Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
1. This action is responsive to: an original application filed on 28 October 2024.
2. Claims 1-20 are currently pending. Claims 1, 12, and 20, are independent claims.
3. The IDS submitted on 28 October 2024 has been considered.
Priority
4. Applicant’s claim for the benefit of a prior-filed application under 35 U.S.C. 119(e) or under 35 U.S.C. 120, 121, 365(c), or 386(c) is acknowledged. Applicant has not complied with one or more conditions for receiving the benefit of an earlier filing date under 35 U.S.C. 112 as follows:
5. The later-filed application must be an application for a patent for an invention which is also disclosed in the prior application (the parent or original nonprovisional application or provisional application), “The disclosure of the invention in the parent application and in the later-filed application must be sufficient to comply with the requirements of 35 U.S.C. 112(a) or the first paragraph of pre-AIA 35 U.S.C. 112, except for the best mode requirement. See Transco Products, Inc. v. Performance Contracting, Inc., 38 F.3d 551, 32 USPQ2d 1077 (Fed. Cir. 1994).
The disclosure of the prior-filed applications, Application Nos. 18/111,821, 17/567,312, 17/228,379, and 15/286,112, fail to provide adequate support or enablement in the manner provided by 35 U.S.C. 112(a) or pre-AIA 35 U.S.C. 112, first paragraph for one or more claims of this application. The claims recite “determining a first metadata associated with a particular file and a second metadata associated with a changed version of the particular file”. The original disclosures of: 18/111,821, 17/567,312, 17/228,379, and 15/286,112 do not use the term metadata in this form. The disclosures only recite: “a metadata store storing one or more tables, an encryption key store for storing one or more encryption keys for data in or corresponding to the one or more tables, and a file store configured to store data files referenced in the one or more tables” or “As an example… The background job then modifies a mapping table in the metadata store to point a database table to the new set of data files” In addition see U.S. Patent No. 10,977,383 col. 2, lines 9-58 and col. 3, line 36 through col. 4, line 11. The previously filed application also contain a claim that recites “metadata storage. Note the phrase “determining a first metadata…and a second metadata” are never utilized in the original disclosures. The only use of the word metadata is with the description of the metadata store that maintains the mapping tables to the files.
Accordingly, the new limitations “determining a first metadata…and a second metadata…” in claims 1, 12, and 20 are not entitled to the benefit of the prior application.
6. This application repeats a substantial portion of prior Application No.s 18/111,821, 17/567,312, 17/228,379, and 15/286,112, with an earliest priority date of 5 October 2016, and adds disclosure not presented in the prior applications. Because this application names the inventor or at least one joint inventor named in the prior application, it may constitute a continuation-in-part of the prior applications. Should applicant desire to claim the benefit of the filing date of the prior application, attention is directed to 35 U.S.C. 120, 37 CFR 1.78, and MPEP § 211 et seq, “The presentation of a benefit claim may result in an additional fee under 37 CFR 1.17(w)(1) or (2) being required, if the earliest filing date for which benefit is claimed under 35 U.S.C. 120, 121, 365(c), or 386(c) and 1.78(d) in the application is more than six years before the actual filing date of the application.
Specification
7. The abstract of the disclosure is objected to because the terms “determining first metadata…and a second metadata” are not supported by the specification. A corrected abstract of the disclosure is required and must be presented on a separate sheet, apart from any other text. See MPEP § 608.01(b).
Claim Rejections - 35 USC § 112
8. The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
9. Claims 1-20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the enablement requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to enable one skilled in the art to which it pertains, or with which it is most nearly connected, to make and/or use the invention. As explained above the phrase “determining a first metadata…and second metadata” are not utilized in the specification. The dependent claims are rejected because of their dependency to the independent claims. Appropriate Correction required.
10. The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
11. Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. As explained above the phrase “determining a first metadata…and a second metadata” are not in the specification. Therefore, one would not know the meaning of the phrase, is metadata a storage that maintains mapping tables or is it something else? Appropriate Correction is required.
12. To expedite a complete examination of the instant application the claims rejected under 35 U.S.C. 101 (nonstatutory) as well as 35 U.S.C. 112 above are further rejected as set forth below in anticipation of applicant amending these claims to overcome the above rejections.
Double Patenting
13. The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A statutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement.
Effective January 1, 1994, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 3.73(b).
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/forms/.
The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens.
