walter et al. (US 2013/0254758 A1), published Sep. 26, 2013, in view of Kunchakarra et al. (US 2021/0049127 A1), published Feb. 18, 2021. As to claims 9 and 18, Agarwal and Walter substantially disclose the invention as claimed as described in claims 8 and 17, respectively, failing, however, to explicitly disclose wherein a load balancing decision related to the load balancing is made by a load balancing component separate from the provider routing component. Kunchakarra describes a method for compliance verification of resources in a target environment that can be a cloud system. With this in mind, Kunchakarra discloses a load balancing component separate from a routing component (Kunchakarra Fig. 5 showing components of computing system including load balancing service component 562 and routing and replication service component 550; [0098]; [0100]-[0101]). It would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains to combine the separate load balancing and routing components of Kunchakarra with the routing and load balancing of Agarwal and Walter, such that the load balancing decisions occur in component separate from the routing that occurs in the application data services component, as it would advantageously offload the load balancing from the application data services, preventing a slow down due to decision making. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Ansari et al. (US 2021/0211320 A1) is related to a service management system. Roth et al. (US 2014/0229729 A1) is related to a cryptographic service for performing encryption/decryption. Chauhan (US 2021/0234920 A1) is related to load balancing. Gheorghe et al. (US 2017/0250859 A1) is related to load-balanced relays. Thangavel (US 2024/0171627 A1) is related to load balancing based on workload. Benassi (US 2023/0153076 A1) is related to load balancing requests and instantiating workload resources. Sharifi Mehr (US 2019/0273728 A1) is related to resource-based cipher suite selection. Kumar et al. (US 2018/0205711 A1) is related to a load balancing component of an encryption key management service. Mahne et al. (US 6,981,141 B1) is related to transparent encryption and decryption in an algorithm independent engine. Any inquiry concerning this communication or earlier communications from the examiner should be directed to ERIC W SHEPPERD whose telephone number is (571)270-5654. The examiner can normally be reached on Monday - Thursday, Alt. Friday, 7:30AM - 5:00PM, EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rupal Dharia can be reached on (571)272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /Eric W Shepperd/Primary Examiner, Art Unit 2492