DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
Applicant’s amendment filed 3/5/2021 has been entered.  Applicant’s amendment to the specification and claims have overcome each and every objection in the Non-Final Office Action mailed 12/7/2020.  Claims 5 and 15 were amended.  Claims 1-15 are presented for examination.

Information Disclosure Statement 
The information disclosure statement (IDS) submitted on 1/5/2021 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Response to Arguments
Applicant's arguments filed 3/5/2021 have been fully considered but they are not persuasive. 
On page 10, middle ¶, Applicant argues that Ford makes no distinction between edge nodes and management nodes.  Examiner respectfully disagrees.  Ford teaches devices may be full nodes or watching nodes (Ford [0060] In embodiments, the devices may be full nodes of the peer-to-peer network in which they perform mining processes, or they may be watching nodes that perform limited functions, embodiments of which are described herein.).  Thus Ford teaches at least two types of devices.  Full nodes map to management devices.  Watching nodes map to edge devices with limited functions (devices without the privilege of writing to the block chain).  Ford illustrates this in Fig 7 which 
On page 11 ¶2, Applicant argues “nothing in Ford [0104] indicates a respective state of each of the one or more edge nodes.”  Examiner respectfully disagrees.  Ford teaches the devices execute the command and publish a completion message.  The state information of a respective edge node is provided by the completion message.  The edge node is in the completed state (Ford, [0105] In embodiments, the execution of the command may be all that the device or devices are requested to do. Alternatively, in embodiments, the executing device or devices may publish (745) a completion message for inclusion (750) in a block in the block chain.)  The claim specifies that the block chain is only writable by a management node.  Once the completion message is added to the block chain (see Fig 7. Step 750) the edge node state is part of the block chain.  Thus Ford teaches executing the command (see Fig 7. Step 740 and [0104]) and providing the state information.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


Claims 1-2, 9-10 and 14-15 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Ford (2016/0261690).

Regarding claim 1, Ford teaches
a system, comprising: 
one or more edge nodes, outside a private network, each permitted to read but not write to a distributed ledger of a blockchain network; (Ford, [0038] In embodiments, a secure distributed transactional ledger, which is a publicly readable data structure that is maintained by a large number of distributed, separately owned, and administered computers, may be used to communicate configuration and management messages to devices.  [0060] Returning to FIG. 1, one or more information handling systems, such as a computer 115, mobile phone 120, tablet 125, smart package 130, or server 135 may be configured to connect to the distributed peer network 105 to receive a message or messages according to embodiments of the present invention. In embodiments, the devices may be full nodes of the peer-to-peer network in which they perform mining processes, or they may be watching nodes that perform limited functions, embodiments of which are described herein.  EN: Fig 7 in Ford shows the message flow, Nodes in network 105 read on management nodes, edge devices e.g. 115 read on edge nodes)
a management node, within the private network and communicably coupled to the one or more edge nodes, permitted to both read and write to the distributed ledger, the management node programmed to: (Ford, [0042] FIG. 1 depicts an embodiment of a distributed peer-to-peer network 105, which comprises a plurality of nodes 110-1 through 110-n (which may be referred to herein individually or collectively (depending upon context) as 110-x) and may be implemented by a plurality of information handling systems.)
obtain a change request to be transmitted to at least a first edge node among the one or more edge nodes, the change request specifying one or more management operations; (Ford, [0061] As previously mentioned, an area of particular applicability of the present 
generate a first ledger block that includes a payload comprising the change request; (Ford, [0065] In embodiments, the block chain 205 may be used to receive messages from or send messages to a device or devices using the block chain.)
add the first ledger block to the distributed ledger, a copy of which is stored at each of the one or more edge nodes; (Ford, [0103] FIG. 7 depicts an exemplary command execution methodology according to embodiments of the present invention. In embodiments, an entity or provider 715 publishes (720) a command message for inclusion (725) in a block in the block chain. [0104] In embodiments, the device or devices that have been configured to monitor for command messages retrieve (730) the block chain and identify the command message in the block chain.)
obtain, from each of the one or more edge nodes, a blockchain transaction that indicates a respective state of each of the one or more edge nodes after each of the one or more edge nodes has responded to the change request; and (Ford, [0104] In embodiments, a receiving device may verify the authenticity of the command message (like as discussed above). Responsive to the command message being valid, the device or devices execute (735) the command or commands in the command message.)
generate a second ledger block that includes a second payload comprising the respective state of each of the one or more edge nodes obtained from the blockchain transaction; and 
add the second ledger block to the distributed ledger (Ford, [0105] In embodiments, the execution of the command may be all that the device or devices are requested to do. Alternatively, in embodiments, the executing device or devices may publish (745) a completion message for inclusion (750) in a block in the block chain. In embodiments, the provider/entity may later retrieve (755) the block chain and extract the completion message from the block chain. In embodiments, the completion message may include the results of the executed command, a link to the results data, a confirmation that the command or commands were executed, or the like.)

