Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendments
The amended claims 1 – 3, 5 – 17 and 19 – 20 were considered under 35 USC 112 (b, f), 101 (abstract idea) and 103 for patentability over closest and analogous prior arts Smith et al (US Pub. #: 20170364908), hereafter Smith, Krishnan, Suresh (US Pub. #: 20090119407), hereafter Krishnan and Borovoy et al (US Pub. #: 9537865), hereafter Borovoy have been fully considered and are persuasive. Claims 4 and 18 are cancelled.

Allowable Subject Matter
1.	Amended claims 1 – 3, 5 – 17 and 19 – 20 are allowed in light of applicant’s arguments, approved examiner’s proposed amendments and in light of prior art(s) made of record. 

Examiner’s Amendment
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.  Authorization for this examiner’s amendment was given in an interview with David Cohen (attorney) for filed amended claims on 02-04-2021:
(Previously Presented)  A method for validating cryptographically signed records, the method comprising:
under control of a hardware processor: 

the sender individual record comprises a record identifier, a record content, a sender public keys, a receiver public key of the record receiver device, and a sender signature of the sender individual record, and 
the sender individual record is created by the record sender device after receiving a content request from a record receiver device and after the record sender device identifies the record receiver device; 
maintaining, at the record receiver device, record identifiers associated with sender individual records previously received from the record sender device;
attempting to decrypt the sender signature by using the sender public key;
detecting mousing by determining, via the record receiver device, that the sender individual record is invalid based at least in part on a failed attempt to decrypt the sender signature, wherein the detection of mousing further includes determining that the record identifier of the sender individual record is absent from the maintained record identifiers; 
creating a receiver individual record, wherein:
the receiver individual record comprises the sender individual record, a malicious record endorsement, and a receiver signature of the receiver individual record, and
the receiver signature is created using a receiver private key of the record receiver device, and wherein the receiver public key and the receiver private key form a receiver public-key cryptographic pair; and 
sending the receiver individual record to the processing platform.

(Original)  The method of claim 1, wherein the determining the sender individual record is invalid comprises detecting sender cloning with a single receiver, mousing, or ghosting.

(Original)  The method of claim 2, wherein:

the record receiver device maintains a highest record identifier of individual records previously received with the sender public key of the record sender device as sender public keys of the individual records previously received, and 
detecting sender cloning comprises determining the record identifier of the sender individual record is not larger than the highest record identifier.

(Cancelled)

(Original)  The method of claim 2, wherein: 
the sender public key is the sender public key of the record sender device, wherein the sender signature is created using a sender private key of the record sender device, and 
the sender public key and the sender private key form a sender public-key cryptographic pair.

(Original)  The method of claim 2, wherein: 
the sender public key is the sender public key of the record sender device,
the detecting mousing comprises determining the sender signature is not created using a sender private key of the record sender device, wherein the sender public key and the sender private key form a sender public-key cryptographic pair, and 
the determining the sender signature is not created using the sender private key of the record sender device comprises using the sender public key to determine the sender signature is not created using the sender private key.

(Original)  The method of claim 2, wherein: 
detecting ghosting comprises determining the sender public key is not a valid public key of a user device, and
the determining the sender public key is not a valid public key comprises: 

determining the common records comprise the sender public key of the record sender device.

(Original)  The method of claim 7, wherein: 
the sender signature is created using a sender private key, and 
the sender public key and the sender private key form a sender public-key cryptographic pair.

(Original)  The method of claim 1, further comprising causing the processing platform to add the record sender device to a blacklist of malicious user devices.

(Previously Presented)  A method for validating cryptographically signed records, the method comprising:
under control of a hardware processor: 
receiving, at a record receiver device, a sender individual record from a record sender device, wherein:
the sender individual record comprises a record content, a sender public key, a receiver public key, and a sender signature of the sender individual record, 
the sender signature is created using a sender private key, wherein the sender public key and the sender private key form a sender public-key cryptographic pair, and 
the sender individual record is sent by the record sender device after receiving a content request from the record receiver device and identifying the record receiver device; 
maintaining, at the record receiver device, record identifiers associated with sender individual records previously received from the record sender device;
attempting to decrypt the sender signature by using the sender public key;
determining, via the record receiver device, that the sender individual record is invalid based at least in part on a failed attempt to decrypt the sender signature, wherein 
creating a receiver individual record, wherein:
the receiver individual record comprises the sender individual record, a malicious record endorsement, and a receiver signature of the receiver individual record, 
the receiver signature is created based at least in part on receiver private key of the record receiver device, and 
the receiver public key and the receiver private key form a receiver public-key cryptographic pair; and 
sending the receiver individual record to the processing platform.

(Original)  The method of claim 10, wherein the determining the sender individual record is invalid comprises detecting sender cloning with multiple receivers or detecting forking.

(Original)  The method of claim 11, wherein the detecting sender cloning with multiple receivers comprises: 
determining the sender public key is the sender public key of the record sender device; and 
determining the receiver public key is not a public key of the record receiver device.

(Original)  The method of claim 10, wherein detecting forking comprises: 
determining the sender public key is not a public key of the record sender device;
determining the public key of the record receiver device is not in the in the sender individual record; and 
determining the receiver public key is not a public key of the record receiver device.


the sender signature is created based at least in part on a sender private key, and 
the sender public key and the sender private key form a sender public-key cryptographic pair.

