DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

1.  This Final Office Action is in response to amendment filed on 03/22/2021.
	Claim 1 has been amended. Claims 11-20 have been newly added. Claims 1-20 remain pending in the application.
Response to Amendment

The amendment filed 03/22/2021 has been entered. Claim 1 has been amended. Claims 1-20 remain pending in the application. 
Applicant amendment to the Specification have overcome the objections previously set forth in the Non-Final Office Action mailed on 01/28/2021. The objection has been withdrawn in view of the amended specification.
Applicant amendment to independent claim 1 have overcome the 35 U.S.C § 112(b) rejection previously set forth in the Non-Final Office Action mailed on 01/28/2021. The rejection has been withdrawn in view of the amended claim.






Response to Arguments

 Regarding Applicant’s arguments, on page 11-15 of the remark filed on 3/22/2021, on the newly added limitations of claim 1 : “the security verification service comprising time- based analysis of security certifications of plurality of entities to determine a trustworthiness of each of the plurality of entities; receiving a detection of a compromised transaction of a compromised party in the blockchain; and providing a consensus message to the plurality of entities to roll back the blockchain to a last time the compromised party published a secure transaction to the blockchain.” , argument is persuasive.
Therefore, the 35 U.S.C. 102 rejection over Rhonda U.S Pub. No. 20170250972 has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made under 35 U.S.C. § 103 in view of the following prior art: Madisetti U.S Patent No. 10/102,265 (See Provisional Application No. 62/484,555), in conjunction with Rhonda U.S Pub. No. 20170250972. Please refer to the 35 U.S.C. 103 section below for a detailed explanation.
	For the reasons stated above and the new ground(s) of rejection under 35 U.S.C. 103 below, Examiner respectfully disagrees with Applicant’s argument, see Applicant’s Remarks Page 11-15, regarding allowance of the application. Examiner 
	Conclusion: Rhonda- Madisetti teaches the aforementioned limitations of independent claims 1 rendering the claim limitations obvious before the effective date of the claimed invention.


Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: 
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. 
Claims 1-10 is/are rejected under 35 U.S.C. 103 as being unpatentable over Rhonda et al. (U.S Pub. No. 20170250972, hereinafter referred to as “Rhonda") in view .