Regarding claim 2, Ford teaches
the system of claim 1, further comprising: 
the first edge node, the first edge node programmed to: 
obtain the first ledger block from a first copy of the blockchain ledger stored at the first edge node;  (Ford, [0104] In embodiments, the device or devices that have been configured to monitor for command messages retrieve (730) the block chain and identify the command message in the block chain.)
read the change request from the first ledger block; (Ford, [0065] In embodiments, the block chain 205 may be used to receive messages from or send messages to a device or devices using the block chain.)
obtain a first policy for the first edge node; (Ford, [0086] It shall be noted any one or more of the messages may be authenticated or verified by the recipient.  EN: Ford’s policy may authenticate messages [0090] In embodiments, the device obtains (325) the credentials of a user attempting to communicate with the device. The recipient device uses those credentials, and data it extracts from the 
determine that the first policy permits implementation of the change request; (Ford, [0091] In embodiments, if the authentication is successful (425), one or more additional methods may be performed (430) depending upon the nature of the device and the message instructions.)
implement the change request; (Ford, [0093] In embodiments, following authenticated, the device obtains (505) the configuration-related instructions or execution instructions from the block chain.)
generate a first blockchain transaction that indicates the change request has been implemented at the first edge node; and (Ford, [0094] In embodiments, the device may send a response message to the provider/message sender, to a third party, or both. In embodiments, the response message may indicate whether the instructions were successfully executed, may indicate issues related to the execution of the instructions, may indicate successful completion of the configuration, may indicate issues related to the configuration, or other data.)
broadcast the first blockchain transaction to the blockchain network (Ford [0083] In embodiments, a provider 315 retrieves the block chain and identifies (336) whether there is a message in block chain that is relevant to it. Responsive to identifying the procurement message directed to the provider, in embodiments, the provider 315 publishes (326) a configuration message, which is added (340) to the block chain by one or more nodes in the peer-to-peer network.)

Claims 9 and 10 are method claims for the system claims 1 and 2 and are rejected for the same reasons as claims 1 and 2.

.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 3 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Ford (2016/0261690) in view of Harrer (2019/0182231).

Regarding claim 3, Ford teaches
the system of claim 2, wherein to obtain, from each of the one or more edge nodes, a blockchain transaction, the management node is programmed to: 
obtain the blockchain transaction through … the private network (Ford, [0105] In embodiments, the execution of the command may be all that the device or devices are requested to do. Alternatively, in embodiments, the executing device or devices may publish (745) a completion message for inclusion (750) in a block in the block chain. In embodiments, the provider/entity may later retrieve (755) the block chain and extract the completion message from the block chain. In embodiments, the completion message may include the results of the executed command, a link to the results data, a confirmation that the command or commands were executed, or the like.)   
a firewall that protects.
However Harrer teaches a firewall that protects (Harrer, [0060] In an embodiment of the present invention, service provider domain 156 and enterprise computing domain 152 secure access arrangements. These environments or domains use blockchain as a secure means for the service provider domain 156 and the enterprise computing domain 152 to record and facilitate execution of the agreement for the service provider 156 to access the secure enterprise computing domain 152 through the enterprise firewall 162. 
[0061] Via the blockchain, the enterprise computing domain 152 provides the service provider domain 156 with a secure token T to be added to the IP packet traffic being sent by the service provider domain 156 to the enterprise computing domain 152. 
[0062] The security agreement within the blockchain triggers a port 176 of the firewall 162 to be opened at an agreed time.  EN: see Fig.3 for location of firewall 162)
	It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Harrer’s firewall with Ford’s edge node (device) management because doing so provides security (securely accessing) (Harrer, [0011] According to another embodiment of the present invention, a computer program product for securely accessing a secure enterprise computing environment is disclosed. The secure enterprise computing environment comprising a shared repository connected to a network through a firewall by a service provider environment comprising a shared repository.)

