Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This written action is responding to the request for continued examination (RCE) dated January 04, 2021.
In the RCE dated on January 04, 2021, claims 1, 11 and 15 have been amended, 2 has been canceled and all other claims are previously presented.
Claims 1 and 3-20 are allowed.

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on January 04, 2021 has been entered.
 
EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below.  Should the changes and/or additions be unacceptable to Applicant, an amendment may filed as provided by 37 CFR 1.312.  To ensure consideration of such an amendment, it MUST be submitted no later than the payment of issue fee.
Authorization for this examiner’s amendment was given in a telephone interview with Mr. Bryan G. McWhorter of registration number 77,780, on February 08, 2021.  During the telephone conference, Mr. McWhorter has agreed and authorized the examiner to further amend Claims 1 and 3-20 on the request for continued examination dated on January 04, 2021.

Claims
Replacing Claims 1 and 3-20 of the request for continued examination dated on January 04, 2021 with the following:

Claim 1:
A method of authenticating a bearer to a validator, the method comprising implementing by a digital identity system the following steps:
receiving from a bearer device of the bearer at the digital identity system an electronic message comprising a bearer key encrypted with a bearer wrapper key, wherein the message identifies: (i) an attribute of the bearer held in a data store of the digital identity system, the attribute being held in the data store in encrypted form, the encrypted form being encrypted with an attribute key, wherein the bearer key is required to decrypt the encrypted attribute, and (ii) one or more storage locations of the digital identity system at which are held: (a) a version of the bearer wrapper key usable to decrypt the bearer key and (b) a version of the attribute key, encrypted with the bearer key, usable to decrypt the attribute;
one or more storage locations on the digital identity system identified in the electronic message;
using the located bearer wrapper key to decrypt the received bearer key; and
using the decrypted bearer key to decrypt the bearer attribute at least partly by using the decrypted bearer key to decrypt the attribute key and using the decrypted attribute key to decrypt the attribute, wherein the digital identity system is configured to render the decrypted bearer attribute available to a validator device of the validator when authorized to do so by the bearer.

Claim 2:	(Canceled)

Claim 3:
The method according to claim 1, wherein a credential of the bearer is received with the encrypted bearer key, and the remaining steps are only performed when the credential is determined to be valid by the digital identity system, and the method further comprises:
issuing to the bearer a fresh one-time only use credential of the bearer, and associating the fresh bearer credential with the version of the bearer wrapper key stored at the digital identity system.



Claim 4:
The method according to claim 1, wherein the electronic message is an electronic sharing token request, and the method comprises:
generating, by the digital identity system, in response to the electronic sharing token request, a sharing token unique to that request;
associating with the unique sharing token at the digital identity system the identified bearer attribute;
and issuing to the bearer the unique sharing token;
wherein later presentation of the unique sharing token to the digital identity system by the validator causes the decrypted bearer attribute to be rendered available to the validator by the digital identity system.

Claim 5:
The method according to claim 4, wherein the sharing token is associated with the bearer attribute by storing the decrypted bearer attribute at the digital identity system in association with the sharing token.

Claim 6:
The method according to claim 5, wherein the wrapper key is a device key bound to a single device operated by the bearer.





Claim 7:
The method according claim 4, wherein the sharing token is associated with the bearer attribute by storing a copy of at least a part of the token request at the digital identity system in association with the unique sharing token, wherein the later presentation of the unique sharing token to the digital identity system causes the digital identity system to retrieve the bearer attribute from the data store using the stored token request.

Claim 8:
The method according to claim 7, wherein the stored request is encrypted with a sharing key, a copy of which is issued to the bearer with the sharing token, whereby the validator must [[5]] present the sharing key with the sharing token to access the at least one bearer attribute.

Claim 9:
The method according to claim 1, wherein the electronic message comprises, for each attribute it identifies, a respective database key and/or at least one pointer and/or other data denoting a location of that attribute in the data store.