Regarding independent claim 1 (Currently Amended) Rhonda teaches A method for creating a secure self-validating network of distributed ledger participants, the method comprising:
creating a network having a plurality of entities, each entity being a blockchain participant communicatively coupled to a central blockchain; (Par. 0174 "the ledger servers can be implemented as a network of peer verifiers. Service ledgers  ( sLedgers) generally include both a distributed service ledger that is accessible to all system participants, and a private ledger that is devoted to each system participant. " (Par. 0175 "The distributed service ledger can be implemented using a blockchain paradigm") 
and a security verification service communicatively coupled to the central blockchain. (Par. 0037 "the system further comprises: one or more auditor servers in communication with the first ledger and the second ledger, the one or more auditor servers being configured to: receive a first ledger identifier identifying the first ledger storing the first entry, a second ledger identifier identifying the second ledger storing the second entry), (Par. 0114 "in the field of onlinefederated authentication systems, the traditional broker deployment model provides centralized authentication or identity services from a set of identity providers to a set of relying parties"), (Par. 0171 "Identity management system 300 generally provides a decentralized and asynchronous authentication flow between participants, which is made possible by providing several 
However Rhonda does not explicitly teach the security verification service comprising time- based analysis of security certifications of plurality of entities to determine a trustworthiness of each of the plurality of entities; receiving a detection of a compromised transaction of a compromised party in the blockchain; and providing a consensus message to the plurality of entities to roll back the blockchain to a last time the compromised party published a secure transaction to the blockchain.
Wherein Madisetti (provisional) teaches the security verification service comprising time- based analysis of security certifications of plurality of entities to determine a trustworthiness of each of the plurality of entities;  (Page 2: Lines 13-16  “The transaction validation and consensus mechanisms (such as proof-of-work) used in blockchain networks and other parameters such as the block-size and block-time determine how fast the network can process and confirm the transactions; security verification service (the transaction validation and consensus mechanism ), time based (block-time)), (Page 10 Lines 4-14 “Normal blocks are created by the miners on the blockchain network and require proof-of-work mining. A block is cryptographically secured by an nonce that proves that a certain amount of work was done to find the nonce input to the PoW algorithm. The normal blocks represents an eventually consistent state of the network, or points of consensus in the network. Micro-blocks are generated in the block-interval between two normal-blocks. Micro-blocks are created by a 'bonded-validator' chosen by the network. There is no mining involved in creation of micro-blocks. The validator chosen after each normal block is created, generates micro-time-based analysis block maintains records of all the transactions with a timestamp, trustworthiness (proof-of-work), (Figure 2 label “timestamp”, “mixedhash” “nonce”, Page 10 Lines 18-23 Blockchain contains timestamp (time-based), nonce and Hash)
receiving a detection of a compromised transaction of a compromised party in the blockchain; (Page 8, Par. 2 “If there exist timeouts or some other problems (message losses or network fragmentation/node failures) with implementation of the tuning update, the system can rollback to previous parameters sets that were check-pointed or stored”; receiving a detection of a compromised transaction (“if there exist timeouts or some other problems” is detected), (Page 9 Par. 3 “Suitable checkpointing methods may be used to rollback for any inconsistent application of parameters, or other faults and timeouts.”; detection (suitable checkpoints) compromised transactions (faults or timeouts),  (Figure 5 label “Input”, “DSS Model”; input for a blockchain network is detected for compromised transaction of a party (failure); (Page 7 Par. 2 “ “The tuning is also especially useful when nodes in the blockchain network fail or the network may be partitioned so that reallocation of work may be suitably done.”; detecting compromise (failure) of nodes in blockchain network).
and providing a consensus message to the plurality of entities to roll back the blockchain to a last time the compromised party published a secure transaction to the blockchain. (Figure 8 label “RollbackTuningAnnouncement” ; Rollback Announcement with consensus message;), (Page 8, Par. 3 “ “The parameter update announcements are issued after the supervisor nodes come to a consensus on the updates to be made to the parameters. Once the supervisor nodes come to a consensus on an update, one of the supervisor nodes is randomly chosen to create an announcement message. The announcement message is signed by the supervisor node's private key. The supervisor can also rollback or cancel the update to the last check-pointed state.”; consensus message (update/announcement message), last time the compromised party ( rollback or cancel [..] last check-pointed state).
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Madisetti to the self-validating network of distributed ledger having a plurality of entities, each entity being a blockchain participant with a security verification service both coupled to the central blockchain teachings of Rhonda because of the analogous concept of blockchain certification with a plurality of entities within a network. Madisetti includes a time-based verification system that allows participants and entities to certify and validate each other within the blockchain network. This period system of checks provides a level of integrity and a means to monitor fraudulent of nefarious activity. Madisetti provides a verification system that uses a timestamp and hash value, this will provide users the sufficient enough information to be aware of who is authenticated within the blockchain and who has unauthorized or unlawful access. This protects and strengthens the blockchain network for particpants using smart contracts and dealing with currency. Confidential information over time must be thoroughly evaluated so wrongful communication with unauthorized users can 
The motivation to combine these reference is because the periodic verification and time-based solution by Madisetti will lead to the strengthening of the blockchain network by allowing participants to be aware and understand if the corresponding participant is a valid user or not, to provide the fast and efficient detection of compromised data and to ensure to all the participants that the proper measures to return to a previous secure level will be implemented. 

