Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Detail Action
This office action is response to the application 16/438,759 filed on 06/12/2019. Claims 1-20 are pending in this communication.

Information Disclosure Statement
The information disclosure statements (IDS) submitted 06/12/2019 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statements are being considered by the examiner. 

Examiner’s Note
The Examiner used figures, paragraph and line numbers from the instant application’s pre-grant publication or pdf copy of allowance. In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
35 U.S.C. 101 – Claim Analysis: The Examiner finds that the claim term “computer program product comprising a computer readable storage medium” of claim 20 is directed not to be construed as being transitory signals per se”).  Thus, the claimed “computer program product” of claim 20 is limited to statutory forms of non-transitory hardware media, as it does not include transitory media.
35 U.S.C. 112(f) – Claim Analysis: The Examiner notes that the claims recite the claim language “computational engines for executing …” The Examiner finds that the claim features do NOT invoke 112(f) as the claimed “engine” is well-known hardware/software tools with sufficient structure for performing the recited functions. 

Allowable subject matter
Claims 9 and 10 will be allowable if written in independent form with base claims 1. For allowability, the independent claims 13 & 20 are required to be in same scope with limitations of claims 9 & 10 as proposed amended claim 1. 
Reasons of allowance: what is missing from the prior art is executing zero-knowledge proof event by a corresponding graph’s structure and resource availability where request from a verifier computer consist of identifying a selected zero-knowledge proof event from the graph’s edge-label identifying security alert which is used as input for execution of the particular proof.
Thus the prior art, when considered individually and in combination, do not teach or suggest the subject matter as recited by 1, 13 and 20, and thereby claims 1, 13 and 20, are 

Claim Rejections - 35 USC § 103
The following is a quotation of AIA  35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 5, 6, 11-17 & 20 are rejected under AIA  35 U.S.C. 103 as being unpatentable over LINDELL; Yehuda, Pat. No.: US 10,447,475 B1 in view of BROWN; Nigel Derek, Pub. No.: US 2019/0379684 A1 and further in view of MACE; Timothy Charles et al., Pub. No.: US 2019/0073225 A1.

Regarding Claim 1, LINDELL discloses a hardware security module {col. 1 lines 24-26, “The cold-backup private key can be stored in disconnected Hardware Security Modules (HSMs) stored at different locations”} for executing zero-knowledge proofs, the module comprising circuitry comprising:
a plurality of computational engines for executing respective primitive operations of the zero-knowledge proofs {col. 1 lines 61-66, “each of the multiple computerized nodes is configured to encrypt the share of the cryptographic key stored in the computerized node and to generate a zero-knowledge proof using a set of predefined instructions, and a processing module electrically coupled to the multiple computerized nodes.” ... col. 5 lines 19-21, “The processing module 310 may be a component in any electrical device having a communication module, a memory and a processor”. Examiner’s node: each nodes has its computation modules for operation such as encrypting a segment of cryptographic key};
LINDELL, however, does not explicitly disclose
memory storing a plurality of data-flow graphs each of which defines computational functionality of a respective one of said … [validations] and comprises a set of nodes, each representing a said primitive operation, interconnected by edges representing input/output data of nodes, wherein at least edges which represent security-sensitive data are indicated by edge-labels in said graphs;
a set of registers, comprising at least a subset of secure registers, for storing data during execution of a respective one of said … [validations]; and
a processor configured to control execution, using said engines, of … [validations]  defined by the set of dataflow graphs such that data corresponding to a security-sensitive edge in a graph is stored in a said secure register during execution.
In an analogous reference BROWN discloses
memory storing {[0074], “A system implementation of the technology disclosed includes one or more processors coupled to memory. The memory is loaded with computer instructions to reduce clutter during graph presentation for security incident analysis of a computer network”} a plurality of data-flow graphs each of which defines computational functionality of a respective one of said … [validations] and comprises a set of nodes, each representing a said primitive operation, interconnected by edges representing input/output data of nodes, wherein at least edges which represent security-sensitive data are indicated by edge-labels in said graphs {FIG. 5B & [0056], “a node 512 has a higher score of 3 than other nodes in the same group 511 of equivalent nodes. The reason for high score of node 512 is a security alert incident associated with the node and represented by a label of edge 523 that connects the node 512 to node 525. This alert can be received from the logs of one of the security systems deployed to protect the enterprise network and can represent an anomaly detected by the security system. For example, if node 512 represents a user endpoint and node 525 represents a server, the alert label for edge 523 can be generated because of unusual number of authentication failures”. Examiner’s note: FIG. 5 representing a data-flow graph with data flow between node groups 511, 518, 531 and so forth};
… to a security-sensitive edge {FIG. 5B & [0056] (see cited text above)} …
In an analogous reference MACE discloses
a set of registers, comprising at least a subset of secure registers, for storing data during execution of a respective one of said … [validations] {[0087], “a subset of the register banks is compared. The subset can include comparing each instruction's result after it is stored and before it is committed to the verified, architectural registers. Many architectural registers can exist, and therefore it may be more efficient to compare every result stored in one register after every cycle or instruction completion rather than waiting to gather many results and compare many registers at a less frequent interval”}; and
a processor configured to control execution, using said engines, of … [validations]  defined by the set of dataflow graphs such that data corresponding … in a graph is stored in a said secure register during execution {[0099], “The instructions and data 1220 may be stored in a database, … flow graphs. The instructions can include instructions for fault detecting and fault tolerant multi-threaded processors, where the processors can include processing elements in a reconfigurable fabric}.
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify LINDELL’s technique of ‘using a hardware security device for zero-knowledge proof computations of cryptographic operations’ for ‘graph based data flow representation where edge labels are used to identify security events’, as taught by BROWN, and a technique of ‘using hardware registers to save data computed by hardware processors’ in order to compute data processing, as taught by MACE. The motivation is related to graph presentation for security incident analysis. Security analysts use log data generated by security and operations systems to identify and protect enterprise networks against cybersecurity threats. This graph base technique eliminates difficulty for an analyst to go through these logs and identify the alerts that need immediate attention.
All references are inventions in analogous area but each invention teaches specific claimed limitation specifically and other references mutually cure each other’s deficiencies. When all claimed techniques are combined they teach claimed invention. The Examiner notes 