(Original)  The method of claim 10, further comprising:
causing the processing platform to add the record sender device to a blacklist of malicious user devices.

(Proposed Amendments for Examiner’s Amendment)  A method for validating cryptographically signed records, the method comprising:
receiving a receiver individual record from a record receiver device, wherein:
the receiver individual record comprises a sender individual record, a for-processing-only endorsement, and a receiver signature of the receiver individual record, and
the sender individual record comprises a record identifier, a record content, a sender public key of the record sender device, a receiver public key of the record receiver device, and a sender signature of the sender individual record,
the record content including a request for content; 
the sender signature is generated based at least in part on a sender private key of the record sender device, wherein the sender public key and the sender private key form a sender public-key cryptographic pair, wherein the sender public key and the sender signature are both out-of-date or invalid,
the receiver individual record is created by the record receiver device after receiving the sender individual record from the record sender device and verifying, via the record receiver device, the sender individual record based at least in part on the sender public key, wherein the verification is successful because the record receiver device comprises a copy of the sender public key that is out-of-date or invalid,

the receiver public key and the receiver private key form a receiver public-key cryptographic pair; 
maintaining, at the record receiver device, record identifiers associated with sender individual records previously received from the record sender device;
attempting, at the processing server, to decrypt the receiver signature by using the receiver public key, wherein the decryption of the receiver signature is successful;
creating, at the processing server, a modified individual record with the receiver signature based at least in part on the successful decryption;
detecting ghosting by determining, at the processing server, that the modified individual record is invalid based at least in part on a determination that the modified individual record includes the out-of-date or invalid sender public key sender public key   not present in 
suppressing transmission of the content to the record receiver that is requested via the record content.

(Original)  The method of claim 16, wherein the determining the receiver individual record to be invalid comprises detecting receiver cloning or ghosting.

(Cancelled)
 
(Original)  The method of claim 16, wherein detecting ghosting comprises: 
determining the sender public key is an invalid public key by determining that the valid sender public keys comprise the sender public key of the sender individual record.

(Original)  The method of claim 16, further comprising: 

adding the record receiver device to a blacklist of malicious users if ghosting is detected.

Reasons for Allowance
The following is an examiner’s statement of reasons for allowance: 
As to the independent claim 1, the prior art of reference Smith teaches Fig. 1, [0032] a blockchain record module receives records which is/are added/updated periodically; [0031] the record module of the manufacturer device generates a device manufacture record (DMR) that includes several device attributes, which is cryptographically signed by a private cryptographic key of the manufacturer device, the public cryptographic key of the intended distributor (i.e., receiver key), a unique identifier, data regarding a device "type", a public cryptographic key corresponding with a private cryptographic key provisioned to the compute device, and a cryptographic hash of data associated with the rendezvous server and other attributes; [0036] the blockchain record is created after the ownership transfer module receives requests to transfer ownership of computing devices from one owner/device to another and [0018] the DNS-Based Authentication of Named Entities (DANE) service identifies the device type; [0067] the rendezvous server receives the attestation quote from the compute device and verifies that the public EPID key of the compute device is associated with the correct manufacturer based on the block chain and when the check fails the server denies transaction else creates the ownership record; [0037]  the verification module requires the compute device to perform an attestation using an attestation key of the compute device (e.g., its private EPID key); [0031, 0041] devices of the system generate or are otherwise assigned a public-private cryptographic key pair for  

Further, a second prior art of record Krishnan teaches: [0026] the neighbor discovery (ND) message comprises a layer two address of the proxy, a layer two address of the peer host, a signature of the peer host, and a signature of the proxy. [0037] a ND message comprises a signature key of the authorized SEcure Neighbor discovery (SEND) proxy, original contents of the ND message it replaced and a proxy signature information (PSI) appended in the message. 

Further, a third prior art of record Borovoy teaches: Cols. 7-8 lines 58-67, 1-3: an attempt to request a resource by an unauthorized user, device or application, among others can result in the unauthorized user, device, or application being added to the black list.

None of the other prior arts of record teach by themselves or in any combination, would have anticipated nor render obvious by combination the claimed invention of the present application at or before the time it was filed.  The prior arts of record fail to teach: The concepts of mousing and ghosting are detected: Mousing is detected in a digitially signed document whereby when the decryption fails due because the sender record identifier is not present in the database and indicate the same via a malicious record endorsement to the sender. The Ghosting is detected whereby the attempt to decrypt the signature is successful, however, the when a modified individual record is created based on the decrypted signature the decrypted signature is found to 

Therefore, independent claim 1 and their corresponding dependent claims are allowed in light of applicant’s arguments, approved examiner’s amendments and prior arts of record. The same amendments and reasoning are applicable to independent claims 10 and 16 mutatis mutandis.  Claims 4 and 18 are cancelled.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See PTO-892 Notice of References Cited.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Badri -- Champakesan whose telephone number is (571)270-3867.  The examiner can normally be reached on M-F: 7:45am-5pm (EST).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/BADRINARAYANAN /Examiner, Art Unit 2438.