Claim 10:
The method according to claim 1, wherein the electronic message identifies at least two attributes of the bearer held at different locations in the data store, wherein each of the attributes is encrypted with an attribute key unique to that 

Claim 11:
A bearer device comprising:
a computer interface; and
a hardware processor configured to execute a digital identity application, wherein the digital identity application is configured when executed on the hardware processor to perform operations of:
generating an electronic message comprising a bearer key encrypted with a bearer wrapper key, wherein the message identifies: an attribute of the bearer held in a data store of a digital identity system, the attribute being held in encrypted form, the encrypted form being encrypted with an attribute key, wherein the bearer key is required to decrypt the encrypted attribute, and (ii) one or more storage locations of the digital identity system at which are held: (a) a version of the bearer wrapper key usable to decrypt the bearer key and (b) a version of the attribute key, encrypted with the bearer key, usable to decrypt the attribute;
transmitting the electronic message to the digital identity system via the computer interface, thereby causing the digital identity system to retrieve the version of the bearer wrapper key from the one or more storage locations on the digital identity system identified in the electronic message, wherein using the decrypted bearer key to decrypt the bearer attribute comprises using the decrypted bearer key to decrypt the attribute key and using the decrypted attribute key to decrypt the attribute.

Claim 12:
The bearer device according to claim 11, wherein the electronic message is an electronic sharing token request, wherein said operations comprise:
receiving from the digital identity system, in response to the electronic token request, a sharing token unique to that request for presentation by the bearer device to a validator; and
rendering the unique sharing token available to a validator, wherein presentation of the unique sharing token to the digital identity system by the validator causes the decrypted bearer attribute to be rendered available to the validator by the digital identity system.

Claim 13:
The bearer device according to claim 12, wherein the unique sharing token is received with a sharing key for decrypting the at least one bearer attribute, which 
the application is configured to provide to the validator with the sharing token.
Claim 14:
The bearer device according to claim 12, wherein the application is configured to also generate at least one policy which is included in the electronic message transmitted to the digital identity system, wherein the application is configured to render a copy of the policy available to the validator with the sharing token, wherein the at least one policy defines at least a type of the bearer attribute and/or at least one attribute type to be shared by the bearer in return for the at least one bearer attribute.

Claim 15:
A non-transitory computer-readable medium embodying executable instructions configured, when executed on a processor of a bearer device, to perform operations of:
generating an electronic message comprising a bearer key encrypted with a bearer wrapper key, wherein the message identifies: an attribute of the bearer held in a data store of a digital identity system, the attribute being held in encrypted form, the encrypted form being encrypted with an attribute key, wherein the bearer key is required to decrypt the encrypted attribute, and (ii) one or more storage locations of the digital identity system at which are held: (a) a version of the bearer wrapper key usable to decrypt the bearer key and (b) a version of the attribute key, encrypted with the bearer key, usable to decrypt the attribute;
transmitting the electronic message to the digital identity system via a computer interface, thereby causing the digital identity system to retrieve the one or more storage locations on the digital identity system identified in the electronic message, use the located bearer wrapper key to decrypt the bearer key, and use the decrypted bearer key to decrypt the bearer attribute for rendering available by the digital identity system to a validator when authorized to do so by the bearer device, wherein using the decrypted bearer key to decrypt the bearer attribute comprises using the decrypted bearer key to decrypt the attribute key and using the decrypted attribute key to decrypt the attribute.

Claim 16:
The non-transitory computer-readable medium of claim 15, wherein the electronic message is an electronic sharing token request, wherein said operations comprise:
receiving from the digital identity system, in response to the electronic token request, a sharing token unique to that request for presentation by the bearer device to a validator; and
rendering the unique sharing token available to a validator, wherein presentation of the unique sharing token to the digital identity system by the validator causes the decrypted bearer attribute to be rendered available to the validator by the digital identity system.





Claim 17:
The non-transitory computer-readable medium of claim 16, wherein the unique sharing token is received with a sharing key for decrypting the at least one bearer attribute, which the instructions are configured, when executed, to provide to the validator with the sharing token.

Claim 18:
The non-transitory computer-readable medium of claim 17, wherein the instructions are configured to also generate at least one policy which is included in the electronic message transmitted to the digital identity system, wherein the instructions are configured to render a copy of the policy available to the validator with the sharing token, wherein the at least one policy defines at least a type of the bearer attribute and/or at least one attribute type to be shared by the bearer in return for the at least one bearer attribute.

