ENCRYPTED FILE CONTROL

§103 §DP

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION This office action is in response to the application filed on or reply to the remarks of 10/28/2025. The instant application has claims 1-23 pending. The system, method and medium for decrypting an file sent by the client to server based on executable code and access keys. There a total of 23 claims. Response to Arguments Applicant’s arguments with respect to claim(s) 1-23 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Specification The title of the invention is not descriptive. A new title is required that is clearly indicative of the invention to which the claims are directed. The following title is suggested: The encrypted file being decrypted based on access information, file information, policies and access keys. Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13. The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer. Claim 1-23 rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-21 of U.S. Patent No.12061706. Although the claims at issue are not identical, they are not patentably distinct from each other because the instant claims are an broader version of claims of ‘706 patent, i.e. the instant claims are anticipated by ‘706 patent claims. US App #18770817 US Patent # 12061706 Comments 1. A method for data security at a server, comprising: receiving, by the server from an access client, an access request for a file at the access client to be accessed, that includes access information and file information; generating, by the server, an access package that includes one or more access keys and executable code that is usable by at the access client to access the file; and transmitting, by the server, the executable code to the access client to access the file using the one or more access keys. 1. A method for data security at an access client, comprising: identifying that a file is associated with the access client based at least in part on metadata associated with the file, wherein the file includes a payload encrypted using a first key of one or more access keys and one or more encrypted data packs that are encrypted using at least one second key of the one or more access keys; transmitting, to a server, an access request that includes access information and file information for the file to be accessed, wherein transmitting the access request comprises: transmitting, to the server, a decryption request and the file information, wherein the decryption request is transmitted to the server based at least in part on the file being associated with the access client; receiving, from the server based at least in part on transmitting the access request, an access package that includes executable code and the one or more access keys, wherein the executable code includes code that is used to decrypt the file; executing, by the access client, the executable code to access the file using the one or more access keys; and removing the access package from memory associated with the access client. The patent (US 12061706) anticipates claims (1-23) of instant application, because the patent claims (1-21, genus) teaches all the elements/features of the examined claim (a-b, sub-genus, e.g. has less of the same limitations than the patent). Claims of instant application are effectively a subset of the claims in the patent. Thus, the entire scope of the patent reference claim falls within the scope of the examined claim. Therefore, a patent to the instant applicant would improperly extend the right to exclude granted by a patent to the sub-genus should it issue after the genus (conflicting patent). Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under pre-AIA 35 U.S.C. 103(a) are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims 1-23 is/are rejected under 35 U.S.C. 103 as being unpatentable over US Patent 107798073 to Jahid in view of US Patent Pub 2016/0285835 to Linga and further in view of US Patent 8560785 to Malhotra. Regarding claim 1, 22-23, Jahid discloses A method for data security at a server, comprising: receiving, by the server from an access client, an access request for a file at the access client to be accessed, that includes access information and file information, for a file at the access client to be accessed (Fig. 4 item 410 & Abstract, the ticket issued for retrieving the key to be used for encryption/decryption & Col 11 LN 1-34, the data message and header includes information about the MAC address and files to be retrieved)); generating, by the server, an access package that includes one or more access keys and executable code that is usable by at the access client to access the file(Col 3 LN 54-13, the keys are associated with policies and rules for accessing the files). But Jahid does not disclose transmitting, by the server, the executable code to the access client to access the file using the one or more access keys. In the same field of endeavor as the claimed invention, Linga discloses transmitting, by the server, the executable code to the access client to access the file using the one or more access keys( Abstract & Fig. 13 item 1332 & Par. 0053 & Par. 0050-0051, the files are decrypted for the user). It would have been obvious to one of ordinary skill in the art before the effective filing date of