Regarding Claim 2, LINDELL as modified by BROWN and further modified by MACE discloses all the features of claim 1. The combination further discloses
wherein nodes of said graphs have associated node-labels indicating respective security-relevant properties of the primitive operations represented by those nodes {BROWN: FIG. 5B & [0056], “a node 512 has a higher score of 3 than other nodes in the same group 511 of equivalent nodes. The reason for high score of node 512 is a security alert incident associated with the node and represented by a label of edge 523 that connects the node 512 to node 525. This alert can be received from the logs of one of the security systems deployed to protect the enterprise network and can represent an anomaly detected by the security system. For example, if node 512 represents a user endpoint and node 525 represents a server, the alert label for edge 523 can be generated because of unusual number of authentication failures”. Examiner’s note: FIG. 5 representing a data-flow graph with data flow between node groups 511, 518, 531 and so forth}.

Regarding Claim 3, LINDELL as modified by BROWN and further modified by MACE discloses all the features of claims 2 & 1. The combination further discloses
nodes representing primitive operations which process security-sensitive data are indicated by node-labels in said graphs {BROWN: [0056], “The reason for high score of node 512 is a security alert incident associated with the node and represented by a label of edge 523 that connects the node 512 to node 525”};
said plurality of computational engines comprise at least a subset of secure engines {LINDELL: col. 1 lines 61-66, “each of the multiple computerized nodes is configured to encrypt the share of the cryptographic key stored in the computerized node and to generate a zero-knowledge proof using a set of predefined instructions, and a processing module electrically coupled to the multiple computerized nodes.” … col. 5 lines 19-21, “The processing module 310 may be a component in any electrical device having a communication module, a memory and a processor”. Examiner’s node: each nodes has its computation modules for operation such as encrypting a segment of cryptographic key}; and
said processor is configured such that the primitive operation corresponding to a node which processes security-sensitive data in a graph is executed by a said secure engine {LINDELL: col. 1 lines 24-26, “The cold-backup private key can be stored in disconnected Hardware Security Modules (HSMs) stored at different locations”}.

Regarding Claim 5, LINDELL as modified by BROWN and further modified by MACE discloses all the features of claim 1. The combination further discloses
edges which represent security-sensitive data have associated edge-labels in said graphs {BROWN: [0056], “The reason for high score of node 512 is a security alert incident associated with the node and represented by a label of edge 523 that connects the node 512 to node 525”}; and
edges which represent public data have associated edge-labels in said graphs {BROWN: [0033], “The technology disclosed can be used in other contexts and can include collection of data from a variety of data sources, beyond the example operations performed by users visiting the Internet-based services 117. Examiner’s note: when public data may represent security events and are labeled for further processing}.