Claim 19:
The non-transitory computer-readable medium of claim 15, wherein the electronic message comprises, for each attribute it identifies, a respective database key and/or at least one pointer and/or other data denoting a location of that attribute in the data store.



Claim 20:
The non-transitory computer-readable medium of claim 19, wherein the electronic message identifies at least two attributes of the bearer held at different locations in the data store.

Allowable Subject Matter
Claims 1 and 3-20 are allowed.

Examiner’s Statement of Reasons for Allowance
The following is an examiner’s statement of reasons for allowance:
Independent claim 1 is allowable based on the amendment presented in the request for continued examination dated on January 04, 2021 and the examiner’s amendment dated on February 08, 2021.
Specifically, the independent claim 1 now recites limitations as follows:

“A method of authenticating a bearer to a validator, the method comprising implementing
by a digital identity system the following steps:
receiving from a bearer device of the bearer at the digital identity system an electronic message comprising a bearer key encrypted with a bearer wrapper key, wherein the message identifies: (i) an attribute of the bearer held in a data store of the digital identity system, the attribute being held in the data store in encrypted form, the encrypted form being encrypted with an attribute key, wherein the bearer key is required to decrypt the encrypted attribute, and (ii) one or more storage 
using the received message to retrieve the version of the bearer wrapper key from the one or more storage locations on the digital identity system identified in the electronic message;
using the located bearer wrapper key to decrypt the received bearer key; and
using the decrypted bearer key to decrypt the bearer attribute at least partly by using the decrypted bearer key to decrypt the attribute key and using the decrypted attribute key to decrypt the attribute, wherein the digital identity system is configured to render the decrypted bearer attribute available to a validator device of the validator when authorized to do so by the bearer”.