An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, please refer to - http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp
14. Claims 1-20 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1-34 of 15/286,112 now patent 10,977,383 as well as claims of 17/228,379 note patent 11,188,674 as claims of 17/537,312 now patent 11,586,761 as well as claims of 18/111,821 now patent 12,158,970. Although the conflicting claims are not identical, they are not patentably distinct from each other because all the elements/features of claimed method that generates mapping of encrypted files that are stored in database exist in the patented application in similar manner, essentially performing the same tasks. Below is a table comparing claim 1 of the present application with the method claims of patents 11,188,674 and 10,977,383. Although the wording in the claims are slightly different they all result in the same outcome “preventing a query from accessing the first encrypted file after the second encrypted file has been generated”. Therefore, the obviousness-type double patent rejection is applicable. Note the metadata associated with a particular file is interpreted equivalent to the mapping described in the previous patents.
PRESENT APPLICATION
11,188,674
10,977,383
A method, comprising:
determining a first metadata associated with a particular file and a second metadata associated with a changed version of the particular file
directing, based on the first metadata associated with the particular file, a first query for the particular file to a first file that is associated with the particular file
and preventing a second query for the particular file from accessing the particular file by directing, based on the second metadata associated with the changed version of the particular file, the second query to the changed version of the particular file instead of the particular file.
A method, comprising:generating a mapping for a plurality of encrypted files that are stored in a database, wherein the mapping associates the plurality of encrypted files with a plurality of encrypted keys and wherein a first encrypted file of the plurality of encrypted files is encrypted with a first encryption key;
in response to a request to re-encrypt the first encrypted file, generating a second encrypted file by re-encrypting data in the first encrypted file using a second encryption key, wherein both the first encrypted file and the second encrypted file are stored in the database and remain accessible to queries for a period of time;
updating the mapping to include the second encrypted file, wherein the mapping is updated after the second encrypted file has been generated; and
marking, after updating the mapping, the first encrypted file as expired to prevent a query from accessing the first encrypted file after the period of time has expired.
A method of encrypting database data while permitting queries to be performed on a database, the method comprising:
mapping a plurality of encrypted files to one or more tables that are stored in a database, a first encrypted file selected from the plurality of files is encrypted with a first encryption key, and wherein the mapping is stored in a metadata store that is separate from the first encryption key and the plurality of encrypted files store data from the one or more tables;
in response to a request to re-encrypt the first encrypted file, generating a second encryption key for the first encrypted file stored in the database; generating a second encrypted file by re-encrypting data in the first encrypted file using the second encryption key and a decrypted copy of the first encrypted file,
wherein both the first encrypted file and the second encrypted file are stored in the database and remain accessible to queries for a period of time;
in response to generating the second encrypted file, modifying the metadata store to map the second encrypted file to the one or more tables, wherein the metadata store is modified after the second encrypted file has been generated;
and remove the first encrypted file after modifying the metadata store to map to the second encrypted file and after all queries using the first encrypted file have completed.
Claim Rejections – 35 USC § 103
15. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
16. Claims 1-20, are rejected under 35 U.S.C. 103 as being unpatentable over Browning U.S. Patent Application No. 2010/0161995 (hereinafter ‘995) in view of Yavuz et al. U.S. Patent Application Publication No. 2015/0143112 (hereinafter ‘112) in further view of O’Connor et al. U.S. Patent Application Publication No. 2014/0237234 (hereinafter ‘234).
As to independent claim 1, “A method, comprising: determining a first metadata associated with a particular file and a second metadata associated with a changed version of the particular file” is taught in ‘995 Abstract and paragraphs 5, 7, and 33, note the generation identifiers are interpreted equivalent to the first and second metadata associated with particular files (i.e. data);the following is not explicitly taught in ‘995:
“directing, based on the first metadata associated with the particular file, a first query for the particular file to a first file that is associated with the particular file” however ‘112 teaches in paragraph 57, “Process 300 continues as the server 144 receives the search token Ʈw and decrypts the encrypted entries corresponding to the search index identifier i using the first single use key ri for entries in the row i that have not been updated (block 324) and decrypts the entries in the row i that have been updated using the second single use key rbi (block 328). In the system 100, the server 144 uses the state flag bit in each of the encrypted entries of an entire row i (I[i, *].st) to identify entries that have not been updated (state bit is 0) and entries that have been updated (state bit is 1)”, note the process tracks whether the files were encrypted with a first key or second key therefore it is able to answer the queries with the appropriate mapping / also note the search token is equivalent to a query / determining whether the key has been updated is interpreted equivalent to ‘directed using the metadat’.
