DETAILED ACTION
Claims 1-18, 24-25, 37-38, and 45 are presented for examination. Claims 19-23, 26-36, 39-44, and 46-54 have been canceled.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Allowable Subject Matter
Claim 6-8, 10, 16-17, and 37 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Information Disclosure Statement
The Information Disclosure Statement(s) submitted by applicant on 06/26/2024 has/have been considered. The submission is in compliance with the provisions of 37 CFR § 1.97. Form PTO-1449 signed and attached hereto.
CLAIM INTERPRETATION
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.
The following is a quotation of pre-AIA 35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.
The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art. The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is invoked.
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph:
(A) the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function;
(B) the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and
(C) the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function.
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function.
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function.
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. Such claim limitation(s) is/are: for example, “an identification token issue unit configured to issue an identification token”,” a cipher key generation unit configured to generate”, “a cipher key first processing unit configured to..”; a verification unit configured to; a key registration unit; “a key disclosure unit ..”; “a first identification token storage unit” ; “a data encryption unit;” in claims 1-18,24 and 37,”. The few examples above illustrates the various instances of the phrase “unit configure to..” in claim 1 lack sufficient structure. Please amend claim 1 and all of its dependent claims.
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, applicant may: (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1-18, 24 and 37 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA the applicant regards as the invention.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. Such claim limitation(s) are: “an identification token issue unit configured to issue an identification token”,” a cipher key generation unit configured to generate”, “a cipher key first processing unit configured to..”; a verification unit configured to; a key registration unit; “a key disclosure unit ..”; “a first identification token storage unit” ; “a data encryption unit;” in claim 1. The few examples above illustrates the various instances of the phrase “unit configure to..” in claim 1 lacks sufficient structure. Please amend claim 1 and all of its dependent claims 2-18, 24, and 37.
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, applicant may: (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph.
Claims limitation an identification token issue unit configured to issue an identification token”,” a cipher key generation unit configured to generate”, “a cipher key first processing unit configured to..”; a verification unit configured to; a key registration unit; “a key disclosure unit ..”; “a first identification token storage unit” ; “a data encryption unit;” in claims 1-18, 24 and 37,”. The few examples above illustrates the various instances of the phrase “unit configure to..” in claim 1 lack sufficient structure. Please amend claim 1 and all of its dependent claims.
invokes 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. Therefore, the claim is indefinite and is rejected under 35 U.S.C. 112(b) or pre-AIA 35 U.S.C. 112, second paragraph.
Claims 2-18, 24, and 37 do not cure the deficiency of claim 14 and are rejected under 35 USC 112, 2nd paragraph, for their dependency upon claim 14.
Applicant may:
(a) Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph;
(b) Amend the written description of the specification such that it expressly recites what structure, material, or acts perform the entire claimed function, without introducing any new matter (35 U.S.C. 132(a)); or
(c) Amend the written description of the specification such that it clearly links the structure, material, or acts disclosed therein to the function recited in the claim, without introducing any new matter (35 U.S.C. 132(a)).
If applicant is of the opinion that the written description of the specification already implicitly or inherently discloses the corresponding structure, material, or acts and clearly links them to the function so that one of ordinary skill in the art would recognize what structure, material, or acts perform the claimed function, applicant should clarify the record by either:
(a) Amending the written description of the specification such that it expressly recites the corresponding structure, material, or acts for performing the claimed function and clearly links or associates the structure, material, or acts to the claimed function, without introducing any new matter (35 U.S.C. 132(a)); or
(b) Stating on the record what the corresponding structure, material, or acts, which are implicitly or inherently set forth in the written description of the specification, perform the claimed function. For more information, see 37 CFR 1.75(d) and MPEP §§ 608.01(o) and 2181.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-5, 9, 11-15,18, 24-25, 38, and 45 are rejected under 35 U.S.C. 103 as being unpatentable over Shablygin et al. (US Patent Application No. 20130208893) (Hereinafter Shablygin) in view of Mohammad et al. (US Patent Application No. 20200007530) (Hereinafter Mohammad).
