DETAILED ACTION
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-2, 4-9, 11-16, and 18-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Dinha (Pub. No. US 2013/0263233), Weiskopf et al. (“Weiskopf”, Pub. No. US 2007/0168513) and Tobias et al. (“Tobias”, Pub. No. US 2019/0205317)
Per claim 1, Dinha teaches a method for securely sharing content between applications through parallel data sharing, comprising:
receiving a first input for dragging content in a first application to a secure container running in the first application ([0006]…The interaction may be a user dragging or dropping a file or other data into the virtual locker. The virtual locker may be formed to look like a safe, lockbox or other representation indicating security);
storing the content in the secure container ([0065]…data stores may store the data using one or more layers of encryption);
generating an identifier associated with the content ([0006]…files within the security virtual area may have indicia (i.e. identifier) indicating their encrypted state; [0065]…Encrypted data files may be represented by additional indicia within or associated with the first indicia (i.e. identifier));
receiving a second input for dragging the identifier from the secure container to a second application and based on the second input, transferring the content to the second application, wherein the content is decrypted ([0030]…the terms "software as a service" or "SaaS" or "on-demand software" generally mean a software delivery model in which software and its associated data are hosted centrally such as on the Internet or cloud and accessed by users using a client; [0071]…different virtual spaces may represent different locations or types of data providing for graphical visualization and control of which data is accessible to any SaaS provider. For example and without limitation, a virtual space may represent one or more data files for an SaaS accounting provider represented along with an SaaS tax preparer; [0074]…At a step 322 the data store is published. Publication may entail making the data store available to the SaaS provider for use with the software the SaaS provider provides. Server operation may be effected by using the interface 412 on a local processing device and adding a wrapper. The wrapper acts as an intermediary for the conventional application by exposing a web service interface to the client. [0081]…The interface engine may present (or cause to be presented) the appropriate indicia such as a safe or lockbox or other icons representing SaaS providers and access information. For example and without limitation, when a user drags a file into or out of the security indicia, encryption of decryption occurs without further user intervention.)
Dinha does not teach a first plug-in for a container running in the first application; and encrypting the content using a public encryption key provided by the second application and the content is decrypted at the second application using a private encryption key that corresponds to the public encryption key.
However, Weiskopt teaches a plug-in for a container running in an application ([0023]…In one embodiment, the user can manually provide or select content for processing, including but not limited to: (1) dragging and dropping the selected content into a visual container, such as a window, folder, icon, and the like; (2) identifying a folder, directory, or virtual lightbox where at least one instance of the selected content resides; (3) selecting an integrated feature or a plug-in applet that provides this functionality for another application.)
Tobias teaches encrypting the content using a public encryption key provided by the second application and the content is decrypted at the second application using a private encryption key that corresponds to the public encryption key ([0012]… There are many forms of key exchange methodologies in current use for establishing a trusted communication link between two devices and to encrypt/decrypt transmitted data such as through symmetric shared secret keys or public/private asymmetric keys. Symmetric encryption uses the same key for both encrypting and decrypting data through any number of algorithms such as AES, Blowfish, DES, and Skipjack and is typically faster than asymmetric encryption. It is often used for bulk data encryption and when high rates of data throughput are necessary. In contrast, asymmetric encryption utilizes a pair of keys, public and private, where a public key is typically used to encrypt the data and the private key is used to decrypt the data).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the teaching of Weiskopt and Tobias in the invention of Dinha in order to provide the user with a well-known feature of a plug-in to provide added functionalities to an application, and in order to provide the user with asymmetric encryption for establishing a trusted relationship between devices/applications for sharing/accessing of content in a secured manner.
Per claim 2, the modified Dinha teaches the method of claim 1, wherein, prior to storing the content in the secure container, the first application verifies with an application profile that the first application has permission to drag the content to the secure container (Dinha, [0059] …Certain embodiments may include the following factors for security: [0060] Device ownership factors such as a physical phone, or cell phone or other controlled device to verify identity. [0061] Knowledge factors such as a password, pass phrase, or personal identification number (PIN), challenge response (the user must answer a question) and the like. [0062] Inherence factors such as a fingerprint, retinal pattern, voice, or other biometric identifiers that verify identity. Multiple-factor security including but not limited to combinations of the above factors will provide for a more robust trust relationship.).
Per claim 4, the modified Dinha teaches the method of claim 1, wherein storing the content in the secure container includes storing the content in a secure storage system provided by an operating system that the first application runs in (Dinha, [0066]…The encryption key may be then used to encrypt the data. Encryption is typically applied at the creation time of the document and on the same device it has been composed on to avoid tampering…in certain embodiments encryption may be done by a local processor before any sensitive information is exposed to a local network or the Internet).
