DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections – 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.
Claims 1, 9, 10 recite in part process steps which, under the broadest reasonable interpretation, are a series of mental processes including an observation, evaluation, judgment or opinion that could be performed in the human mind or with the aid of pencil and paper. If a claim, under its broadest reasonable interpretation, covers a mental process or a mathematical concept but for the recitation of generic computer components, then it falls within the "Mental Process" grouping of abstract ideas. The claims recite in part:
a key issuance apparatus that generates and issues an encryption key;
a distribution apparatus comprising: at least a processor; and a memory in circuit communication with the processor, wherein the processor is configured to execute program instructions stored in the memory to implement:
a share data generation part that electronically divides the encryption key into share data using a secret sharing scheme,
a transmission destination verification part that verifies validity of a transmission destination in transmitting the share data, and
a share data transmission part that transmits the share data to the transmission destination, when a verification result obtained by the transmission destination verification part is valid; and a decryption apparatus comprising: at least a processor; and a memory in circuit communication with the processor, wherein the processor is configured to execute program instructions stored in the memory to implement:
a transmission source verification part that verifies validity of a transmission source, in receiving the share data,
a share data reception part that receives the share data from the transmission source when a verification result obtained by the transmission source verification part is valid, and a decryption part that decrypts the encryption key using the share data received, as an input value.
Therefore, claims 1-20 recite an abstract idea.
This judicial exception is not integrated into a practical application. In particular, the claim recites – at least a processor; and a memory in circuit communication with the processor…. The processor is recited at a high-level of generality, such that it amounts no more than mere instructions to apply the exception using a generic computer component. As described in MPEP 2106.0S(g), limitations that amount to merely adding insignificant extra-solution activity to a judicial exception cannot integrate a judicial exception into a practical application. Accordingly, this additional element does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. Therefore, claims 1-20 are directed to a judicial exception.
Claims 1-20 do not include additional elements that are sufficient to amount to significantly more than the judicial exception. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. Claims 1-20 are not patent eligible.
Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.
The following is a quotation of pre-AIA 35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.
This application includes one or more claim limitations that do not use the word “means” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. Such claim limitation(s) are: (…a key issuance apparatus that generates and issues…; a share data generation part that electronically divides…; a transmission destination verification part that verifies…; a share data transmission part that transmits…; and a transmission source verification part that verifies…; a share data reception part that receives…, and a decryption part that decrypts…) in claims 1-5, 11-12. Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof. If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, applicant may: (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph.
Claims 1-5, 11-12 limitations “part that divides/transmits/verifies/decrypts…” invokes 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. There is no support for the structure that performs the function in the claim in the specification. Therefore, the claims are indefinite and is rejected under 35 U.S.C. 112(b) or pre-AIA 35 U.S.C. 112, second paragraph.
Applicant may:
(a) Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph;
(b) Amend the written description of the specification such that it expressly recites what structure, material, or acts perform the entire claimed function, without introducing any new matter (35 U.S.C. 132(a)); or
(c) Amend the written description of the specification such that it clearly links the structure, material, or acts disclosed therein to the function recited in the claim, without introducing any new matter (35 U.S.C. 132(a)).
If applicant is of the opinion that the written description of the specification already implicitly or inherently discloses the corresponding structure, material, or acts and clearly links them to the function so that one of ordinary skill in the art would recognize what structure, material, or acts perform the claimed function, applicant should clarify the record by either:
(a) Amending the written description of the specification such that it expressly recites the corresponding structure, material, or acts for performing the claimed function and clearly links or associates the structure, material, or acts to the claimed function, without introducing any new matter (35 U.S.C. 132(a)); or
(b) Stating on the record what the corresponding structure, material, or acts, which are implicitly or inherently set forth in the written description of the specification, perform the claimed function. For more information, see 37 CFR 1.75(d) and MPEP §§ 608.01(o) and 2181.
Examiner’s note
Claims 2, 3, 11-14 (claims 3, 11-14 are dependent on claim 2), 6, 7, 8, 17 (claims 7, 8, 17 are dependent on claim 6), 15, 16, 18, 19 (claim 19 is dependent on claim 18) are not rejected under prior art(s).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 4, 5, 9, 10, 20 are rejected under 35 U.S.C. 103 as being unpatentable over Matsubara et al (JP2014116870) (from Applicant’s IDS) in view of Toh et al (Pub. No. US 2002/0004902).