The cited reference Sachdeva et al. (US PGPUB. # US 2007/0101145) discloses, a consent service on a host computer providing cryptographically signed consent for user attributes by a user on a host computer to a web service provider. The consent service is operable to provide decryption of the user attributes acquired by the web service provider from an identity provider. The consent service displaying and acquiring user consent to one or more user attributes displayed in a browser web page to the user on the host computer. The consent service is operable to provide encryption of the user consented attributes and to (Abstract). The web service provider sends the encrypted XML message received from the identity provider to the host computer and requests the user to cryptographically sign the attributes. A consent service on the host computer decrypts the encrypted XML message received from the web service provider by using a private key of the user (UPRK) on the host computer. The decrypted user attributes are displayed to the user in an interface, such as a web page in a browser or a windows user interface, on the host computer by the consent service. Furthermore, the attributes whose use have been consented to by the user in the interface, referred to herein above and displayed on the host computer by the consent service, are then encrypted by using the public key (WPBK) of the web service provider. The cryptographically signed consent of the user is generated using XML signature. An encrypted XML message is produced by the consent service by embedding the encrypted (¶15). As shown in the drawings for purposes of illustration, the invention is embodied in a novel framework for an identity provider to share user attributes with a web service provider. The signed consent of the user on the host computer to share the user attributes with the web service provider conveys to the web service provider and the identity provider a high level of confidence that it is indeed the user who consented to the attributes being shared. A system according to the invention provides a method in which an identity provider encrypts user attributes to be transmitted via a web service provider to a host computer to obtain consent of the user attributes by the user on the host computer. The user attributes received from the web service provider are decrypted on the host computer and the decrypted attributes are displayed to the user in a user interface on the host computer such as a web page in a web browser or a windows user interface. The attributes consented-to by the user are encrypted and transmitted to the web service provider with cryptographically signed user consent. The web service provider shares these consented-to attributes of the user with other web service providers for the user on the host computer to access services provided by other web service providers. (¶27-¶28). The IPservice 117 generates a random key RK, step 303, e.g., a key conforming to Advanced Encryption Standard (AES). AES, also known as Rijndael, is a block cipher adopted as an encryption standard by National Institute of Standards and Technology (NIST) as US FIPS PUB 197. The IPservice 117 encrypts the user specific attributes using the random key RK, step 304. An example of user attributes stored in the storage device 115 of the identity provider 105 is illustrated below in Table I. (Table 1, ¶34). The browser 109 on the host computer 101 sends the SOAP request containing the encrypted XML message from the web service provider 103 to the CSservice 205, message 310. The CSservice 205 validates the XML signed message received from the web service provider 103, step 311. Furthermore, the CSservice 205, which has the private key UPRK of the user 107, decrypts the encrypted random key ERK to retrieve the random key RK, step 312. The CSservice 205 decrypts the user attributes using the random key RK, step 313. The decrypted user attributes are displayed in a web page of the browser 109 by the CSService 205 to obtain the consent of the user 107, message 314. In one embodiment, the web page displayed to the user 107 comprises each user attribute with a selection checkbox and a submit button to obtain user's consent to use selected attributes. The user 107 selects one or more user attributes displayed in the web page of the browser 109 and activates the submit button in the web page of the browser 109. The browser 109 then conveys (Fig. 3(312, 313), ¶38). The web service provider 103 having received the SOAP response containing encrypted XML message 323 from the browser 109 on the host computer 101, sends the message 323 to WSPservice 113. The WSPservice 113 having the private key WPRK of the web service provider 103 decrypts the encrypted random key ERK2 to retrieve the random key RK2, step 324. The WSPservice 113 decrypts the user consented attributes using the random key RK2, step 325. Furthermore, the web service provider 103 logs the cryptographically signed consent of the user 107 in the storage device 111 of the web service provider 103, step 326 and stores the user consented attributes in the storage device 111 of the web service provider 103, step 327. (Fig. 3(317, 325, 326, 327), ¶40).
The reference by Stiglic et al. (US PGPUB. # US 2015/0256336) discloses, referring to FIG. 2 which is a flow diagram illustrating at least one embodiment of the process by which a DO creates and stores, on DO's current system S1 a symmetric encryption key (KEKi) [2.1] associated with one and only one Data Assignee, DAi, of any of DO's Data Assignees ([DAj], j=1-max). DO then creates a placeholder on S1 for KEKi which will be encrypted in a further process with the DAi's public key (DAiPuKey) [2.2]. On system S1, using a set of algorithms (SOA) and a Master Password (MP) that is solely known and derived by DO from information solely known to DO, DO derives a strong key (K) which is 1 [5]. DO then sends [K[KEKmax]] to the Third Party Server (3PS) and, from time to time, automatically adds any new DA encrypted symmetric encryption keys, i.e. K[KEKj] where j>max thereto as they become available [6]. On any DO system all secret keys, MP, SPi, KEKi, K and DOPrKey are made non-discoverable (see FIG. 8) [26]. (¶50).
