Prosecution Insights
Last updated: July 17, 2026
Application No. 18/618,640

SYSTEMS, APPARATUSES, AND METHODS FOR DECENTRALIZED GENERATION, STORAGE, AND/OR MANAGEMENT OF ENCRYPTED DATA

Final Rejection §103
Filed
Mar 27, 2024
Priority
Mar 24, 2023 — provisional 63/491,989 +2 more
Examiner
GREENE, JOSEPH L
Art Unit
2443
Tech Center
2400 — Computer Networks
Assignee
Dedi Corp.
OA Round
2 (Final)
63%
Grant Probability
Moderate
3-4
OA Rounds
1y 8m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 63% of resolved cases
63%
Career Allowance Rate
351 granted / 558 resolved
+4.9% vs TC avg
Strong +37% interview lift
Without
With
+36.7%
Interview Lift
resolved cases with interview
Typical timeline
3y 12m
Avg Prosecution
34 currently pending
Career history
602
Total Applications
across all art units

Statute-Specific Performance

§101
2.3%
-37.7% vs TC avg
§103
90.1%
+50.1% vs TC avg
§102
4.7%
-35.3% vs TC avg
§112
1.8%
-38.2% vs TC avg
Black line = Tech Center average estimate • Based on career data from 558 resolved cases