Regarding Claim 6, LINDELL as modified by BROWN and further modified by MACE discloses all the features of claim 1. The combination further discloses
… proof  {LINDELL: col. 1 lines 61-64, “each of the multiple computerized nodes is configured to encrypt the share of the cryptographic key stored in the computerized node and to generate a zero-knowledge proof using a set of predefined instructions, and a processing module electrically coupled to the multiple computerized nodes”}…
wherein edges which represent … [validations] specific constants have associated edge-labels in said graphs {BROWN: FIG. 5B & [0056], “a node 512 has a higher score of 3 than other nodes in the same group 511 of equivalent nodes. The reason for high score of node 512 is a security alert incident associated with the node and represented by a label of edge 523 that connects the node 512 to node 525}.

Regarding Claim 11, LINDELL as modified by BROWN and further modified by MACE discloses all the features of claim 1. The combination further discloses
wherein a said computational engine comprises an application-specific integrated circuit {MACE: [0072], “A processor may be … dedicated processor, such as a CPU, GPU, System-on-chip, state machine, media processor, an application-specific integrated circuit (ASIC)”}.

Regarding Claim 12, LINDELL as modified by BROWN and further modified by MACE discloses all the features of claim 1. The combination further discloses
wherein said processor comprises an application specific instruction set processor {MACE: [0072], “A processor may be … dedicated processor, such as a CPU, GPU, System-on-chip, state machine, media processor, an application-specific integrated circuit (ASIC), a programmable logic array, a field-programmable gate array (FPGA), physics processing units (PPUs), radio processing units (RPUs), digital signal processors (DSPs), general purpose processors (e.g. a general purpose GPU), microprocessors, any processing unit which is designed to accelerate tasks outside of a CPU”}.

Regarding claim 13, claim 13 is claim to a method using the security module of claim 1. Therefore, claim 13 is rejected for the reasons set forth for claim 1.

Regarding claim 14, claim 14 is a dependent claim of claim 13, claim 14 is claim to method using the security module of claim 2. Therefore, claim 14 is rejected for the reasons set forth for claim 2.

Regarding claim 15, claim 15 is a dependent claim of claims 14 & 13, claim 15 is claim to method using the security module of claim 3. Therefore, claim 15 is rejected for the reasons set forth for claim 3.

Regarding claim 16, claim 16 is a dependent claim of claim 13, claim 16 is claim to method using the security module of claim 5. Therefore, claim 16 is rejected for the reasons set forth for claim 5.

Regarding claim 17, claim 17 is a dependent claim of claim 13, claim 17 is claim to method using the security module of claim 6. Therefore, claim 17 is rejected for the reasons set forth for claim 6.

Regarding claim 20, claim 20 is claim to a computer program product using the security module of claim 1. Therefore, claim 20 is rejected for the reasons set forth for claim 1. LINDELL further discloses
said computer program product comprising a computer readable storage medium having program instructions embodied therein, the program instructions being executable by computing apparatus to cause the computing apparatus {col. 4 lines 2-6, “The processing module also comprises a memory unit configured to store a set of instructions to be executed by the processing module and the messages received from the multiple computerized nodes”} to:

LINDELL; Yehuda, Pat. No.: US 10,447,475 B1 in view of BROWN; Nigel Derek, Pub. No.: US 2019/0379684 A1 and further in view of MACE; Timothy Charles et al., Pub. No.: US 2019/0073225 A1 and MAINIERI; Ronnie et al., Pub. No.: US 2016/0164901 A1.

Regarding Claim 4, LINDELL as modified by BROWN and further modified by MACE discloses all the features of claims 4, 3, 2 & 1. The combination further discloses
… proof  {LINDELL: col. 1 lines 61-64, “each of the multiple computerized nodes is configured to encrypt the share of the cryptographic key stored in the computerized node and to generate a zero-knowledge proof using a set of predefined instructions, and a processing module electrically coupled to the multiple computerized nodes”}…
to identify, for each graph, a … [part] defining a portion of a corresponding … [validations] which processes all security-sensitive data in that … [validations] {BROWN: FIG. 5B & [0056], “a node 512 has a higher score of 3 than other nodes in the same group 511 of equivalent nodes. The reason for high score of node 512 is a security alert incident associated with the node and represented by a label of edge 523 that connects the node 512 to node 525. This alert can be received from the logs of one of the security systems deployed to protect the enterprise network and can represent an anomaly detected by the security system. For example, if node 512 represents a user endpoint and node 525 represents a server, the alert label for edge 523 can be generated because of unusual number of authentication failures”. Examiner’s note: FIG. 5 representing a data-flow graph with data flow between node groups 511, 518, 531 and so forth}; and