As per claim 1, Matsubara discloses a key delivery system, comprising: a key issuance apparatus that generates and issues an encryption key (…a device authentication key generation unit (interpreted as key issuance apparatus) that generates a device authentication key (interpreted as encryption key) …see par. 24); a distribution apparatus comprising: at least a processor; and a memory in circuit communication with the processor, wherein the processor is configured to execute program instructions stored in the memory (see the server 110, par. 28) to implement: a share data generation part that electronically divides the encryption key into share data using a secret sharing scheme (…a shared information generation unit (interpreted as share data generation part) that generates shared information obtained by dividing the device authentication key…the key distribution system is characterized in that, in a secret sharing algorithm…see par. 11, 24); a decryption apparatus comprising: at least a processor; and a memory in circuit communication with the processor, wherein the processor is configured to execute program instructions stored in the memory (…the client device (interpreted as a decryption apparatus) has a secret function generation unit that generates a secret function to be used for distributing the device authentication key, a secret information recovery unit that recovers the device authentication key…see par. 26, 30) to implement: a decryption part that decrypts the encryption key using the share data received, as an input value (…a secret information recovery unit (interpreted as decryption part) that recovers the device authentication key, which is secret information, from the shared information…see par. 26). Matsubara discloses when the server and the client device communicate with each other, it is assumed that they have already confirmed in advance (mutual authentication) that they are communicating with the correct device but does not explicitly disclose a transmission destination verification part that verifies validity of a transmission destination in transmitting the share data, and a share data transmission part that transmits the share data to the transmission destination, when a verification result obtained by the transmission destination verification part is valid; and a transmission source verification part that verifies validity of a transmission source, in receiving the share data, a share data reception part that receives the share data from the transmission source when a verification result obtained by the transmission source verification part is valid. However Toh discloses a transmission destination verification part that verifies validity of a transmission destination in transmitting the share data, and a share data transmission part that transmits the share data to the transmission destination, when a verification result obtained by the transmission destination verification part is valid; and a transmission source verification part that verifies validity of a transmission source, in receiving the share data, a share data reception part that receives the share data from the transmission source when a verification result obtained by the transmission source verification part is valid (…an operations center (OC) acts as a central key manager and intermediary in securely delivering document from a sender to a recipient…the OC acts as a key manager to facilitate the process of strong authentication of the sender and the recipient…see abst…the OC uses the recipient's public key…to authenticate the recipient and to establish a secure connection between the recipient and the OC…the OC then transmits the delivery of the document…see par. 14-15…a sending system facilitates the secure and reliable transmission of an electronic document using the OC…see par. 52…after the mutual strong authentication, a secure connection is established between the sender and OC…see par. 60-64…the OC receives the document delivery from the sending system via the first secure connection…the OC notifies the recipient that a delivery has been addressed to the recipient …The OC's messaging module transmits the delivery from the OC's storage area to the receiving system via the secure connection…see par. 68-70). Therefore one ordinary skill in the art would have found it obvious before the effective filling date of the claimed invention to use Toh in Matsubara for including the above limitations because one ordinary skill in the art would recognize it would further improve delivery services by providing integrated key management so that reliable delivery and end to end security can be achieved…see Toh, par. 12-13.
As per claim 9, Matsubara discloses a key delivery method, comprising: generating and issuing an encryption key (…a device authentication key generation unit (interpreted as key issuance apparatus) that generates a device authentication key (interpreted as encryption key) …see par. 24); electronically dividing the encryption key into a plurality of share data using a secret sharing scheme (…a shared information generation unit that generates shared information (shared information is interpreted as plurality of share data) obtained by dividing the device authentication key…the key distribution system is characterized in that, in a secret sharing algorithm…see par. 11, 24); and decrypting the encryption key using the plurality of share data as an input value (…a secret information recovery unit (interpreted as decryption part) that recovers the device authentication key, which is secret information, from the shared information…see par. 26). Matsubara discloses when the server and the client device communicate with each other, it is assumed that they have already confirmed in advance (mutual authentication) that they are communicating with the correct device but does not explicitly disclose verifying validity of both of a delivery source and a delivery destination by executing mutual verification on both of the delivery source and the delivery destination in delivering the plurality of share data; delivering the plurality of share data. However Toh discloses verifying validity of both of a delivery source and a delivery destination by executing mutual verification on both of the delivery source and the delivery destination in delivering the plurality of share data; delivering the plurality of share data (…fig.3: an operations center (OC) (element 200) acts as a central key manager and intermediary in securely delivering document and/or other data (interpreted as the plurality of share data; also par. 83 cites the delivery includes at least the document but could also include additional data) from a sender (element 100) to recipient (element 300)…the OC acts as a key manager to facilitate the process of strong authentication of the sender and the recipient…the OC uses the recipient's public key…to authenticate the recipient and to establish a secure connection between the recipient and the OC…the OC then transmits the delivery of the document…see par. 15…a sending system facilitates the secure and reliable transmission of electronic document using the OC…see par. 52…after the mutual strong authentication, a secure connection is established between the sender and OC…see par. 60-64…the OC receives the document delivery from the sending system via the first secure connection…the OC notifies the recipient that a delivery has been addressed to the recipient …The OC's messaging module transmits the delivery from the OC's storage area to the receiving system via the secure connection…see par. 68-70). Therefore one ordinary skill in the art would have found it obvious before the effective filling date of the claimed invention to use Toh in Matsubara for including the above limitations because one ordinary skill in the art would recognize it would further improve delivery services by providing integrated key management so that reliable delivery and end to end security can be achieved…see Toh, par. 12-13.