Office Action

§103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 1. Claims 1-4, 10-26, 32-48, and 54-81 are currently pending in this application. Claims 1-3, 14, 17, 23-25, 36, 39, 45-47, 58, and 61 are amended as filed on 04/20/2026. Claims 5-9, 27-31, and 49-53 are canceled as filed on 04/20/2026. Claims 67-81 are new as filed on 04/20/2026. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-3, 10-14, 19, 21-25, 32-36, 41, 43-47, 54-58, 63, and 65-66 are rejected under 35 U.S.C. 103 as being unpatentable over Smith et al. (Pre-Grant Publication No. US 2018/0123804 A1), hereinafter Smith, in view of Thacker et al. (Pre-Grant Publication No. US 2024/0211165 A1), hereinafter Thacker. 2. With respect to claims 1, 23, and 45, Smith taught a method comprising: selectively storing one or more data pieces in at least one first device based on a group of one or more characteristics of the one or more data pieces and/or one or more characteristics of the at least one first device, the at least one first device being a physical or virtual device (0089 & figure 4, item 400, where the authorization information is a from a group of characteristics under broadest reasonable interpretation). However, Smith did not explicitly state wherein the one or more restrictions define: a maximum number of data pieces allowed to be stored in the at least one first device, the maximum number of data pieces being independent of a storage capacity of the at least one first device, what data pieces are allowed to be stored in the at least one first device, or a combination thereof. On the other hand, Thacker did teach wherein the one or more restrictions define: a maximum number of data pieces allowed to be stored in the at least one first device, the maximum number of data pieces being independent of a storage capacity of the at least one first device, what data pieces are allowed to be stored in the at least one first device, or a combination thereof (0033-0035, where this, at least, teaches the maximum number of stored data pieces limitation). Both of the systems of Smith and Thacker are directed towards storing data and therefore, it would have been obvious to a person having ordinary skill in the art, at the time of the effective filing of the invention, to modify the teachings of Smith, to utilize a fixed number of entries per container, as taught by Thacker, in order to more easily managed containers that are constantly adjusting key entries. 3. As for claims 2, 24, and 46, they are rejected on the same basis as claims 1, 23, and 45 (respectively). In addition, Smith taught wherein said selectively storing the one or more data pieces in the at least one first device comprises: selecting one of the at least one first device; determining that the group of the one or more characteristics of the one or more data pieces and/or the one or more characteristics of the at least one first device satisfy a group of one or more conditions; and storing the one or more data pieces in the selected one of the at least one first device (0075, where the authorizations are conditions). 4. As for claims 3, 25, and 47, they are rejected on the same basis as claims 2, 24, and 46 (respectively). In addition, Smith taught wherein said what data pieces are allowed to be stored in the at least one first device define that the data pieces allowed to be stored in the at least one first device are as follows: data pieces belonging to a same owner or a predefined maximum number of multiple owners; the one or more data pieces being related to a same application program or a predefined maximum number of multiple application programs; data pieces being encrypted using a same encryption key or a predefined maximum number of multiple encryption keys; data pieces being encrypted using mutually different encryption keys; data pieces of a same type; data pieces being encrypted, and cryptographic keys related to the encrypted data pieces not stored in the in at least one first device; or a combination thereof (0318 & 0370, where this, at least, teaches the same type limitation as the secure storage does not store the listed elements because they are not the appropriate type). 5. As for claims 10, 32, and 54, they are rejected on the same basis as claims 1, 23, and 45 (respectively). In addition, Smith taught creating a first safe in the at least one first device (fig. 4, item 401); creating a first nugget in the first safe (fig. 4, item 400); and storing one of the one or more data pieces in the first nugget (fig. 4, item 400, the data stored in the ACP); wherein the first safe and the first nugget are data structures (0096, where the layers are containers and containers are data structures). 6. As for claims 11, 33, and 55, they are rejected on the same basis as claims 10, 32, and 54 (respectively). In addition, Smith taught wherein the first nugget comprises metadata (0083 & 0107). 7. As for claims 12, 34, and 56, they are rejected on the same basis as claims 10, 32, and 54 (respectively). In addition, Smith taught wherein said creating the first safe in the at least one first device comprises: creating a vault in the at least one first device; and creating the first safe in the vault; wherein the vault is a data structure (fig. 4, item 404). 8. As for claims 13, 35, and 57, they are rejected on the same basis as claims 12, 34, and 56 (respectively). In addition, Smith taught wherein each of the at least one first device only comprises one vault (fig. 4, item 404. See also: 0089, where nested layers are not required meaning that there could be just one vault under broadest reasonable interpretation). 9. As for claims 14, 36, and 58, they are rejected on the same basis as claims 10, 32, and 54 (respectively). In addition, Smith taught wherein the first nugget is of a first type; and wherein the first type is for data storage and is directly addressable without traversing another nugget (fig. 4, item 400, where the keys are there to be retrieved and the system does not claim that it traverses other nuggets in order to perform said action). 10. As for claims 19, 41, and 63, they are rejected on the same basis as claims 10, 32, and 54 (respectively). In addition, Smith taught finding the first nugget by searching the at least one first device using an ID of the first nugget; or finding the first nugget by (i) searching the at least one first device using an ID of a query initiator to obtain a nugget list, and (ii) searching the nugget list using the ID of the first nugget (0089, where it is given that each layer/storage unit would have an id/address so that they may be located and their information retrieved. See also: 0096). 11. As for claims 21, 43, and 65, they are rejected on the same basis as claims 1, 23, and 45 (respectively). In addition, Smith taught wherein said managing the at least one first device comprises: receiving a creation request from the at least one first device; generating a device-ID-creation token; sending the device-ID-creation token to the at least one first device; receiving a device ID of the at least one first device and a device-ID-registration token from the at least one first device; verifying the device-ID-registration token; registering the device ID; generating a device-ID-update token; and sending the device-ID-update token to the at least one first device (0242). 12. As for claims 22, 44, and 66, they are rejected on the same basis as claims 1, 23, and 45 (respectively). In addition, Smith taught converting a nugget ID in a received query to a hash of the nugget ID; searching the hash of the nugget ID to obtain a hash of a vault ID; searching the hash of the vault ID to obtain a list of one or more hashes of device IDs; and searching each hash of the one or more hashes of device IDs to obtain an IP address and port of a device corresponding to the hash (0126, the integrity hashes). 13. As for claims 68, 73, and 78, they are rejected on the same basis as claims 1, 23, and 45 (respectively). In addition, Smith taught prior to transferring data between the at least one first device and a requesting client exchanging public keys between the at least one first device and the requesting client (0279); receiving, from the requesting client, request data encrypted using the public key of the at least one first device (0279 & 0280); decrypting the request data using a private key of the at least one first device (0282); and encrypting response data using the public key of the requesting client before transmitting the response data to the requesting client (0533). 14. As for claims 69, 74, and 79, they are rejected on the same basis as claims 1, 23, and 45 (respectively). In addition, Smith taught registering the at least one first device with a service provider to allow the service provider, after said registering, to deliver to a requestor a network endpoint of the at least one first device without access to any data stored in the at least one first device or communicated between the requestor and the at least one first device (0264, where the limitation does not indicate that it provides access to the first device’s stored data. See also, end-to-end encryption of 0007). 15. As for claims 70, 75, and 80, they are rejected on the same basis as claims 1, 23, and 45 (respectively). In addition, Smith taught registering a first hash derived from a first identifier of the at least one first device with a record of a locator of the at least one first device (0280); registering one or more second hashes, each derived from a second identifier of an element associated with the at least one first device, wherein each one of the first and second hashes maps either to another one of the first and second hashes in the chain of the first and second hashes or directly to the locator (0280); wherein none of the first and second identifiers are registered; and wherein a client is configured to resolve the locator by following the chain of the first and second hashes from any second hash until reaching the locator as a terminator result (0306 & 0693). Claim(s) 4, 26, and 48 are rejected under 35 U.S.C. 103 as being unpatentable over Smith, in view of Thacker, and in further view of KEMPF et al. (Pre-Grant Publication No. US 2021/0081404 A1), hereinafter Kempf. 