… subgraph …
to control execution of that corresponding … [validations] such that at least said portion of the corresponding … [validations]  is executed in the hardware security module and any remaining portion of the corresponding proof is executed by a host computer operatively-coupled to the module.
 In an analogous reference MAINIERI discloses
… subgraph {ABS., “A method for encoding computer processes for malicious program detection.” … Fig. 3 & [0105], “form a graph with process dots as nodes connected by edges when they are similar; identify nodes with sufficient degree and curvature; induce the sub-graph consisting only of nodes identified as having high curvature from and edges that connect pairs of such vertices; find community clusters within the sub-graph; and compare the clusters as sets of nodes”} …
to control execution of that corresponding … [validations] such that at least said portion of the corresponding … [validations] is executed in the hardware security module and any remaining portion of the corresponding … [validations] is executed by a host computer operatively-coupled to the module {[0006], “As may be appreciated, a computer, in this case, is any collection of CPUs that can share threads of execution, memory, and data.” … [0063], “Programs executing in computers using a modern operating system rely on system calls to interact with the hardware. The operating system abstracts the hardware for the programmer through layers of libraries. These libraries are often designed to execute in a special, hardware enforced, security mode called kernel mode, to be distinguished from the user mode”}.
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to further modify LINDELL’s technique (as modified by BROWN & MACE) of ‘using a hardware security device for zero-knowledge proof computations of cryptographic operations and a graph based data flow representation where edge labels are used to identify security events’ for ‘distributing processing among processors guided by sub-graphs’ by MAINIERI, to improve performance of computation results to identify malicious content. The motivation is efficient and timely malware detection where any collection of CPUs that can share threads of execution, memory, and data.
All references are inventions in analogous area but each invention teaches specific claimed limitation specifically and other references mutually cure each other’s deficiencies. When all claimed techniques are combined they teach claimed invention. The Examiner notes that this motivation applies to all dependent and/or otherwise subsequently addressed claims unless addressed separately. 

Claims 7 & 18 are rejected under AIA  35 U.S.C. 103 as being unpatentable over LINDELL; Yehuda, Pat. No.: US 10,447,475 B1 in view of BROWN; Nigel Derek, Pub. No.: US 2019/0379684 A1 and further in view of MACE; Timothy Charles et al., Pub. No.: US 2019/0073225 A1 and REDDY; Ashok et al., Pub. No.: US 2019/0303623 A1.

Regarding Claim 7, LINDELL as modified by BROWN and further modified by MACE discloses all the features of claim 1. 
However, the combination does not explicitly disclose
wherein said memory stores a graph list containing, for each graph, a graph identifier comprising a hash value generated from that graph.
 In an analogous reference REDDY discloses
wherein said memory stores a graph list containing, for each graph, a graph identifier comprising a hash value generated from that graph {[0100], “nodes of the directed acyclic graph of cryptographic hash pointers may include as node content a node identifier (e.g., an address in the graph) that distinguishes a node from other nodes of the graph, identifiers or one or more other nodes of the graph to which a cryptographic hash pointer of that node points, and an associated cryptographic hash values based on node content of those other identified nodes to which the cryptographic hash pointers point (in some cases, the pointing is from one and only one node to one and only one node for adjacent nodes)”}.
 Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to further modify LINDELL’s technique (as modified by BROWN & MACE) of ‘using a hardware security device for zero-knowledge proof computations of cryptographic operations and a graph based data flow representation where edge labels are used to identify security events’ where ‘a technique of using hash for identification of graph and node identifiers’ by REDDY, to identify a node for further processing. The motivation is secured method for identifying graphs using hashing for example by MD5. This allows fast graph equality comparisons and can also be used to facilitate graph isomorphism testing. The 
All references are inventions in analogous area but each invention teaches specific claimed limitation specifically and other references mutually cure each other’s deficiencies. When all claimed techniques are combined they teach claimed invention. The Examiner notes that this motivation applies to all dependent and/or otherwise subsequently addressed claims unless addressed separately. 

Regarding Claim 18, LINDELL as modified by BROWN and further modified by MACE discloses all the features of claim 1. The combination further discloses
storing the … [data] in said memory of the hardware security module {LINDELL: col. 1 lines 21-26, “This backup can be achieved by generating a cold-backup public/private key-pair and then encrypting the digital signing private key using the cold backup public key. The cold-backup private key can be stored in disconnected Hardware Security Modules (HSMs) stored at different locations around”}.
However, the combination does not explicitly disclose
producing a graph list containing, for each graph, a graph identifier comprising a hash value generated from that graph; and
In an analogous reference REDDY discloses
producing a graph list containing, for each graph, a graph identifier comprising a hash value generated from that graph {[0100], “nodes of the directed acyclic graph of cryptographic hash pointers may include as node content a node identifier (e.g., an address in the graph) that distinguishes a node from other nodes of the graph, identifiers or one or more other nodes of the graph to which a cryptographic hash pointer of that node points, and an associated cryptographic hash values based on node content of those other identified nodes to which the cryptographic hash pointers point (in some cases, the pointing is from one and only one node to one and only one node for adjacent nodes)”}; and

