Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This office action is in response to the application filed on or reply to the remarks of 12/3/2025. The instant application has claims 1-20 pending. The system, method and medium for usage metric for an key being determined for data loss and generating an new key. There a total of 20 claims.
Allowable Subject Matter
Claims 6, 13, 19 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Response to Arguments
Applicant's arguments filed 12/3/2025 have been fully considered but they are not persuasive.
The applicant argues that the usage metric for each encryption key associated with user is not taught by Li.
Li discloses encryption key(MLE key) being managed in an key manager and the further monitors the packages that it is associated with see Page 621 § Enhanced encryption. That is the packages are transformed into that are stored in key manager via trimmed packages and stubs see Page 623 § Upload & Page 619 A. Encrypted Deduplication Storage ¶4.
The applicant further argues that generating an key based on probabilistic model or usage metric is not taught by Yang.
Yang discloses the PIN being used to user is authentic to retrieve the master key which then used to retrieve the data keys see Par. 0069 & Par. 0067. And when the PIN has been entered incorrectly above an threshold value the master-key changing procedures ends see Par. 0078-0080. That is, the PIN entry is used to determine whether to gain access to files via keys that is used for decryption and also for changing the master-keys based on an new PIN and when the it is incorrectly entered, i.e. usage metric or probabilistic model, the operation is denied.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under pre-AIA 35 U.S.C. 103(a) are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-5, 7-12, 14-18, 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Rekeying for Encrypted Deduplication Storage to Li in view of US Patent Pub 2012/0284534 to Yang.
Regarding claim 1, 8,15, Li discloses A method for encryption key management executed by one or more computing devices of a management system, the method comprising: receiving an encryption request from an application, the encryption request comprising a request to encrypt at least one data object, wherein the application is associated with a corresponding user(IV. REED Design A. Main Idea, the file key is used for encrypting the file); determining a usage metric of each of a plurality of existing encryption keys associated with the corresponding user, each usage metric comprising a number of data objects encrypted by a respective existing encryption key(Page 621 B. Encryption Schemes, the encryption of file using key & Page 623 § Upload & Page 619 A. Encrypted Deduplication Storage ¶4, key manager stores information about the message fingerpints being associated with user and MLE key); transmitting, to the application, either the existing encryption key or the instructions configured to cause the application to generate the new encryption key(Page 619 B. Rekeying, the keys are revoked and new keys are generated & Page 626 Experiment A.$ (rekeying performance), the lazy and active re-keying).
Li does not determining whether to transmit an existing encryption key in the plurality of existing encryption keys to the application or to transmit instructions to the application configured to cause the application to generate a new encryption key, the determination being based at least in part on a probabilistic model, the usage metric for each of the plurality of existing encryption keys, and a data loss threshold associated with the corresponding user.
In the same field of endeavor as the claimed invention, Yang discloses .
determining whether to transmit an existing encryption key in the plurality of existing encryption keys to the application or to transmit instructions to the application configured to cause the application to generate a new encryption key, the determination being based at least in part on a probabilistic model, the usage metric for each of the plurality of existing encryption keys, and a data loss threshold associated with the corresponding user(Par. 0075-0081, the PIN is associated with new key generating based on incorrect threshold reached & Par. 0069 & Par. 0067 & Par. 0078-0080, the PIN has been entered incorrectly above an threshold value the master-key changing procedures ends).
It would have been obvious to one of ordinary skill in the art before the effective filing date of claimed invention to modify Li invention to incorporate determining whether to transmit an existing encryption key in the plurality of existing encryption keys to the application or to transmit instructions to the application configured to cause the application to generate a new encryption key, the determination being based at least in part on a probabilistic model, the usage metric for each of the plurality of existing encryption keys, and a data loss threshold associated with the corresponding user for the advantage of providing new key as per user’s wish as taught in Yang Abstract.
Regarding claim 2, 9, 16, The combined method/system/medium of Li and Yang, mutatis mutandis, Li discloses the method of claim 1, wherein transmitting, to the application, either the existing encryption key or the instructions configured to cause the application to generate the new encryption key comprises transmitting the existing encryption key an further comprises: selecting the existing encryption key from an encryption key repository (Page 623 Rekeying); and transmitting an encryption key container corresponding to the selected existing encryption key to the application, wherein the encryption key container is an encrypted data object containing the selected existing encryption key(Page 623 Rekeying & III. Overview).
Regarding claim 3, 10, 17, The combined method/system/medium of Li and Yang, mutatis mutandis, Li discloses the method of claim 2, wherein the encryption key container comprises: an encrypted encryption key corresponding to the selected existing encryption key, wherein the encrypted encryption key is encrypted with a key encryption key; an encrypted container wrapper comprising the key encryption key and a checksum of the encrypted encryption key, wherein the encrypted container wrapper is encrypted with a master key associated with the user Page 623 § D. Operations, key is decrypted for revealing file key ); and an augmented associated data object comprising metadata corresponding to the selected existing encryption key, the corresponding user, and the master key used to encrypt the encrypted container wrapper Page 623 § D. Operations, key is decrypted for revealing file key ).
Regarding claim 4, 11, 18, The combined method/system/medium of Li and Yang, mutatis mutandis, Li discloses the method of claim 1, wherein transmitting, to the application, either the existing encryption key or the instructions configured to cause the application to generate the new encryption key comprises transmitting the instructions configured to cause the application to generate the new encryption key and further comprising: receiving, from the application, an encryption key container corresponding to the new encryption key generated by the application, wherein the encryption key container is an encrypted data object containing the new encryption key generated by the application(Page 620 § B. Threat Model & C. Challenges, the key is compromised leads to new keys; and storing the encryption key container corresponding to the new encryption key generated by the application.(Page 620 § B. Threat Model, the key is compromised leads to new keys)
Regarding claim 5, 12, The combined method/system/medium of Li and Yang, mutatis mutandis, Li discloses the method of claim 1, wherein the instructions configured to cause the application to generate a new encryption key are further configured to cause the application to: generate an encryption key container corresponding to the new encryption key, wherein the encryption key container is an encrypted data object containing the new encryption key(Page 623 § D. Operations, key is decrypted for revealing file key ); and encrypt the data object with the new encryption key(Page 619 § B. Rekeying, the new key is used).
Regarding claim 7, 13, 20, The combined method/system/medium of Li and Yang, mutatis mutandis, Yang discloses the method of claim 1, wherein determining whether to transmit an existing encryption key in the plurality of existing encryption keys to the application or to transmit instructions to the application configured to cause the application to generate a new encryption key comprises: determining a probability that that use of an existing encryption key to encrypt the data object will cause the data loss threshold associated with the corresponding user to be exceeded based at least in part on the usage metric for each of the plurality of existing encryption keys, a total number of existing encryption keys associated with the corresponding user, and the data loss threshold associated with the corresponding use(Par. 0073-0082).r; determining whether the probability exceeds a threshold probability value(Par. 0073-0082).; and determining whether to transmit an existing encryption key in the plurality of existing encryption keys to the application or to transmit instructions to the application configured to cause the application to generate a new encryption key based at least in part on whether the probability exceeds the threshold probability value(Par. 0073-0082).
Conclusion
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Venkat Perungavoor whose telephone number is (571)272-7213. The examiner can normally be reached 9-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rupal Dharia can be reached on 571-272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/VENKAT PERUNGAVOOR/Primary Examiner, Art Unit 2492 Email: venkatanarayan.perungavoor@uspto.gov