16. As for claims 4, 26, and 48, they are rejected on the same basis as claims 1, 23, and 45 (respectively). However, Smith did not explicitly state managing one or more users and the at least one first device using a first hierarchical structure of the one or more users, a second hierarchical structure of the at least one first device, and a mapping between the first and second hierarchical structures. On the other hand, Kempf did teach managing one or more users and the at least one first device using a first hierarchical structure of the one or more users, a second hierarchical structure of the at least one first device, and a mapping between the first and second hierarchical structures (0046 & figure 1, item 108, where the data center is the host in accordance with 0044). Both of the systems of Smith and Kempf are directed towards managing structures in a cloud network and therefore, it would have been obvious to a person having ordinary skill in the art, at the time of the effective filing of the invention, to modify the teachings of Smith, to utilize assigning nodes a hierarchical structure, as taught by Smith, in order to effectuate proper organizational/network functioning. Claim(s) 15-17, 37-39, and 59-61 are rejected under 35 U.S.C. 103 as being unpatentable over Smith, in view of Thacker, and in further view of Zhou et al. (Pre-Grant Publication No. US 2018/0067691 A1), hereinafter Zhou. 17. As for claims 15, 37, and 59, they are rejected on the same basis as claims 10, 32, and 54 (respectively). However, Smith did not explicitly state wherein the first nugget is of a second type; and wherein the second type is for data storage and is accessible through a nugget of a third type. On the other hand, Zhou did teach wherein the first nugget is of a second type; and wherein the second type is for data storage and is accessible through a nugget of a third type (0023). Both of the systems of Smith and Zhou are directed towards managing storage and therefore, it would have been obvious to a person having ordinary skill in the art, at the time of the effective filing of the invention, to modify the teachings of Smith, to utilize storing pointers for data management, as taught by Zhou, as this was a standard way of managing and linking data that was contemporary to the time of the invention. 18. As for claims 16, 38, and 60, they are rejected on the same basis as claims 15, 37, and 59 (respectively). In addition, Zhou taught wherein the third type is for storing a link pointing to a second-type nugget (0023). 19. As for claims 17, 39, and 61, they are rejected on the same basis as claims 15, 37, and 59 (respectively). In addition, Zhou taught storing a second-type nugget or storing a third-type nugget; wherein said storing the second-type nugget comprises: identifying a second safe that does not have any third-type nugget, and storing the second-type nugget in the second safe; and wherein said storing the second-type nugget comprises: identifying a third safe that does not have any second-type nugget, and storing the third-type nugget in the third safe (0023, where the process is repeated for the nth nugget and the third nugget wouldn’t be placed in the used storage, which teaches identifying a third safe does not hand any second-type nugget, under broadest reasonable interpretation). Claim(s) 18, 40, and 62 are rejected under 35 U.S.C. 103 as being unpatentable over Smith, in view of Thacker, in view of Zhou, and in further view of Official Notice. 20. As for claims 18, 40, and 62, they are rejected on the same basis as claims 15, 37, and 59 (respectively). However, Smith did not explicitly state manipulating a second-type nugget or a third-type nugget in accordance with the following rules: storing the second-type nugget and the third-type nugget in different safes; disallowing storage of a link pointing to a first-type nugget in the third-type nugget; disallowing storage of a link pointing to a second-type nugget in the third-type nugget if the second-type nugget and the third-type nugget are in a same safe; disallowing updating of a link stored in the third-type nugget; allowing updating of data stored in the second-type nugget via a link stored in the third-type nugget that points to the second-type nugget; or a combination thereof. However, the examiner gives official notice that determining where data can be stored based on other storage locations is well known in data storage and therefore, it would have been obvious to a person having ordinary skill in the art, at the time of the effective filing of the invention, to modify the teachings of Smith to utilize specific data storage conditions, in order to maintain a structed database. Claim(s) 20, 42, and 64 are rejected under 35 U.S.C. 103 as being unpatentable over Smith, in view of Thacker, and in further view of Morris (Pre-Grant Publication No. US 2010/0146132 A1). 21. As for claims 20, 42, and 64, they are rejected on the same basis as claims 1, 23, and 45 (respectively). However, Smith did not explicitly state calling a domain name system query function with a name of a root cluster to obtain a list of addresses of one or more first discovery servers; wherein the root cluster comprises a plurality of discovery servers including the one or more first discovery servers; and wherein the DNS query function receives an input parameter and comprises: determining a node type of the input parameter, if the node type of the input parameter is a first node type, obtaining one or more DNS pointer records for the input parameter, and for each PTR record of the one or more PTR records, calling the DNS query function with a name of a node in the PTR record as the input parameter, if the node type of the input parameter is a second node type, obtaining one or more DNS service records for the input parameter, and including addresses in the one or more SRV records into the list of addresses of the one or more first discovery servers. On the other hand, Morris did teach calling a domain name system query function with a name of a root cluster to obtain a list of addresses of one or more first discovery servers; wherein the root cluster comprises a plurality of discovery servers including the one or more first discovery servers; and wherein the DNS query function receives an input parameter and comprises: determining a node type of the input parameter, if the node type of the input parameter is a first node type, obtaining one or more DNS pointer records for the input parameter, and for each PTR record of the one or more PTR records, calling the DNS query function with a name of a node in the PTR record as the input parameter, if the node type of the input parameter is a second node type, obtaining one or more DNS service records for the input parameter, and including addresses in the one or more SRV records into the list of addresses of the one or more first discovery servers (0056, where the limitations appear to claim obtaining the appropriate data using the DNS service, which is currently shown). Claim(s) 71, 76, and 81 are rejected under 35 U.S.C. 103 as being unpatentable over Smith, in view of Thacker, and in further view of Moon et al. (Pre-Grant Publication No. US 2023/0060803 A1), hereinafter Moon. 22. As for claims 71, 76, and 81, they are rejected on the same basis as claims 1, 23, and 45 (respectively). However, Smith did not explicitly state replicating a vault of the at least one first device to at least one second device. On the other hand, Moon did teach replicating a vault of the at least one first device to at least one second device (0051). Both of the systems of Smith and Moon are directed towards securing devices with encryption and therefore, it would have been obvious to a person having ordinary skill in the art, at the time of the effective filing of the invention, to modify the teachings of Smith, to utilize a replicated vault, as taught by Moon, in order to redundantly secure storage data. Claim(s) 67, 72, and 77 are rejected under 35 U.S.C. 103 as being unpatentable over Smith, in view of Thacker, in view of Moon, and in further view of DUCHESNEAU et al. (Pre-Grant Publication No. US 2009/0216910 A1), hereinafter Duch. 23. As for claims 67, 72, and 77, they are rejected on the same basis as claims 1, 23, and 45 (respectively). However, Smith did not explicitly state sending a client a time-based one-time password. On the other hand, Moon did teach sending a client a time-based one-time password (0022). Both of the systems of Smith and Moon are directed towards securing devices with encryption and therefore, it would have been obvious to a person having ordinary skill in the art, at the time of the effective filing of the invention, to modify the teachings of Smith, to utilize a one-time password, as taught by Moon, in order to more securely protect data access. However, Smith did not explicitly state the use of a port rotation seed; and synchronizing with the client regarding a port for communication with the at least one first device based on the TOTP port rotation seed. On the other hand, Duch did teach the use of a port rotation seed (1229); and synchronizing with the client regarding a port for communication with the at least one first device based on the TOTP port rotation seed (1229). Both of the systems of Smith and Duch are directed towards securing devices with encryption and therefore, it would have been obvious to a person having ordinary skill in the art, at the time of the effective filing of the invention, to modify the teachings of Smith, to utilize port rotation seeds, as taught by Duch, in order to better secure a device by providing further layers of verification that were contemporary to the time of the invention. Response to Arguments Applicant’s arguments with respect to the claim(s) have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. (a) Manithiramoorthy et al. (Pre-Grant Publication No. US 2018/0026872 A1), 0094. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOSEPH L GREENE whose telephone number is (571)270-3730. The examiner can normally be reached Monday - Thursday, 10:00am - 4:00pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Nicholas R. Taylor can be reached at 571 272-3889. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /JOSEPH L GREENE/Primary Examiner, Art Unit 2443
Read full office action