claimed invention to modify Jahid invention to incorporate transmitting, by the server, the executable code to the access client to access the file using the one or more access keys for the advantage of the user’s to view the file based on policy as taught in Linga see Par. 0055. Jahid nor Linga discloses wherein the file includes a payload encrypted using a first key of one or more access keys and one or more encrypted data packs that are encrypted using at least one second key of the one or more access keys; the executable code being generated in association with the access request and operable with the one or more access keys to enforce one or more file access policies associated with the file, wherein the executable code is not pre-installed at the access client, and the use of one or more file access policies. In the same field of endeavor as the claimed invention, Malhotra discloses wherein the file includes a payload encrypted using a first key of one or more access keys and one or more encrypted data packs that are encrypted using at least one second key of the one or more access keys(Fig. 3 item 310, keys being associated with catalog & Col 7 ln 18-41, the metadata and image is encrypted with separate keys); the executable code being generated in association with the access request and operable with the one or more access keys to enforce one or more file access policies associated with the file, wherein the executable code is not pre-installed at the access client, and the use of one or more file access policies(Fig. 3 item 306, 314, the levels of access based on policies & Col 7 Ln 7-35 & Col 4 Ln 15-47, keys from backup management software). It would have been obvious to one of ordinary skill in the art before the effective filing date of claimed invention to modify Jahid invention to incorporate wherein the file includes a payload encrypted using a first key of one or more access keys and one or more encrypted data packs that are encrypted using at least one second key of the one or more access keys; the executable code being generated in association with the access request and operable with the one or more access keys to enforce one or more file access policies associated with the file, wherein the executable code is not pre-installed at the access client, and the use of one or more file access policies for the advantage of providing levels of access to file based on roles as taught in Malhotra see Col 4 Ln 27-48. Regarding claim 2. The combined method of Jahid, Linga and Malhotra, Jahid discloses the method of claim 1, wherein receiving the access request comprises: receiving, by the server, an encryption request and the file information(Fig. 3 item 350, 370, 373, the ticket includes keyID and other information for retrieval). Regarding claim 3. The combined method of Jahid, Linga and Malhotra, Jahid discloses the method of claim 2, wherein generating the access package comprises: generating the access package that includes a data pack comprising an indication of one or more file access policies associated with the file, wherein the data pack is encrypted with the file using the one or more access keys(Col 12 Ln 23-39, the keys are used based on tickets and rules for decryption) Regarding claim 4. The combined method of Jahid, Linga and Malhotra, Jahid discloses the method of claim 3, wherein the one or more file access policies include read access, write access, display constraints, or a combination thereof(Col 10 Ln 34-49, the decrypting based on rules). Regarding claim 5. The combined method of Jahid, Linga and Malhotra, Jahid discloses the method of claim 2, wherein generating the access package comprises: generating the access package that includes a data pack comprising an indication of ownership information associated with the file, wherein the data pack is encrypted with the file using the one or more access keys(Col 15 Ln 5-16, the keys retrieval ticket has authentication parameters) . Regarding claim 6. The combined method of Jahid, Linga and Malhotra, Jahid discloses the method of claim 2, wherein receiving the encryption request comprises: receiving, by the server, an indication of one or more file access policies associated the file(Fig. 2 item 210A-210C, the key policies). Regarding claim 7. The combined method of Jahid, Linga and Malhotra, Jahid discloses the method of claim 2, wherein the access client executes the executable code to generate an encrypted file by encrypting a payload and one or more data packs using the one or more access keys(Col 15 Ln 5-16, the keys retrieval ticket) . Regarding claim 8. The combined method of Jahid, Linga and Malhotra, Jahid discloses the method of claim 7, wherein encrypting the one or more data packs comprises: encrypting the one or more data packs that include an indication of one or more file access policies, file ownership information, a file access audit log, or a combination thereof(Fig. 6 item 650, 615, the decryption based on policies). Regarding claim 9. The combined method of Jahid, Linga and Malhotra,Linga discloses the method of claim 1, wherein generating the access request comprises: generating, by the server, a decryption request and the file information, wherein the executable code includes code that is used to decrypt the file(Abstract & Fig. 13 