DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The claims filed 07 February 2019 have been received and considered.
Claims 1-31 are pending.
This Action is Non-Final.

Election/Restrictions
Restriction to one of the following inventions is required under 35 U.S.C. 121:
I. Claims 1-30, drawn to providing secure updates, classified in G06F 21/57.
II. Claim 31, drawn to a secure naming system, classified in G06F 21/64.
The inventions are independent or distinct, each from the other because:
Inventions I. and II. are related as subcombinations disclosed as usable together in a single combination.  The subcombinations are distinct if they do not overlap in scope and are not obvious variants, and if it is shown that at least one subcombination is separately usable.  In the instant case, subcombination II. has separate utility such as providing a secure naming system for other types of software rather than the secure updates of subcombination I..  See MPEP § 806.05(d).
The examiner has required restriction between subcombinations usable together. Where applicant elects a subcombination and claims thereto are subsequently found allowable, any claim(s) depending from or otherwise requiring all the limitations of the allowable subcombination will be examined for patentability in accordance with 37 CFR 1.104.  See MPEP § 821.04(a).  Applicant is advised that if any claim presented in a continuation or divisional application is anticipated by, or includes all the limitations of, a claim that is allowable in the present application, such claim may be subject to 
Restriction for examination purposes as indicated is proper because all the inventions listed in this action are independent or distinct for the reasons given above and there would be a serious search and/or examination burden if restriction were not required because one or more of the following reasons apply:
the inventions have acquired a separate status in the art in view of their different classification
the inventions require a different field of search (e.g., searching different classes/subclasses or electronic resources, or employing different search strategies or search queries)..
Applicant is advised that the reply to this requirement to be complete must include (i) an election of a invention to be examined even though the requirement may be traversed (37 CFR 1.143) and (ii) identification of the claims encompassing the elected invention. 
The election of an invention may be made with or without traverse. To reserve a right to petition, the election must be made with traverse. If the reply does not distinctly and specifically point out supposed errors in the restriction requirement, the election shall be treated as an election without traverse. Traversal must be presented at the time of election in order to be considered timely. Failure to timely traverse the requirement will result in the loss of right to petition under 37 CFR 1.144. If claims are added after the election, applicant must indicate which of these claims are readable upon the elected invention.
Should applicant traverse on the ground that the inventions are not patentably distinct, applicant should submit evidence or identify such evidence now of record showing the inventions to be obvious variants or clearly admit on the record that this is the case. In either instance, if the examiner 
During a telephone conversation with Jeff Brill (Reg. No. 51,198) on 16 March 2021 a provisional election was made without traverse to prosecute the invention of group I., claims 1-30.  Affirmation of this election must be made by applicant in replying to this Office action.  Claim 31 withdrawn from further consideration by the examiner, 37 CFR 1.142(b), as being drawn to a non-elected invention.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-14 and 16-30 are rejected under 35 U.S.C. 103 as being unpatentable over High et al. (US 20180183606) in view of Assenmacher et al. (US 20200233950).
As per claims 1, 9, and 20, High et al. discloses a method of providing a secure update from a server to an end-point device comprising: registering, by a server, digital information, a public key, and a verifiable key derived from the digital information (see paragraphs [0034], [0037], and [0041]); 
transmitting, by the server, the verifiable key derived from the digital information to a publicly accessible transaction log, wherein the publicly accessible transaction log separately stores the verifiable 
providing, by the server, the digital information and the public key to an end- point device, wherein the end-point device retrieves the separately stored verifiable key derived from the digital information from the publicly accessible transaction log, and wherein the end-point device independently computes a separate verifiable key from the provided digital information, and wherein the end-point device determines whether the provided digital information has been compromised, by comparing the verifiable key derived from the digital information retrieved from the publicly accessible transaction log to the independently computed separate verifiable key from the retrieved digital information using the public key (see paragraphs [0031], [0037], and [0041]).
While High et al. teaches that the publically accessible transaction log contains blocks with identifiers, there lacks an explicit recitation of providing an identifier of the block which the end-point device uses to lookup the specific block used to verify the digital information.
However, Assenmacher et al. teaches providing an identifier of the block which the end-point device uses to lookup the specific block used to verify the digital information (see paragraphs [0044]-[0049] and [0058]-[0060]).
At a time before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to include the identifier of the block to be verified in the High et al. system.
Motivation to do so would have been that it simplifies the determination of the configuration block and may be advantageous for electronic devices with limited computing power (see Assenmacher et al. paragraph [0058]).
As per claims 2, 3, and 21, the modified High et al. and Assenmacher et al. system discloses the end-point device is an internet of things ("IoT") device, wherein the IoT device is one from a group consisting of: a smart thermostat, a smart vehicle, a smart speaker, a smart appliance, a smart security 
As per claims 4 and 22, the modified High et al. and Assenmacher et al. system discloses the publicly accessible transaction log is a blockchain (see High et al. paragraphs [0031]-[0032] and Assenmacher et al. paragraphs [0039]-[0041] and [0058]-[0060]).
As per claims 5, 6, and 23, the modified High et al. and Assenmacher et al. system discloses the blockchain is Bitcoin and/or Ethereum (see Assenmacher et al. paragraphs [0039]-[0041] and [0094]-[0101]).