Regarding dependent claim 2 (Original), the combination of Rhonda and Madisetti teaches the method of claim 1. Rhonda further teaches the method of claim 1, further comprising each entity self-publishing a security evaluation, validation, or certification to one or more blockchains on the network. (Par. 0102 "The described embodiments are generally directed to providing participants in an identification and authentication system with assurance that data, events, and transactions related to digital identity attributes are valid, authentic and provided with the user's consent. Transactions can be any transactions that involve the exchange of data or attributes, for example, credential generation, identity verification, payments, contracts, and so forth. Some categories of transactions may be:Requests from user agents or relying parties awaiting fulfilmentldentity providers and user agent servers agreeing to fulfilmentMessage transmission and evidence of data being exchangedUser agent server and digital lock box managementCreation and distribution of pseudonymous user identifiersAssignment of billing codes and evidence of request fulfilmentSystem configuration changes ( e.g., adding new relying parties or identity providers, changes to policies, etc.)Profile changes ( e.g., relying party or identity provider information and billing code updates)", (Par. 0174 " Ledger server system 370 or 370' ensure data integrity, including by identifying the data publisher of recorded events and transactions that occur, while maintaining participant privacy. Service ledger servers manage databases or stores, which can be used to provide notarization and integrity controls to the RP and other participants. Generally, the ledger servers can be implemented as a network of peer verifiers. Service ledgers ( sLedgers) generally include both a distributed service ledger that is accessible to all system participants, and a private ledger that is devoted to each system participant. In some cases, ledgers may be operated by, or may serve as, custodians, as described elsewhere herein. '').

Regarding dependent claim 3 (Original), the combination of Rhonda and Madisetti teaches the method of claim 1. Rhonda further teaches the method of claim 2, further comprising each entity verifying the security evaluation, validation or certification of other entities on the network. (Par. 0053 "In some cases, the first auditor system is configured to: verify that the first entry is consistent with the second entry to generate a first result; verify that the response data bundle ownership public key in the first entry matches a response data bundle ownership public key in the data provisioning record to generate a second result; generate at least one confirmation entry based on the first result and the second result; and link the first entry address to the second ledger identifier and the second entry address to the first ledger identifier. ''), (Par. 0176 "the distributed service ledger can be consulted to verify that entries in a private service ledger have not been tampered with, and also to verify relationships between the entries of two different participant private service ledgers. To facilitate this verification, whenever a private service ledger entry is made, there should be a corresponding entry written to the distributed service ledger. As discussed further herein, entries in the distributed service ledger may have increased obfuscation or blinding compared to the private service ledgers, to safeguard the privacy of the private service ledger parties'')
Regarding dependent claim 4 (Original), the combination of Rhonda and Madisetti teaches the method of claim 1. Rhonda further teaches the method of claim 3, further comprising encrypting the security evaluation, validation or certification so that only authorized entities can read the encrypted information. (Par. 0038 "there is provided an identity management method for controlling an exchange of data bundles by a user agent server, the method comprising: transmitting a first request to an identity provider server, the first request identifying one or more claim categories; receiving, at a first time, at least a portion of an encrypted data bundle from the identity provider server based on the first request, the encrypted data bundle identifying one or more attributes associated with a user related to the user agent server, "), (Par. 0156 "By using dual or multiple control and data segregation, data leaks and activity tracking of preserved transactions can be mitigated. Dual or multiple control means that multiple entities act together to decrypt sensitive transaction parameters and reduce the risk of ex post facto repudiation. For example, in some embodiments, a digital lock box provider can authenticate a user and the user's device ( or user agent server) can sign transactions using keys not controlled by the digital lock box provider. User identifiers, the digital lock box provider name, and the public keys used to sign the transaction are preserved within the protected parameters of a transaction to allow later investigation. In some other embodiments, the digital lock box provider may handle private keys on behalf of the user, and therefore can require user authentication to perform key-based operations on behalf of the user; in such cases, the digital lock box provider may be prevented from seeing the transaction data or one or more parties to the transactions-the transaction data being encapsulated in additional layers of encryption or hashing-thus restricting the digital lock box provider to handling private key operations ( e.g., signing, encrypting).", (Par. 0192 "Network client interface 3396 can interface with the service ledger system 370 or 370', RP blinding auditor servers 312, key registrar servers 340 and IdP blinding auditor server 352, among others. Network client interface 3396 can also update the distributed database ( dDB ), which is a distributed data store used by user agent 3310 and IdP to store a user encrypted data bundle, and which all participants can read; the dDB is encrypted and may be partially or fully replicated at multiple locations in the system ( e.g., at each IdP server or RP server). For example, the distributed database can be distributed and replicated using Apache Cassandra™ or Inter Planetary File System (IPFS). In some cases, the distributed database may comprise one or more side database to the ledger system. '')
Regarding dependent claim 5 (Original), the combination of Rhonda and Madisetti teaches the method of claim 1. Rhonda further teaches the method of claim 4, further comprising an entity cross-certifying another entity in the network. (Par. 0174 " Ledger server system 370 or 370' ensure data integrity, including by identifying the data publisher of recorded events and transactions that occur, while maintaining participant privacy. Service ledger servers manage databases or stores, which can be used to provide notarization and integrity controls to the RP and other participants. Generally, the ledger servers can be implemented as a network of peer verifiers. Service ledgers (sLedgers) generally include both a distributed service ledger that is accessible to all system participants, and a private ledger that is devoted to each system participant. "), (Par. 0486 "Child transaction process 1300 begins at 1302, with a user agent server or RP server initiating a transaction and signing transaction data. In some cases, the transaction may require endorsement, accordingly at 1304, the transaction data is transmitted to a GidP server. In some embodiments, multiple endorsers may be required, accordingly the transaction data may be transmitted to additional peers at 1306, which thereupon execute a similar process, beginning at 1310. In some cases, the user agent server or RP server may transmit a unique value ( e.g., a transaction ID) that can be used by multiple GidP servers to validate transactions in a deterministic way.''), (Par. 0487 "The GldP server receives the transaction data at 1310 and determines that one or more child transactions are required, creates the one or more child transaction, and transmits it to one or more peer GidP server in the group, where it is received at 1314. In some cases, one or more of the child transactions may require further child transactions ( e.g., grandchild transactions), and may be processed in similar fashion.'').