Claim 11 is a method claim for the system claim 3 and is rejected for the same reasons as claim 3.

Claims 4 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Ford (2016/0261690) in view of Venkata (2016/0087854) in view of Zessin (2018/0157688).

Regarding claim 4, Ford teaches
the system of claim 2, the system further comprising: 
at least a second edge node from among the one or more edge nodes, the second edge node programmed to: 
obtain a current copy of the distributed ledger from at least one of the one or more edge nodes or from the management node; 
configure the second edge node … of the blockchain network (Ford, [0105] In embodiments, the execution of the command may be all that the device or devices are requested to do. Alternatively, in embodiments, the executing device or devices may publish (745) a completion message for inclusion (750) in a block in the block chain. In embodiments, the provider/entity may later retrieve (755) the block chain and extract the completion message from the block chain. In embodiments, the completion message may include the results of the executed command, a link to the results data, a confirmation that the command or commands were executed, or the like.) 
Ford does not teach obtain a current state of the blockchain network.
However Venkata teaches obtain a current state of the … network (Venkata, [0068] Upon identifying a change event, device access management system 120 can identify a type of change event. The type of change event can be determined based on information about a change event accessed from change events data store 164 device access management system 120. Examples of types of change events may include, without limitation, a policy change, an application change, and a settings change. Other examples of types of change events may include, without limitation, a change in access to resources on a remote device in the secure container application executing on the remote device and a 
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Venkata’s device event management with Ford’s device management because doing so improves change event processing and communication (Venkata, [0040] More particularly, techniques are disclosed for communicating to remote devices information about events related to changes in access to the enterprise system. Access to an enterprise system may include access to resources and/or actions in a secure environment of a remote device that provides access to the enterprise system. A device access management system may be implemented to facilitate communication with remote devices that access an enterprise system.) 
Ford does not teach determine that an event at the second edge node has occurred; 
However Zessin teaches determine that an event at the second edge node has occurred;  (Zessin [0023] Monitor 426 may provide the functionality associated with device 400 being able to detect any changes to any algorithms that device 400 may be processing.) configure the second edge node based on the current state … trigger a synchronization with a current state of the blockchain network; (Zessin [0023] Updater 428 may provide the functionality associated with performing any updates needed for the algorithms, for example algorithms 422, that are being processed by device 400)
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Zessin’s device management with Ford’s device 

Claim 12 is a method claim for the system claim 4 and is rejected for the same reasons as claim 4.

Claims 5 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Ford (2016/0261690) in view of Kumar (US 10,057,243).

Regarding claim 5, Ford teaches
the system of claim 2, wherein the management node and the first edge node are each programmed to: 
Ford does not teach enroll with the blockchain network to participate in decentralized management of the one or more edge nodes.
However Kumar teaches enroll with the blockchain network to participate in decentralized management of the one or more edge nodes (Kumar, Col 3, lines 30-31, Device enrollment is required to add (or join) a device to a permissioned domain and blockchain.  Col 5, lines 43-47, An exemplary embodiment of the present disclosure provides a method of endpoint device 101 enrollment using a discovery service on a gateway device as a blockchain application and an enrollment service in the network as a blockchain network peer. The method includes sending, by the discovery service, an enrollment request for the endpoint device to the enrollment service in a network.)
 to have applied Kumar’s device enrollment to Ford’s device management because doing so improves secure updates (Kumar, Col 4, lines 56-61, The disclosed method for device identification for enrollment and registration, and secure updates is applicable to non-IP and IP endpoint devices and IP gateway devices. In industry parlance, endpoint devices may also be referred to as edge devices or sensors, and gateway devices may also be referred to as core devices.)

Claim 13 is a method claim for the system claim 5 and is rejected for the same reasons as claim 5.