As per claims 7 and 24, the modified High et al. and Assenmacher et al. system discloses the identifier of the block is a height of the block in the publicly accessible transaction log, the height of the block being relative to a reference block in the publicly accessible transaction log (see Assenmacher et al. paragraph [0047]).
As per claims 8 and 25, the modified High et al. and Assenmacher et al. system discloses the digital information further comprises a software update (see High et al. paragraph [0023]).
As per claims 10, 11 and 26, the modified High et al. and Assenmacher et al. system discloses the verifiable key derived from the digital information comprises a hash of the digital information, wherein the hash of the digital information is received or computed by the server from a remote computing device (see High et al. paragraphs [0037]-[0039]).
As per claims 12 and 27, the modified High et al. and Assenmacher et al. system discloses the determination of matches for the verifiable key and the digital information retrieved from the publically accessible transaction log (see High et al. paragraphs [0031], [0034] and [0041]), and generally teaches performing an action when there isn’t a match (see Assenmacher et al. paragraph [0088] discarding the information when there is no match), but fails to explicitly disclose determining based on this comparison that the data is compromised and in response performing a security action.  However, 
As per claims 13, 14, and 28, the modified High et al. and Assenmacher et al. system discloses the end-point device determines that the provided digital information has not been compromised, responsive to the verifiable key derived from the digital information retrieved from the publicly accessible transaction log matching the independently computed separate verifiable key from the retrieved digital information, and wherein the end-point device utilizes the digital information in response to the determination that the digital information has not been compromised, wherein the provided digital information comprises a software update for the end-point device and wherein utilizing the digital information comprises installing the software update on the end-point device (see High et al. paragraphs [0023], [0031], [0037], and [0041]).
As per claims 16-18, the modified High et al. and Assenmacher et al. system discloses registering, by the server, the digital information and the verifiable key derived from the digital information further comprises: inserting a first specific node in an index tree containing the digital information and the verifiable key derived from the digital information; registering, by the server, subsequent digital information corresponding to the digital information contained in the first specific node by inserting a second specific node in the index tree containing the subsequent digital information and a subsequent verifiable key derived from the subsequent digital information; and referencing the second specific node by an update reference of the first specific node in an update chain, further comprising: registering, by the server, subsequent digital information unrelated to the digital information contained in the first specific node by inserting a second specific node in the index tree containing the subsequent digital information and a subsequent verifiable key derived from the 
As per claim 19, the modified High et al. and Assenmacher et al. system discloses a tree structure (see High et al. paragraphs [0031]-[0032]), but fails to explicitly disclose it is a binary search tree.  However, Official Notice is taken that at a time before the effective filing date of the invention, it would have been obvious to use a binary search tree in the modified High et al. and Assenmacher et al. system as these are a common, well-known, and widely used tree structure.
As per claim 29, the modified High et al. and Assenmacher et al. system discloses a method of providing a secure update from a server to an end-point device comprising: receiving, by a server, a software package from a remote computing device; encoding the software package as a transaction in a first node of an index tree, the first node of the index tree spending an unspent transaction output from a previous node of the index tree (see High et al. paragraphs [0037]-[0039] and [0031]-[0032]); broadcasting the transaction to a publicly accessible blockchain, wherein the publicly accessible blockchain separately stores the transaction in a block identified by a height in the publicly accessible block chain; receiving at the server, the height identifying the block in the publicly accessible blockchain; updating the transaction stored in the first node of the index tree to include the height identifying the block in the publicly accessible blockchain; and providing the transaction to an end-point device, wherein the end-point device uses the height identifying the block in the publicly accessible blockchain to retrieve the separately stored transaction, and wherein the end-point device derives a hash of the software package included within the provided transaction, and wherein the Fend-point device determines whether the software package has been compromised by comparing the hash derived from the software package to a separate hash included as part of the separately stored transaction retrieved from the publicly accessible blockchain (see High et al. paragraphs [0031]-[0032], [0034]-[0041]; and Assenmacher et al. paragraphs [0044]-[0049]).
.
Claim 15 is rejected under 35 U.S.C. 103 as being unpatentable over the modified High et al. and Assenmacher et al. system as applied to claim 1 above, and further in view of Bathen et al. (US 20180176229).
As per claim 15, the modified High et al. and Assenmacher et al. system discloses the use of digital signatures for verifying the information (see High et al. paragraphs [0037]-[0041]), but fails to explicitly disclose the use of permission thresholds regarding the number of signatures required.
However, Bathen et al. teaches determining from the digital information, a permissions threshold associated with the digital information, the permissions threshold representing a quantity of signatures; and determining that the received signature satisfies the permissions threshold (see paragraphs [0030]-[0031]).
At a time before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to include the thresholds of Bathen et al. in the modified High et al. and Assenmacher et al. system.
Motivation, as recognized by one of ordinary skill in the art, to do so would have been to allow flexibility of verification by not requiring every signature to be verified.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: the remaining references put forth on the PTO-892 form are directed to secure software updates and blockchains.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL J PYZOCHA whose telephone number is (571)272-3875.  The examiner can normally be reached on Monday-Thursday 7:30am-5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Hadi Armouche can be reached on (571) 270-3618.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/Michael Pyzocha/Primary Examiner, Art Unit 2419