File Encapsulation Validation

§103 §112

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 4 and 7 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claim 4 recites the limitation "a protection level directory". This term is not defined in the specification, and is not seen as a term regularly understood in the art. It is unclear what the limitations of such a directory are. Applicant argues, in arguments filed 11 November 2025, that the term would be readily understood by one of ordinary skill in the art as a directory of protected level settings. The examiner disagrees, and has supplied a copy of a Google search of the term in the appendix of this office action which does not define it that way. Claim 7 recites the limitation "where these exist". It is unclear what “these” refers to in the claim, and what the term means exactly. It could mean that the unencrypted data includes metadata and thumbnail data only if the metadata and thumbnail data exist. In this case, it is unclear if the encrypted files still need to contain some unencrypted data if no metadata or thumbnail data exists. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-17, as best understood, are rejected under 35 U.S.C. 103 as being unpatentable over Cidon et al., USPN 2014/0013112, in view of Runkis e al., USPN 2017/0262655. With regard to claims 1, 6, and 9-14, Cidon discloses a method for preventing illegitimate access to readable data in files (0096, 0102), wherein the files are continuously kept as encrypted files while they are being stored or transferred (0010, 0221), and wherein access to the content of the files by a user includes the steps, when the user, from a dedicated computer device, clicks to open an encrypted file from a specific data storage monitored by a monitoring service, the file is immediately transferred as an encrypted file from the data storage to a specified folder/directory on the user's computer device (0231, 0356-0364, 0085, 0130), when the file is located on the user's computer device, a validator agent opens the file and checks a unique file identifier or origin location (0094, 0105, 0049, 0113, 0207) and the user's identity, computer device unique identifier and the user's access permissions relative to a protection level of the file (0130, 0108, 0113, 0115, 0263, 0241, 0109), if the validator agent confirms the check the validator agent requests a decryption key from monitoring service, decrypts and opens the file in a correct program as determined from the file, without any additional clicks by the user (0231, 0130, 0116, 0223), if the validator agent fails to confirm the check, the file is not decrypted and opened, and the user's access is denied and an alert signal is transmitted to the monitoring service (0213-0217, 0156), if the user clicks to save the file, the validator agent encrypts the file and transfers and stores it in the origin location on the data storage (0356-0366, 0085). Cidon does not disclose authenticating the user with at least the three factors of user credentials. Runkis discloses a method of protecting data that is being stored and transmitted (0002), similar to that of Cidon, and further discloses using three factor credential authentication to authenticate a user is a well-known practice (0118). It would have been obvious for one of ordinary skill in the art, prior to the instant effective filing date to implement the three factor authentication of Runkis in the method of Cidon for the motivation of improved security from unauthorized access, a stated motivation of Cidon (0007, 0043) and Runkis (0002). With regard to claims 2 and 3, Cidon in view of Runkis discloses the method of claim 1, and Runkis further discloses using a motherboard ID to identify a computer (0114, 0145). It would have been obvious for one of ordinary skill in the art, prior to the instant effective filing date to implement the motherboard ID authentication of Runkis in the method of Cidon for the motivation of improved security from unauthorized access, a stated motivation of Cidon (0007, 0043) and Runkis (0002). With regard to claim 4, Cidon in view of Runkis discloses the method of claim 1, and Cidon further discloses the validator agent's checks validates the user's access permissions relative to the protection level of the file according to a protection level directory (0261, 0262, 0173, 0156, 0170, 0025, 0207). With regard to claim 5, Cidon in view of Runkis discloses the method of claim 1, and Cidon further discloses permissions and protection information are provided by the monitoring service (0113). With regard to claim 7, Cidon in view of Runkis discloses the method of claim 1, and Cidon further discloses the files contain some unencrypted readable file data including metadata and file thumbnail data where these exist(0049, 0113, 0207). With regard to claim 8, Cidon in view of Runkis discloses the method of claim 1, and Cidon further discloses incorporating data loss prevention (0006, 0099-0100). With regard to claim 15, Cidon in view of Runkis discloses the method of claim 1, and Cidon further discloses the unique file identifier comprises a hash, a Globally Unique Identifier (GUID), or a Universally Unique Identifier (UUID) (0274, 0106, 0190, 0381-0384, 0263). With regard to claim 16, Cidon in view of Runkis discloses the method of claim 1, and Cidon further discloses the correct program is determined from the file via one or more of a file type extension and file metadata (0130). With regard to claim 17, Cidon in view of Runkis discloses the method of claim 1, and Cidon further discloses the user's computer device comprises a laptop computer or a smartphone (0095). Response to Arguments Applicant's arguments, filed 11 November 2025, have been fully considered but they are not fully persuasive. With regard to applicant’s argument regarding the 112 rejection of claim 4, the examiner addressed the argument above. With regard to applicant’s argument that Cidon does not disclose a validator agent to handle the decryption and encryption, the examiner disagrees. Applicant quotes paragraph 0359 of Cidon and puts the words, “Modifying the file, by the management server”, in bold. The examiner points out that later, in that same paragraph, Cidon states, “wherein the modifications comprise flagging the modified file as to be handled by an agent that is hosted by a device of a user, wherein the agent is arranged to cooperate with a management server 2130.” This agent handles the file (0366), and reads on the validator agent. Applicant further states in his arguments, “in the Detailed Description: "It is to be understood that the validator agent (130) is software residing and being executed on the user's computer device (140), c.f. FIG. 2." Thus, it is clear that the steps of claim 1 performed by the validator agent are executed on the user's computer device”. The examiner points out that the claims do not state that the validator agent is software residing and being executed on the user's computer device. References Cited Benson et al., USPN 2013/0179681, discloses a method using a three-factor credential to authenticate a user (0041). Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to JACOB LIPMAN whose telephone number is (571)272-3837. The examiner can normally be reached 5:30AM-6:00PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached at 571-272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /JACOB LIPMAN/Primary Examiner, Art Unit 2434