item 1332 & Par. 0053 & Par. 0050-0051, the files are decrypted for the user). Regarding claim 10. The combined method of Jahid, Linga and Malhotra, Jahid discloses the method of claim 9, wherein generating the access package comprises: generating the access package that includes a data pack comprising one or more updated file access policies(Fig. 6 item 650, 615, the decryption based on policies). Regarding claim 11. The combined method of Jahid, Linga and Malhotra,Linga discloses the method of claim 9, wherein the access client identifies validation information that includes access client information, computer information, device information, geolocation information, an authentication token, or a combination thereof, wherein the decryption request includes an indication of the validation information(Par. 0047, the user ‘s location is added to metadata & Par. 0072). Regarding claim 12. The combined method of Jahid, Linga and Malhotra, Jahid discloses the method of claim 9, wherein the access client identifies that the file is associated with the access client based at least in part on metadata associated with the file, wherein the file includes a payload encrypted using a first key of the one or more access keys and one or more encrypted data packs that are encrypted using at least one second key of the one or more access keys, wherein the decryption request is transmitted to the server based at least in part on the file being associated with the access client(Col 4 LN 14-41, the keys are used). Regarding claim 13. The combined method of Jahid, Linga and Malhotra, Jahid discloses the method of claim 9, wherein the access client executes the executable code to decrypting the file using the one or more access keys(Col 8 LN 9-29, the keys are associated the file is used to decrypt). Regarding claim 14. The combined method of Jahid, Linga and Malhotra, Jahid discloses the method of claim 13, wherein the access client displays a payload of the file according to one or more access policies associated with the file(Col 10 Ln 34-49, the decrypting based on rules). . Regarding claim 15. The combined method of Jahid, Linga and Malhotra, Jahid discloses the method of claim 14, wherein the one or more access policies include read access, write access, display constraints, or a combination thereof(Col 10 Ln 34-49, the decrypting based on rules). . Regarding claim 16. The combined method of Jahid, Linga and Malhotra, Jahid discloses the method of claim 14, wherein the one or more access policies are included in a data pack that was decrypted with the file using the one or more access keys(Abstract & Fig. 3 item 350, the KeyID for decryption) Regarding claim 17. The combined method of Jahid, Linga and Malhotra, Linga discloses the method of claim 13, further comprising: updating a file access audit log to include device information associated with the access client, user information, geographic location information, or a combination thereof. (Par. 0047, the user ‘s location is added to metadata & Par. 0072). Regarding claim 18. The combined method of Jahid, Linga and Malhotra, Jahid discloses the method of claim 13, further comprising: identifying, based at least in part on decrypting the file, a payload and one or more data packs in the file, wherein the one or more data packs include an indication of one or more file access policies, ownership information, a file access audit log, or a combination thereof Fig. 6 item 650, 615, the decryption based on policies). Regarding claim 19. The combined method of Jahid, Linga and Malhotra, Jahid discloses the method of claim 1, further comprising: instantiating, in the memory associated with the access client and based at least in part on executing the executable code, an access object that is used to decrypt or encrypt the file, wherein the access object is removed from the memory associated with the access client after decryption or encryption of the file(Abstract & Fig. 3 item 350, the KeyID for decryption) . Regarding claim 20. The combined method of Jahid, Linga and Malhotra,Linga discloses the method of claim 1, further comprising: receiving, by the server, a decryption request and the file information, wherein the executable code includes code that is used to overwrite contents of the file(Fig. 2A item 228, 229 & Par. 0050-0051, the decryption based on code) Regarding claim 21. The combined method of Jahid, Linga and Malhotra, Linga discloses the method of claim 1, wherein receiving the access request comprises: receiving the access request that includes the access information comprising a geographical location of a user device executing the access client, device information associated with the user device, network information associated with the user device, an authentication token associated with the access client, or a combination thereof(Par. 0047, the user ‘s location is added to metadata & Par. 0072). . Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Venkat Perungavoor whose telephone number is (571)272-7213. The examiner can normally be reached 9-5. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rupal Dharia can be reached on 571-272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /VENKAT PERUNGAVOOR/Primary Examiner, Art Unit 2492 Email: venkatanarayan.perungavoor@uspto.gov