As per claim 1, Shablygin discloses a key sharing system including one or more key sharing servers, one or more first client terminals each having functions of key registration and data output, and one or more second client terminals each having a function of reading data output by the first client terminal, the key sharing system comprising:
an identification token issue unit configured to issue an identification token indicating “authenticated” to the first client terminal and the second client terminal (fig 2A, 10, para 112, hardware identification token to authenticate particular user device);
a cipher key generation unit configured to generate a pair of a cipher key for data encryption and a cipher key for data decryption (fig 2A, 10, para 123, ciphered (e.g., encrypted) by secret keys, which become known as a result of user authentication. In addition, data containers may be ciphered (e.g., encrypted) by the service provider secret keys, para 133, the token for decryption and return to the user terminal.);
a cipher key first processing unit configured to perform or not perform certain processing on each of the cipher key for data encryption and the cipher key for data decryption generated by the cipher key generation unit, to thereby generate a cipher key for data encryption after first processing and a cipher key for data decryption after first processing (fig 2A, 10, para 123, ciphered (e.g., encrypted) by secret keys, which become known as a result of user authentication. In addition, data containers may be ciphered (e.g., encrypted) by the service provider secret keys, para 133, the token for decryption and return to the user terminal.), respectively;
a verification unit configured to verify an identification token transmitted from the first client terminal (fig 2A, 10, para 275, Upon verification);
a key registration unit configured to cause the cipher key generation unit and the cipher key first processing unit to operate only when the verification unit confirms that the identification token is correct, to store key disclosure permission information designating a disclosure permissible range of the cipher key for data decryption after first processing transmitted from the first client terminal and the cipher key for data decryption after first processing generated by the cipher key first processing unit, in a record in a database included in a corresponding one of the key sharing servers and also transmit key identification information for identifying the record and the cipher key for data encryption after first processing generated by the cipher key first processing unit, to the first client terminal (fig 2A, 10, para 3, sharing data stored in a secure data store. Data stored in a secure data store is shared between multiple users while preserving the integrity of each user's private encryption keys); and
a key disclosure unit configured to acquire the key identification information and the identification token included in key inquiry information from the second client terminal, acquire the encryption for data decryption after first processing and the key disclosure permission information from a record in the database included in one of the key sharing servers, the record corresponding to the key identification information acquired, acquire information of a user corresponding to the identification token acquired, and transmit, only when the user is confirmed to be included in the disclosure permissible range indicated by the key disclosure permission information acquired, the cipher key for data decryption after first processing acquired, to the second client terminal (fig 2A, 10, para 374, decrypts the encrypted file encryption key using the user data encryption key stored in a token).
Shablygin does not explicitly disclose cipher key generation, Key storage. Mohammad discloses cipher key generation (para 204, generates an asymmetric key pair), Key storage (para 204, a public key and a private key, stores the private key in a secure enclave), identity token (para 123, used to generate either a client identity propagation token).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Shablygin and Mohammad. The motivation would have been to build the network that provide endpoint security solutions (both hardware and software based). The Examiner notes that this motivation applies to all dependent and/or otherwise subsequently addressed claims.
As per claim 2, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Shablygin discloses wherein the cipher key first processing unit is configured to generate the cipher key for data encryption after first processing and the cipher key for data decryption after first processing by using the cipher key for data encryption and the cipher key for data decryption generated by the cipher key generation unit without change (fig 2A, 10, para 75, the token generates a unique file encryption key which the secure data storage application uses to encrypt the file,…decrypts the data).
As per claim 3, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Shablygin discloses wherein the first client terminal includes
a first identification token storage unit configured to store the identification token issued by the identification token issue unit (para 112, hardware identification token to authenticate particular user device),
a key disclosure permission information input unit configured to input the key disclosure permission information (para 364, a set of permissions for each user describing how they may access the file, and an encrypted file encryption key, which is the file encryption key encrypted),
a first information transmission and/or reception unit configured to transmit the identification token stored by the first identification token storage unit and the key disclosure permission information input to the key disclosure permission information input unit, respectively to the verification unit and the key registration unit, and receive the key identification information replied by the key registration unit in response to the transmission (para 188, assembles the data container and sends the data container to the service provider front end 205. The service provider front end 205 receives the data container),
a data encryption unit configured to, in response to an input of encryption target data, use the cipher key for data encryption after first processing output by the cipher key first processing unit to encrypt the encryption target data, and output encrypted data obtained as a result of the encryption (para 188-189, The data is preferably encrypted using a session key), and
a data creation unit configured to output the data including the password identification information received by the first information transmission and/or reception unit and the encrypted data output by the data encryption unit (fig 2A, 10, para 132, encryption key is optional and used in some applications where data may (and preferably is) encoded/decoded by the token. For example, a user could use the A&DDSM system for password storage).
Mohammad discloses password/account provisioning (para 35, may require multiple passwords, different password policies, different account provisioning).