Prosecution Timeline

Mar 27, 2024
Application Filed
Jan 20, 2026
Non-Final Rejection mailed — §103
Apr 20, 2026
Response Filed
Jun 30, 2026
Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12682128
CONTROL SYSTEM WITH SECURITY MANAGEMENT DEVICE
3y 7m to grant Granted Jul 14, 2026
Patent 12659743
THIRD-PARTY CONTROL OF HEARING DEVICE, HEARING DEVICE AND RELATED METHODS
4y 0m to grant Granted Jun 16, 2026
Patent 12660134
VEHICULAR DRIVING ASSIST SYSTEM WITH INTEGRATED ADAS AND INFOTAINMENT CIRCUITRY
2y 9m to grant Granted Jun 16, 2026
Patent 12639799
FLIPPER APPARATUS AND OBJECT INSPECTION METHOD USING SAME
5y 5m to grant Granted May 26, 2026
Patent 12608503
SYSTEMS AND METHODS FOR SANITIZING SENSITIVE DATA AND PREVENTING DATA LEAKAGE USING ON-DEMAND ARTIFICIAL INTELLIGENCE MODELS
3y 6m to grant Granted Apr 21, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
63%
Grant Probability
99%
With Interview (+36.7%)
3y 12m (~1y 8m remaining)
Median Time to Grant
Moderate
PTA Risk
Based on 558 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month