Claims 8 & 19 are rejected under AIA  35 U.S.C. 103 as being unpatentable over LINDELL; Yehuda, Pat. No.: US 10,447,475 B1 in view of BROWN; Nigel Derek, Pub. No.: US 2019/0379684 A1 and further in view of MACE; Timothy Charles et al., Pub. No.: US 2019/0073225 A1, REDDY; Ashok et al., Pub. No.: US 2019/0303623 A1 and YU; Haifeng et al., Pub. No.: US 2020/0178286 A1.

Regarding Claim 8, LINDELL as modified by BROWN and further modified by MACE discloses all the features of claim 1. The combination further discloses
… proof  {LINDELL: col. 1 lines 61-64, “each of the multiple computerized nodes is configured to encrypt the share of the cryptographic key stored in the computerized node and to generate a zero-knowledge proof using a set of predefined instructions, and a processing module electrically coupled to the multiple computerized nodes”}…
However, the combination does not explicitly disclose
a graph list containing, for each graph, a graph identifier comprising a hash value generated from that graph; and
a configuration list containing, for each graph, at least one configuration identifier comprising a hash value generated from said … [validations] specific constants for a … [validations] whose  computational functionality is defined by that graph. 
In an analogous reference REDDY discloses
a graph list containing, for each graph, a graph identifier comprising a hash value generated from that graph {[0100], “nodes of the directed acyclic graph of cryptographic hash pointers may include as node content a node identifier (e.g., an address in the graph) that distinguishes a node from other nodes of the graph, identifiers or one or more other nodes of the graph to which a cryptographic hash pointer of that node points, and an associated cryptographic hash values based on node content of those other identified nodes to which the cryptographic hash pointers point (in some cases, the pointing is from one and only one node to one and only one node for adjacent nodes)”}; and
In an analogous reference YU discloses
a configuration list containing, for each graph, at least one configuration identifier comprising a hash value generated from said … [validations] specific constants for a … [validations] whose computational functionality is defined by that graph {[0134], “There may be one or more corresponding scheduling resource configurations, and a form of representation may be a scheduling resource configuration set or a scheduling resource configuration list. The scheduling resource configuration set or the scheduling resource configuration list includes a scheduling resource configuration identifier”}. 
and to ‘identify a configuration among available configuration list by configuration identifier’ by YU, to identify a node for further processing. The motivation is secured method for identifying graphs using hashing for example by MD5. This allows fast graph equality comparisons and can also be used to facilitate graph isomorphism testing. The graphs can be labeled or unlabeled.
All references are inventions in analogous area but each invention teaches specific claimed limitation specifically and other references mutually cure each other’s deficiencies. When all claimed techniques are combined they teach claimed invention. The Examiner notes that this motivation applies to all dependent and/or otherwise subsequently addressed claims unless addressed separately. 

Regarding Claim 19, LINDELL as modified by BROWN and further modified by MACE discloses all the features of claims 17 & 13. The combination further discloses
storing the … [data] and the configuration list in said memory of the hardware security module {LINDELL: col. 1 lines 21-26, “This backup can be achieved by generating a cold-backup public/private key-pair and then encrypting the digital signing private key using the cold backup public key. The cold-backup private key can be stored in disconnected Hardware Security Modules (HSMs) stored at different locations around”}. 
… proof {LINDELL: col. 1 lines 61-64, “each of the multiple computerized nodes is configured to encrypt the share of the cryptographic key stored in the computerized node and to generate a zero-knowledge proof using a set of predefined instructions, and a processing module electrically coupled to the multiple computerized nodes”}…
However, the combination does not explicitly disclose
producing a configuration list containing, for each graph, at least one configuration identifier comprising a hash value generated from said … [validation] specific constants for a … [validation]  whose computational functionality is defined by that graph; and
In an analogous reference YU discloses
producing a configuration list containing, for each graph, at least one configuration identifier comprising a hash value generated from said … [validation] specific constants for a … [validation] whose computational functionality is defined by that graph {[0134], “There may be one or more corresponding scheduling resource configurations, and a form of representation may be a scheduling resource configuration set or a scheduling resource configuration list. The scheduling resource configuration set or the scheduling resource configuration list includes a scheduling resource configuration identifier”}; and

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to QUAZI FAROOQUI whose telephone number is (571) 270-1034. 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-flee). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/QUAZI FAROOQUI/
Examiner, Art Unit 2491