Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This non-final office action is responsive to the U.S. patent application no. 18/961,914 filed on November 27, 2024.
Claims 1-20 are pending.
Claims 1-20 are rejected.
Priority
The application claims priority under 35 U.S.C. 120 to U.S. non-provisional application No. 18/110,927 filed on February 17, 2023, which claims priority to non-provisional application 16/934,183 filed on July 21, 2020, which claims priority to provisional application no. 63/002,495 filed on March 31, 2020, Application No. 62/988,030 filed on March 11, 2020 and Application No. 62/876,940 filed on July 22, 2019.
Information Disclosure Statement
The information disclosure statements (IDS) submitted on 11/27/2024 and 3/24/2025 are compliant with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statements have been considered by the examiner.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
Claims 10 and 20 are rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor regards as the invention.
Claim 10 recites the limitation "the other electronic device" in its body. There is insufficient antecedent basis for this limitation in the claim.
Claim 20 has the same issue as claim 10.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.
Claims 1-6, 8, 11-16 and 18 are rejected under 35 U.S.C. 102(a)(2) as being unpatentable over Phillips et al. (U.S. 2007/0033397).
Regarding claim 1, Phillips disclosed a method of an electronic device, the method comprising:
providing, by a processor of the electronic device, encryption data for use in encrypting at least one content selection from one or more content selections into a container (Phillips, [0039], “The asymmetric encryption algorithm 205 generates two decryption keys, called the primary and secondary keys 250 and 252, respectively, and are stored in a record 225 in the container registration database 165 on the container verification server 160”);
receiving and storing in a storage location, by the processor, the container, the container including: the encrypted at least one content selection (Phillips disclosed in Fig. 2 that the container 120 includes encrypted data blocks 230A, 230B and 230C); and
control information in a metadata portion of the container, wherein the control information includes information used to control access to the container (Phillips disclosed in Fig. 2 that the container 120 has a header 231 that stores the hidden symmetric key. The header 231 anticipates the “metadata” in the claim and the hidden symmetric key anticipates the “control information”);
storing at a storage location, by the processor, control data associated with the control information of the container (Phillips disclosed in Fig. 2 the container registration database 165 that stores container ID 210, primary key 215 and secondary key 220 that are control data associated with the control information of the container);
detecting, by the processor, an access attempt to the container by another electronic device (Phillips, [0030], “ a user may attempt to open the SDC 120' on their device 125 (or attempts to open portions of the SDC 120'). When the attempt to access or open the SDC 120' occurs …”); and
granting or denying, by the processor, access to the container based on the control data (Phillips, [0030, “executable code either in the SDC 120' or already on the user's device opens a secure link to the container verification server 160 and sends an authorization request message 190” and [0031], “Once this request is processed, transaction approval or denial data may be returned to the container authentication server 160 in a financial transaction response message 194”).
Claim 11 lists substantially the same elements as claim 1, device form rather than method form. Therefore, the rejection rationale for claim 1 applies equally as well to claim 11.
Regarding claims 2 and 12, Phillips disclosed the subject matter of Claims 1 and 11, respectively.
Phillips further disclosed wherein the container further includes a content portion separate from the metadata portion that includes the encrypted at least one content selection (Phillips disclosed in Fig. 2 the encrypted data blocks 230A, 230B and 230C that are content portions within the container).
Regarding claims 3 and 13, Phillips disclosed the subject matter of Claims 2 and 12, respectively.
Phillips further disclosed wherein the encrypted at least one content selection includes data of a first format and data of a second format (Phillips, [0025], “ content file or files 115 such as video, text, streaming media, audio, animation, music, financial transaction data, or any other type of data for inclusion in the production of a secure digital container (SDC) 120”).
Regarding claims 4 and 14, Phillips disclosed the subject matter of Claims 1 and 11, respectively.
Phillips further disclosed wherein the control data includes container owner information, the method further comprising: instructing display, by the processor, of the owner information indicating an ownership status of content in the container (Phillips, [0032], “This permission token message contains a permission token that is typically a relatively small bit string that includes the financial transaction approval or denial data, the contents usage rights data, permission flags and re-encryption data that is now unique to both the SDC 120'” and [0033], “When the permission token 196 is returned to the SDC 120' on the user's device 125, the container executable code may read the token bit string and may write the usage rights data and a permission flag called a client fingerprint mode flag (CFMF) to a confidential (e.g., unpublished or hidden) location such as memory 130 on the user's device”).
Regarding claims 5 and 15, Phillips disclosed the subject matter of Claims 1 and 11, respectively.
Phillips further disclosed wherein the control data includes a container copy number indicating a number of copies of the container allowed to be accessed (Phillips, [0066], “ the usage rights parameters for the container … describe usage rules such as the number of times the user may access the contents”; [0029], “The usage rights may include, but not limited to, limiting accesses to the content files to a certain number of occurrences, limiting access to a period of time, limiting copying of the content files (or portions thereof), limiting the copying to a secondary device, limiting the burning of the content file to storage media such as CD or DVD or controlling printing, to name a few.”), the method further comprising: determining, by the processor in response to the detection of the access attempt, whether a current number of access attempts associated with the container has reached or exceeded an access limit; and granting or denying, by the processor, access to the container based on the determination of whether the current number of access attempts associated with the container has reached or exceeded the access limit (Phillips, [0099], “a check is made whether the usage rules allow access to the digital contents or potions of the digital content”).