The reference by Kalinichenko et al. (US PGPUB. # US 2013/0332366) discloses, the computing system includes a key gateway in communication with a computing device over a first radio network, a data gateway in communication with the computing device over a second radio network independent from the first radio network, and a key storage facility in communication with the key gateway and the data gateway. The computing device has a software radio. The key gateway (A) receives an application level encryption key from the computing device, (B) stores the application level encryption key in the key storage facility, and (C) transmits, to the computing device, a key index indicating a location of the application level encryption key on the key storage facility. The data (¶9). The key gateway 38 receives an application level encryption key from the computing device 10. The application level encryption key is stored in the key storage facility 46, for example, by the key gateway 38. A key index is transmitted to the computing device 10 via the key gateway 38. The key index indicates a location of the application level encryption key on the key storage facility 46. The data gateway 42 receives (i) data encrypted, by the computing device, using the application level encryption key and (ii) the key index. The data gateway 42 retrieves the application level encryption key from the key storage facility 46, and decrypts (e.g., using the data decryption module 50) the data using the application level encryption key. The decrypted data is transmitted to a server 32 of the financial institution to carry out a financial transaction. (¶26).
The reference by Dietrich et al. (US PGPUB. # US 2011/0023103) discloses, when the user 102 has successfully authenticated himself to the ID token 106, and when the ID provider computer system 136 has successfully authenticated itself to the ID token 106, the ID provider computer system 136 is provided with read authorization for reading an (¶69-¶70). When both the user and the ID provider computer system have been successfully authenticated to the ID token, the ID provider computer system is provided with the access authorization for reading the attributes by the ID token. In step 212, the ID provider computer system sends one or more read commands for reading the attributes required according to the attribute specification from the ID token. The attributes are then transmitted using end-to-end encryption via the protected connection to the ID provider computer system, where they (Fig. 2(212), ¶82). The attribute values which have been read are signed by the ID provider computer system in step 214. In step 216, the ID provider computer system sends the signed attribute values via the network. The signed attribute values reach the service computer system either directly or via the user computer system. In the latter case, the user may have the opportunity to take note of the signed attribute values and/or to add further data to them. Provision may be made for the signed attribute values, possibly with the added data, to be forwarded from the user computer system to the service computer system only following release by the user. This provides the greatest possible transparency for the user in terms of the attributes sent from the ID provider computer system to the service computer system. (Fig. 2(216), ¶83). 
The reference by Spies et al. (US PAT. # US 7,961,879) discloses, at step 46, a sender may encrypt a message in multiple layers using message keys (e.g., symmetric message keys) and IBE public keys of varying sensitivity. The less sensitive keys may be used to encrypt the outer layers of the message and the more sensitive keys may be used to encrypt the inner layers of the message. For example, a message may be encrypted in four layers using IBE public keys Q1, Q2, Q3, and Q4. If Q1 is the most sensitive key (e.g., the identity information and/or other access policy information in Q1 is the most sensitive), and if Q2, Q3, and Q4, are increasingly less sensitive, then Q1 may be used for the innermost layer of encryption, Q2 may be used for the second most inner layer of encryption, (Fig. 4(46), CL(16), LN(15-39)). At step 50, the recipient may use the IBE public keys (e.g., public keys such as Q1, Q2, Q3, and Q4) to obtain the respective IBE private keys from the appropriate private key generator(s) 16. The private key generator may use the access policies specified in the public keys to verify that the recipient is authorized to access the message before the corresponding private keys are released to the recipient. Each private key may be used to decrypt the next layer of the message that is revealed, until the entire message has been decrypted from the outermost layer inward. By embedding public keys Q1, Q2, and Q3 in the inner layers of the encrypted message, these public keys are not sent in the clear at step 48. Moreover, because the most sensitive public key (e.g., public key Q1) is buried within multiple layers of encryption, it is the most well-protected public key of all. Only a recipient who is able to decrypt the outer layers of the message associated with keys Q2, Q3, and Q4 (in the four-layer example) will be able to view public key Q1. (CL(16), LN(40-60)).
However, each of the cited references or reference from the updated search, at least, fails to teach or suggest the limitations regarding “…….wherein the message identifies: (i) an attribute of the bearer held in , the encrypted form being encrypted with an attribute key, wherein the bearer key is required to decrypt the encrypted attribute, and (ii) one or more storage locations of the digital identity system at which are held: (a) a version of the bearer wrapper key usable to decrypt the bearer key and (b) a version of the attribute key, encrypted with the bearer key, usable to decrypt the attribute…..using the decrypted bearer key to decrypt the bearer attribute at least partly by using the decrypted bearer key to decrypt the attribute key and using the decrypted attribute key to decrypt the attribute, wherein the digital identity system is configured to render the decrypted bearer attribute available to a validator device of the validator when authorized to do so by the bearer”, in combination with the rest of the limitations recited in the independent claim(s).

None of the previous cited prior art references or reference(s) from the updated search yield any specific references that would reasonably, either singularly or in combination with previous cited reference, result a reasonable and proper rejection for each of the cited feature limitations of the independent claim 1 under 35 U.S.C. 102 or 35 U.S.C. 103 with proper motivation.
Claims 11 is a device claim of above method claim 1 and Claim 15 is a non-transitory computer-readable medium claim of above method claim 1, and therefore, they are also allowed.
Claims 3-10 depend on the allowed claim 1, and therefore, they are also allowed.
Claims 12-14 depend on the allowed claim 11, and therefore, they are also allowed.
Claims 16-20 depend on the allowed claim 15, and therefore, they are also allowed.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance".

Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to DARSHAN I DHRUV whose telephone number is (571)272-4316.  The examiner can normally be reached on M-F 9:00 AM-5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.







/DARSHAN I DHRUV/Examiner, Art Unit 2498