As per claim 4, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Shablygin discloses wherein the second client terminal includes
a second identification token storage unit configured to store the identification token issued by the identification token issue unit (fig 8A, para 52, The token can be a USB dongle or NFC-capable SmartCard.)
an encrypted data acquisition unit configured to acquire the key identification information and the encrypted data from the data read (para 57, data can be encrypted by an algorithm and/or cryptographic key known only to the party using, for example, one or more of the encryption methods described herein. Also described herein are systems and methods for encryption and decryption of data using algorithms and/or cryptographic keys known only to the party(s) that created the data),
a second information transmission and/or reception unit configured to transmit, as the key inquiry information, the key identification information acquired by the encrypted data acquisition unit and the identification token stored by the second identification token storage unit, to the key disclosure unit, and receive the cipher key for data decryption after first processing replied by the key disclosure unit in response to the transmission (para 6, sending the file encryption key, fig 19, user interface for token activation, para 52, a token that is unique and registered with the authentication system),
a cipher key second processing unit configured to generate a cipher key for data decryption after second processing by using the cipher key for data decryption after first processing received by the second information transmission and/or reception unit, without change (para 112, terminal/token interface) and
a data decryption unit configured to use the cipher key for data decryption after second processing generated by the cipher key second processing unit, to execute decryption processing on the encrypted data acquired by the encrypted data acquisition unit (fig 2A, 10, para 123, data containers are ciphered (e.g., encrypted) by secret keys, which become known as a result of user authentication. In addition, data containers may be ciphered (e.g., encrypted) by the service provider secret keys.).
As per claim 5, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Shablygin discloses further comprising a password provision unit configured to provide the password to the cipher key first processing unit (para 123, data containers are ciphered (e.g., encrypted) by secret keys, which become known as a result of user authentication. In addition, data containers may be ciphered (e.g., encrypted) by the service provider secret keys.),
wherein the cipher key first processing unit is configured to perform first processing on at least one of the cipher key for data decryption and the cipher key for data encryption generated by the cipher key generation unit, based on the password received from the password provision unit, to thereby generate the cipher key for data decryption after first processing and the cipher key for data encryption after first processing by using a cipher key for data decryption and a cipher key for data encryption subjected to or not subjected to the first processing (fig 2A, 10, para 123, data containers are ciphered (e.g., encrypted) by secret keys, which become known as a result of user authentication. In addition, data containers may be ciphered (e.g., encrypted) by the service provider secret keys.).
Mohammad discloses password/account provisioning (para 35, may require multiple passwords, different password policies, different account provisioning).
As per claim 9, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Shablygin discloses further comprising in a server, a password provision unit configured to provide the password to the cipher key first processing unit, wherein the cipher key generation unit and the cipher key first processing unit are included in the first client terminal, the server including the password provision unit is configured to transmit the password provided by the password provision unit, to the first client terminal including the cipher key first processing unit, and the first client terminal including the cipher key first processing unit is configured to transmit the cipher key for data decryption after first processing generated by the cipher key first processing unit, to a server including the key registration unit (fig 2A, 10, para 123, data containers are ciphered (e.g., encrypted) by secret keys, which become known as a result of user authentication. In addition, data containers may be ciphered (e.g., encrypted) by the service provider secret keys.).
Mohammad discloses password/account provisioning (para 35, may require multiple passwords, different password policies, different account provisioning).
As per claim 11, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Shablygin discloses further comprising in a server, a password provision unit configured to provide the password to the cipher key first processing unit, wherein the cipher key generation unit is included in the first client terminal, the cipher key first processing unit is included together in the server or in a server different from the server in a distributed manner, the first client terminal is configured to transmit the cipher key for data decryption or the cipher key for data encryption generated by the cipher key generation unit, to the server including the cipher key first processing unit, the server including the password provision unit is configured to transmit the password provided by the password provision unit, to the server including the cipher key first processing unit (para 123, data containers are ciphered (e.g., encrypted) by secret keys, which become known as a result of user authentication. In addition, data containers may be ciphered (e.g., encrypted) by the service provider secret keys.), and the server including the cipher key first processing unit is configured to transmit the cipher key for data decryption after first processing or the cipher key for data encryption after first processing generated by the cipher key first processing unit, to a corresponding one of a server including the key registration unit and the first client terminal (fig 2A, 10, para 123, data containers are ciphered (e.g., encrypted) by secret keys, which become known as a result of user authentication. In addition, data containers may be ciphered (e.g., encrypted) by the service provider secret keys.).
Mohammad discloses password/account provisioning (para 35, may require multiple passwords, different password policies, different account provisioning).
As per claim 12, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Shablygin discloses further comprising in the first client terminal, a password provision unit configured to provide the password to the cipher key first processing unit, wherein the cipher key generation unit and the cipher key first processing unit are included together in one server or in one or more servers in a distributed manner, the first client terminal is configured to transmit the password provided by the password provision unit, to the server including the cipher key first processing unit, the server including the cipher key generation unit is configured to transmit the cipher key for data decryption or the cipher key for data encryption generated by the cipher key generation unit, to the server including the cipher key first processing unit, and the server including the cipher key first processing unit is configured to transmit the cipher key for data decryption after first processing or the cipher key for data encryption after first processing generated by the cipher key first processing unit, to a corresponding one of a server including the key registration unit and the first client terminal (fig 2A, 10, para 123, data containers are ciphered (e.g., encrypted) by secret keys, which become known as a result of user authentication. In addition, data containers may be ciphered (e.g., encrypted) by the service provider secret keys.).