Per claim 5, the modified Dinha teaches the method of claim 1, wherein the second input includes a drag and drop input from to the second application (Dinha, [0081]…The interface engine may present (or cause to be presented) the appropriate indicia such as a safe or lockbox or other icons representing SaaS providers and access information. For example and without limitation, when a user drags a file into or out of the security indicia, encryption of decryption occurs without further user intervention), but does not teach second plug-in running in the second application
Weiskopt teaches a plug-in for an application ([0023]…In one embodiment, the user can manually provide or select content for processing, including but not limited to: (1) dragging and dropping the selected content into a visual container, such as a window, folder, icon, and the like; (2) identifying a folder, directory, or virtual lightbox where at least one instance of the selected content resides; (3) selecting an integrated feature or a plug-in applet that provides this functionality for another application.). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the teaching of Weiskopt in the invention of the modified Dinha in order to provide the user with a well-known feature of a plug-in to provide added functionalities to an application
Per claim 6, the modified Dinha teaches the method of claim 5, wherein the drag and drop input includes a drag selection of an identifier associated with the content that is displayed in an interface of the second plug-in (Dinha, [0006]…files within the security virtual area may have indicia (i.e. identifier) indicating their encrypted state; [0065]…Encrypted data files may be represented by additional indicia within or associated with the first indicia (i.e. identifier)); 0081]…The interface engine may present (or cause to be presented) the appropriate indicia such as a safe or lockbox or other icons representing SaaS providers and access information. For example and without limitation, when a user drags a file into or out of the security indicia, encryption of decryption occurs without further user intervention).
Per claim 7, the modified Dinha teaches the method of claim 1, wherein, based on the second input, the second application verifies with an application profile that the second application has permission to receive the content to the secure container ([0073]…a trust relationship is established for the SaaS provider. This step may vary according to the needs of the SaaS provider, and in certain embodiments, may only require establishing a connection to the SaaS provider. In other embodiments, the SaaS provider may use single or multiple-factor authentication. [0074]…At a step 322 the data store is published. Publication may entail making the data store available to the SaaS provider for use with the software the SaaS provider provides. Server operation may be effected by using the interface 412 on a local processing device and adding a wrapper. The wrapper acts as an intermediary for the conventional application by exposing a web service interface to the client; [0084]…The interface may be effectuated using an interface engine. The interface engine may use conventional programming techniques to effectuate certain operations. For example and without limitation, SQL Server or MySQL may be used to access a local or remote server containing operational data. The interface engine may also act as a server wherein a properly authenticated local or remote service requests access to the locked data store).
Claims 8-9, and 11-14 are rejected under the same rationale as claims 1-2 and 4-7 respectively.
Claims 15-16 and 18-20 are rejected under the same rationale as claims 1-2 and 4-6 respectively.
Claim(s) 3, 10, and 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Dinha (Pub. No. US 2013/0263233), Weiskopf et al. (“Weiskopf”, Pub. No. US 2007/0168513), Tobias et al. (“Tobias”, Pub. No. US 2019/0205317), and Li (Pub. No. 2020/0334057)
Per claim 3, the modified Kinha teaches the method of claim 1, but does not teach storing the content in the secure container includes encrypting the content using an encryption key stored by a Trusted Execution Environment or Secure Element.
However, Li teaches storing the content in the secure container includes encrypting the content using an encryption key stored by a Trusted Execution Environment or Secure Element ([0038]…In general terms, a TEE may be a secure area of a processing unit with code and data loaded inside. Once a TEE is created, the processor may provide hardware-enforced protection for the TEE, e.g., using cryptography, to ensure that contents stored in the TEE are protected, not to be read or written by processes outside of that TEE. The confidentiality and integrity of the TEE can therefore be established at the hardware level.). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the teaching of Li in the invention of Dinha in order to provide the advantage of using TEE to enhance confidentiality and integrity through hardware level for protecting of content.
Claims 10 and 17 individually is rejected under the same rationale as claim 3.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Broms et al. (Pub. No. US 2015/0278502) discloses granting access to a file, and of enabling passcode protection for a file.
Moy (Pat. No. 9,076,008) discloses content protection on an electronic device.
Inquiries
Any inquiry concerning this communication or earlier communications from the examiner should be directed to THANH T VU whose telephone number is (571)272-4073. The examiner can normally be reached M-F: 7AM - 3:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Fred Ehichioya can be reached at (571) 272-4034. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/THANH T VU/Primary Examiner, Art Unit 2179