Claims 6-8 are rejected under 35 U.S.C. 103 as being unpatentable over Ford (2016/0261690) in view of Venkata (2016/0087854).

Regarding claim 6, Ford teaches
the system of claim 1, wherein the management node is further programmed to: 
blockchain network based on the distributed ledger; (Ford, [0065] In embodiments, the block chain 205 may be used to receive messages from or send messages to a device or devices using the block chain. [0061] As previously mentioned, an area of particular applicability of the present invention is for transmitting configurations, management instructions, and/or commands for large numbers of computing devices. It is useful to communicate with the devices via a secure distributed transaction ledger)
	Ford does not teach obtain a current state of the blockchain network.
However Venkata teaches obtain a current state of the … network (Venkata, [0068] Upon identifying a change event, device access management system 120 can identify a type of change event. 
obtain a global policy that specifies a desired state; and 
determine that the current state does not comply with the desired state (Venkata [0066] Access to enterprise computer system 150 using remote devices 108 can be managed using one or more policies. Policies may be stored in and accessed from policy store 170 in data stores 160. Examples of policies may include, without limitation, enrollment policies, compliance policies, workspace policies, and device policies. Policies may be defined by an administrator of enterprise system. Device access management system 120 may determine whether remote devices 108 are compliant with policies, which defines their access to enterprise computer system 150. In some embodiments, device access management system 120 can perform remedial actions to adjust access for a remote device based on a policy. Device access management system 120 may communicate instructions to a remote device to instruct the remote device to take remedial action in response to compliance according to a policy. Notifications can be sent 
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Venkata’s device event management with Ford’s device management because doing so improves change event processing and communication (Venkata, [0040] More particularly, techniques are disclosed for communicating to remote devices information about events related to changes in access to the enterprise system. Access to an enterprise system may include access to resources and/or actions in a secure environment of a remote device that provides access to the enterprise system. A device access management system may be implemented to facilitate communication with remote devices that access an enterprise system.) 

Regarding claim 7, Ford and Venkata teach
the system of claim 6, wherein the management node is further programmed to: 
determine that at least a first edge node from among the one or more edge nodes is in non-compliance with the desired state (Venkata [0066] Access to enterprise computer system 150 using remote devices 108 can be managed using one or more policies. Policies may be stored in and accessed from policy store 170 in data stores 160. Examples of policies may include, without limitation, enrollment policies, compliance policies, workspace policies, and device policies. Policies may be defined by an administrator of enterprise system. Device access management system 120 may determine whether remote devices 108 are compliant with policies, which defines their access to enterprise computer system 150. In some embodiments, device access management system 120 can perform remedial actions to adjust access for a remote device based on a policy. Device access management system 120 may communicate instructions to a remote device to instruct the remote device to take remedial action in response to compliance according to a policy. Notifications can be sent to remote inform them of compliance and/or non-compliance with a policy and a time period for compliance.)

Regarding claim 8, Ford and Venkata teach
the system of claim 7, wherein management node is further programmed to: 
generate a second change request that targets the first edge node to bring the first edge node into compliance with the global policy (Venkata [0066] Access to enterprise computer system 150 using remote devices 108 can be managed using one or more policies. Policies may be stored in and accessed from policy store 170 in data stores 160. Examples of policies may include, without limitation, enrollment policies, compliance policies, workspace policies, and device policies. Policies may be defined by an administrator of enterprise system. Device access management system 120 may determine whether remote devices 108 are compliant with policies, which defines their access to enterprise computer system 150. In some embodiments, device access management system 120 can perform remedial actions to adjust access for a remote device based on a policy. Device access management system 120 may communicate instructions to a remote device to instruct the remote device to take remedial action in response to compliance according to a policy. Notifications can be sent to remote devices 108 to inform them of compliance and/or non-compliance with a policy and a time period for compliance.)

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRUCE S ASHLEY whose telephone number is (571)270-0315.  The examiner can normally be reached on 9-5 PDT.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jay Kim can be reached on 571-272-3804.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/BRUCE S ASHLEY/Examiner, Art Unit 2494                                                                                                                                                                                                        
/THEODORE C PARSONS/Primary Examiner, Art Unit 2494