Regarding claims 6 and 16, Phillips disclosed the subject matter of Claims 5 and 15, respectively.
Phillips further disclosed creating copies of the container based on the container copy number; and for each of the created copies of the container, setting a viewed flag in the control information of the metadata portion of the copy of the container, wherein the viewed flag indicates whether the copy of the container has previously been accessed (Phillips, [0095], “ the contents of the container may be accessed by a user according to usage rules such as one-time access, execute only, print prohibited, copy prohibited, print prohibited, time-limited access, access count, or the like” and [0032], “This permission token message contains a permission token that is typically a relatively small bit string that includes the financial transaction approval or denial data, the contents usage rights data, permission flags and re-encryption data that is now unique to both the SDC 120' and the user and/or the user's device”).
Regarding claims 8 and 18, Phillips disclosed the subject matter of Claims 1 and 11, respectively.
Phillips further disclosed wherein the control data includes expiration data indicating when access to the container expires (Phillips, [0066], “These parameters describe usage rules such as the number of times the user may access the contents, a period of time in which the user may access the contents, as applied to portions or the entire contents”), the method further comprising: determining, by the processor in response to the detection of the access attempt, whether the access to the container has expired based on the expiration data; and granting or denying, by the processor, access to the container based on the determination of whether the access to the container has expired based on the expiration data (Phillips, [0029], “The usage rights may include, but not limited to, limiting accesses to the content files to a certain number of occurrences, limiting access to a period of time, limiting copying of the content files (or portions thereof), limiting the copying to a secondary device, limiting the burning of the content file to storage media such as CD or DVD or controlling printing, to name a few.” Which implies that when the period of time expires, access to the content will be denied).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 7 and 17 are rejected under 35 U.S.C. 103 as obvious over Phillips as applied to claims 1 and 11 above in view of Hamlin et al. (U.S. 2020/0074097).
Regarding claims 7 and 17, Phillips disclosed the subject matter of Claims 1 and 11, respectively.
Phillips might not have explicitly disclosed but Hamlin disclosed
wherein the control data includes application restriction data indicating one or more specific applications allowed to decode or view contents of the container (Hamlin, [0048], “an access control list may identify specific applications that may have certain access rights with respect to a file.”)
the method further comprising: determining, by the processor in response to the detection of the access attempt, whether an application being used to access the container is included in the one or more specific applications allowed to decode or view the contents of the container; and granting or denying, by the processor, access to the container based on the determination of whether the application being used to access the container is included in the one or more specific applications allowed to decode or view the contents of the container (The combination of Phillips’s teaching in paragraphs [0093, 0094] combined with Hamlin’s teaching in paragraph [0048] would have made the claimed subject matter obvious).
Before the effective filing date of the claimed invention, one of ordinary skill in the art would have been motivated to combine Phillips and Hamlin because both references disclosed methods and systems for controlling access to content stored in a container (Phillips, Abstract, “A system and method of encrypting digital content in a digital container and securely locking the encrypted content to a particular user and/or computer or other computing device”; Hamlin, Abstract, “Data is frequently protected by securing the data within containers that are only accessible using a specific security application.”). Therefore it would have also been obvious for one to integrate Hamlin’s teaching about limiting access to specific applications into Phillips as such that Phillips’ system can also control access to contents in a container with finer granularity, giving users of the system more control.
Claims 9-10 and 19-20 are rejected under 35 U.S.C. 103 as obvious over Phillips as applied to claims 1 and 11 above.
Regarding claims 9 and 19, Phillips disclosed the subject matter of Claims 8 and 18, respectively.
Phillips might not have explicitly disclosed wherein the expiration data includes at least one of: a date of expiration; a parameter to expire the container when a viewed flag of the container is positive; a parameter to expire the container after a certain number of views; or a parameter to expire the container after an attempt to decode or view contents of the container using an application other than an allowed.
However, Phillips disclosed in paragraph [0029] that “The usage rights may include, but not limited to, limiting accesses to the content files to a certain number of occurrences, limiting access to a period of time, limiting copying of the content files (or portions thereof), limiting the copying to a secondary device, limiting the burning of the content file to storage media such as CD or DVD or controlling printing, to name a few.” It would have been obvious to one of ordinary skill in the art that Phillips’ disclosure of limiting access to a period of time implies that the time could be a date of expiration, as this is a well-known implementation choice.
Regarding claims 10 and 20, Phillips disclosed the subject matter of Claims 1 and 11, respectively.
Phillips might not have explicitly disclosed updating the control data based on access of the container by the other electronic device.
However, Phillips disclosed in paragraph [0024] a re-key process that binds content to a user device, which means that another device trying to access the content will have to go through the authentication and the re-key process, which is equivalent to the “updating the control data” in the claim.
Related Prior Art
Gorman et al. (US 2014/0283140) is directed to a digital media content management apparatus and method for securely storing a content file on a computer readable medium and playing the content file from the computer readable medium. The content file comprises control information readable by a content player and payload information including content data.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHIRLEY X ZHANG whose telephone number is (571)270-5012. The examiner can normally be reached 8:30am - 5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joon H Hwang can be reached at 571-272-4036. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SHIRLEY X ZHANG/Primary Examiner, Art Unit 2447