It would have been obvious to one of ordinary skill in the art before the effective filing data of the claimed invention of a system and method for cryptographic key rotation in a database system taught in ‘995 to direct a query to first encrypted file or second encrypted file when the query arrives. One of ordinary skill in the art would have been motivated to perform such a modification to protect client data that may be exposed to third parties by enabling encryption and the ability to perform search queries see ‘112 paragraphs 3-6.
the following is not explicitly taught in ‘995 and ‘112:
“and preventing a second query for the particular file from accessing the particular file by directing, based on the second metadata associated with the changed version of the particular file, the second query to the changed version of the particular file instead of the particular file” however ‘234 teaches a method of immediate retirement (i.e. removing the first encrypted file after the second encrypted file has been generated) in paragraph 74. It would have been obvious to one of ordinary skill in the art before the effective filing data of the claimed invention of a system and method for cryptographic key rotation in a database system taught in ‘995 and ‘112 to prevent a second query from accessing the first encrypted file. One of ordinary skill in the art would have been motivated to perform such a modification to overcome the issues related to storage and security of confidential data on an external server see ‘234 paragraphs 4-6 and 71.
As to dependent claim 2, “The method of claim 1, wherein preventing the second query for the particular file from accessing the particular file further comprises: removing the particular file from a storage” is taught ‘234 paragraph 74.
As to dependent claim 3, “The method of claim 1, wherein preventing the second query for the particular file from accessing the particular file further comprises: marking the particular file as expired” is shown in ‘234 paragraphs 56 and 74.
As to dependent claim 4, “The method of claim 3, further comprises: receiving the second query for the particular file after marking the particular file as expired” is disclosed in ‘234 paragraph 74.
As to dependent claim 5, “The method of claim 1, further comprising: receiving the first query for the particular file before marking the particular file as expired” is taught in ‘995 Abstract, paragraphs 7, 33, 38, and 43.
As to dependent claim 6, “The method of claim 5, wherein preventing the second query for the particular file from accessing the particular file further comprises: preventing the second query for the particular file from accessing the first file that is associated with the particular file” is shown in ‘234 paragraph 74.
As to dependent claim 7, “The method of claim 1, wherein the first file is encrypted using a first encryption key and the changed version of the particular file is encrypted with a second encryption key, and further comprising: storing the first encryption key in a first key storage; and storing the second encryption key in a second key storage that is separate from the first key storage” is disclosed in ‘995 paragraphs 4 and 36.
As to dependent claim 8, “The method of claim 7, wherein directing, based on the first metadata associated with the particular file, the first query for the particular file to the first file that is associated with the particular file further comprises: permitting read access to the first key storage” is taught in ‘995 Abstract, paragraphs 7, 33, 38, and 43.
As to dependent claim 9, “The method of claim 7, further comprising: receiving an additional query with write access for one or more tables corresponding to the first file; determining whether the second encryption key has been generated for the first file; and generating, in response to determining that the second encryption key has been generated, the changed version of the particular file by: modifying the first file based on the additional query with write access and encrypting the changed version of the particular file based on the second encryption key” is shown in ‘995 Abstract, paragraphs 7, 30-33, 38, and 43.
As to dependent claim 10, “The method of claim 7, further comprising: generating additional encrypted files based on the second encryption key” is disclosed in ‘995 Abstract, paragraphs 7, 30-33, 38, and 43.
As to dependent claim 11, “The method of claim 7, wherein one or more of: generating the second encryption key without locking a database; or generating the changed version of the particular file without locking the database” is disclosed in ‘995 Abstract, paragraphs 7, 33, 38, and 43.
As to independent claim 12, this claim is directed to an apparatus executing the method of claim 1; therefore, it is rejected along similar rationale.
As to dependent claims 13-19, these claims contain substantially similar subject matter as claims 2-11; therefore, they are rejected along similar rationale.
As to independent claim 20, this claim is directed to a computer-readable medium storing instructions that execute the method of claim 1; therefore, it is rejected along similar rationale.
Conclusion
17. Any inquiry concerning this communication or earlier communications from the examiner should be directed to ELLEN C TRAN whose telephone number is (571) 272-3842. The examiner can normally be reached Monday-Friday.
Examiner interviews are available via telephone and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, Applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeff Pwu can be reached at 571-272-6798. The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ELLEN TRAN/Primary Examiner, Art Unit 2433 23 January 2026