Mohammad discloses password/account provisioning (fig 2A, 10, para 35, may require multiple passwords, different password policies, different account provisioning).
As per claim 13, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Shablygin discloses further comprising in the first client terminal, a password provision unit configured to provide the password to the cipher key first processing unit, wherein the cipher key first processing unit is included in the first client terminal, the cipher key generation unit is included in a server, the server including the cipher key generation unit is configured to transmit the cipher key for data encryption or the cipher key for data decryption generated by the cipher key generation unit, to the first client terminal including the cipher key first processing unit, and the first client terminal including the cipher key first processing unit is configured to transmit the cipher key for data decryption after first processing generated by the cipher key first processing unit, to a server including the key registration unit (fig 2A, 10, para 176, whether this token ID is registered in the system and is active (i.e., not blocked or deactivated) and (ii) the cipher keys associated with the token).
Mohammad discloses password/account provisioning (para 35, may require multiple passwords, different password policies, different account provisioning).
As per claim 14, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Shablygin discloses further comprising in a server, a password provision unit configured to provide the password to the cipher key first processing unit, wherein the cipher key generation unit is included together in the server or in a server different from the server in a distributed manner, the cipher key first processing unit is included in the first client terminal, the server including the password provision unit is configured to transmit the password provided by the password provision unit, to the first client terminal including the cipher key first processing unit, the server including the cipher key generation unit is configured to transmit the cipher key for data encryption or the cipher key for data decryption generated by the cipher key generation unit, to the first client terminal including the cipher key first processing unit, and the first client terminal including the cipher key first processing unit is configured to transmit the cipher key for data decryption after first processing generated by the cipher key first processing unit, to a server including the key registration unit (fig 2A, 10, para 176, whether this token ID is registered in the system and is active (i.e., not blocked or deactivated) and (ii) the cipher keys associated with the token).
Mohammad discloses password/account provisioning (para 35, may require multiple passwords, different password policies, different account provisioning).
As per claim 15, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Shablygin discloses further comprising in a server, a password provision unit configured to provide the password to the cipher key first processing unit, wherein the cipher key generation unit and the cipher key first processing unit are included together in the server or in one or more servers different from the server together or in a distributed manner, the server including the password provision unit is configured to transmit the password provided by the password provision unit, to the server including the cipher key first processing unit, the server including the cipher key generation unit is configured to transmit the cipher key for data encryption or the cipher key for data decryption generated by the cipher key generation unit, to the server including the cipher key first processing unit, and the server including the cipher key first processing unit is configured to transmit the cipher key for data decryption after first processing or the cipher key for data encryption after first processing generated by the cipher key first processing unit, respectively to a server including the key registration unit or the first client terminal (fig 2A, 10, para 176, whether this token ID is registered in the system and is active (i.e., not blocked or deactivated) and (ii) the cipher keys associated with the token).
Mohammad discloses password/account provisioning (para 35, may require multiple passwords, different password policies, different account provisioning).
As per claim 18, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Shablygin discloses wherein the verification unit, the key registration unit, and the key disclosure unit are included in the key sharing server (fig 2A, 10, para 176, whether this token ID is registered in the system and is active (i.e., not blocked or deactivated) and (ii) the cipher keys associated with the token).
As per claim 24, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Shablygin discloses wherein the key disclosure unit is configured to receive a first key owner identifier together with the identification token and the key identification information from the second client terminal, acquire a second key owner identifier together with the cipher key for data decryption after first processing, from a record in the database, the record corresponding to the key identification information acquired, and transmit, only when the first key owner identifier and the second key owner identifier match, the cipher key for data decryption after first processing acquired, to the second client terminal (fig 2A, 10, para 176, whether this token ID is registered in the system and is active (i.e., not blocked or deactivated) and (ii) the cipher keys associated with the token).
As per claim 25, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Shablygin discloses wherein at least one of the cipher key for data encryption after first processing and the cipher key for data decryption after first processing is substitutable with cipher key generation source information corresponding to data serving as a source for generating a cipher key (fig 2A, 10, para 176, whether this token ID is registered in the system and is active (i.e., not blocked or deactivated) and (ii) the cipher keys associated with the token).
Claims 38 and 45, claims are rejected for the same reasons and motivations as claim 1, above.
Conclusion
Please see the attached PTO-892 for the prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMAD A SIDDIQI whose telephone number is (571)272-3976. The examiner can normally be reached Monday-Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl G Colin can be reached at 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MOHAMMAD A SIDDIQI/Primary Examiner, Art Unit 2493