As per claim 10, Matsubara discloses a non-transitory computer-readable medium storing a program, causing a computer to execute: a process for generating and issuing an encryption key (…a device authentication key generation unit that generates a device authentication key (interpreted as encryption key) …see par. 24); a process for electronically dividing the encryption key into a plurality of share data using a secret sharing scheme (…a shared information generation unit that generates shared information (shared information is interpreted as plurality of share data) obtained by dividing the device authentication key…the key distribution system is characterized in that, in a secret sharing algorithm…see par. 11, 24); a process for decrypting the encryption key using the plurality of share data as an input value (…a secret information recovery unit (interpreted as decryption part) that recovers the device authentication key, which is secret information, from the shared information…see par. 26). Matsubara discloses when the server and the client device communicate with each other, it is assumed that they have already confirmed in advance (mutual authentication) that they are communicating with the correct device but does not explicitly disclose a process for verifying validity of both of a delivery source and a delivery destination by executing mutual verification on both of the delivery source and the delivery destination in delivering the plurality of share data; a process for delivering the plurality of share data. However Toh discloses a process for verifying validity of both of a delivery source and a delivery destination by executing mutual verification on both of the delivery source and the delivery destination in delivering the plurality of share data; a process for delivering the plurality of share data (…fig.3: an operations center (OC) (element 200) acts as a central key manager and intermediary in securely delivering document and/or other data (interpreted as the plurality of share data; also par. 83 cites the delivery includes at least the document but could also include additional data) from a sender (element 100) to recipient (element 300)…the OC acts as a key manager to facilitate the process of strong authentication of the sender and the recipient…the OC uses the recipient's public key…to authenticate the recipient and to establish a secure connection between the recipient and the OC…the OC then transmits the delivery of the document…see par. 15…a sending system facilitates the secure and reliable transmission of electronic document using the OC…see par. 52…after the mutual strong authentication, a secure connection is established between the sender and OC…see par. 60-64…the OC receives the document delivery from the sending system via the first secure connection…the OC notifies the recipient that a delivery has been addressed to the recipient …The OC's messaging module transmits the delivery from the OC's storage area to the receiving system via the secure connection…see par. 68-70). Therefore one ordinary skill in the art would have found it obvious before the effective filling date of the claimed invention to use Toh in Matsubara for including the above limitations because one ordinary skill in the art would recognize it would further improve delivery services by providing integrated key management so that reliable delivery and end to end security can be achieved…see Toh, par. 12-13.
As per claim 4, the combination of Matsubara and Toh discloses wherein when the transmission destination verification part in the distribution apparatus verifies validity of the transmission destination and the transmission source verification part in the decryption apparatus verifies validity of the transmission source, the transmission destination verification part and the transmission source verification part verify both of the transmission source and the transmission destination have secret sharing capabilities and have a verification key previously distributed using data presented for verification (Toh: see 67, 74). The motivation for claim 4 is the same motivation as in claim 1 above.
As per claim 5, the combination of Matsubara and Toh discloses wherein each of the transmission destination verification part in the distribution apparatus and the transmission source verification part in the decryption apparatus creates a response to one-time message created each of the transmission source and the transmission destination, respectively, and verifies respective validity of both the transmission source and the transmission destination, based on the secret sharing scheme (Toh: see par. 68-70). The motivation for claim 5 is the same motivation as in claim 1 above.
As per claim 20, the combination of Matsubara and Toh discloses wherein: when verifying validity of both of a delivery source and a delivery destination, verifying both of the delivery source and the delivery destination have secret sharing capabilities and have a verification key previously distributed using data presented for verification (Toh: see par. 64-67). The motivation for claim 20 is the same motivation as in claim 9 above.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure (see PTO-form 892).
The following Patents and Papers are cited to further show the state of the art at the time of Applicant’s invention with respect to key delivery system.
Vakili et al (Pub. No. US 2019/0342080); “Systems, Devices, and Methods for Hybrid Secret Sharing”;
-Teaches a hybrid secret sharing technique performed by a decryption computing device to reconstruct the secret message…see par. 38.
Cartagena et al (Pat. No. US 11799633); “Enabling Using External Tenant Master Keys”;
-Teaches executing application data comprises data obtained or used in connection with executing an application such as an application executing on a tenant…col.16 line 67-col.17 line 3.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GHAZAL B SHEHNI whose telephone number is (571)270-7479. The examiner can normally be reached Mon-Fri 9am-5pm PCT.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Philip Chea can be reached at 5712723951. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/GHAZAL B SHEHNI/Primary Examiner, Art Unit 2499