Regarding dependent claim 6 (Original), the combination of Rhonda and Madisetti teaches the method of claim 1. Rhonda further teaches the method of claim 5, further comprising an entity in the network issuing a security challenge to another entity in the network. (Par. 0120 "At 240, broker server 140 sends a request to the identity provider server 150 associated with the selection made at 230. Identity provider server 150 authenticates the user device 130, for example by issuing a challenge to user device 130, or by verifying a token or credential supplied in the original request by user device 130. ''), (Par. 0320 "As a result of this address scheme, user agent servers are tightly associated with their addresses. A user agent server can provide proof that it controls an identifier by signing challenge data ( e.g., addresses) with its private key. Since the user private key does not leave the control of the user agent server, the party interacting with the user can be assured in the correctness of exchanged data by verifying the signature of the address using cryptographic means. Providing attributes to relying parties'')

Regarding dependent claim 7 (Original), the combination of Rhonda and Madisetti teaches the method of claim 1. Rhonda further teaches the method of claim 6, further comprising an entity in the network revoking a public key in a blockchain on the network. (Par. 0209 "At 406, user agent server 3390 can generate cryptographic keys for use with IdP server 350. User agent server 3390 can generate a user agent cryptographic key pair for use with a public key cryptographic system, including a user agent public key (UPub) and a user agent private key (UPr). The generated cryptographic key pair is specific to the user agent server and IdP. Once the key pair is generated, user agent server 3390 can generate a pseudonym or user agent address (User@IdP) uniquely identifying the user agent server to the identity provider server, which can be generated based on UPub. In some embodiments, the pseudonym may be created and assigned to the user agent by another entity, such as the IdP or a digital lock box provider which stores the user's private keys. In either event, the public key UPub is associated with the pseudonym, and the private key remains with the creating agent ( e.g., user agent server or digital lock box provider). In this way, possession of the private key associated with a public key can prove ownership of a pseudonym. "), (Par. 0313 "With this hierarchy, the user agent server can now interact with each entity using a different key pair to sign messages and perform key agreement. As usual with public key cryptography, the private keys generally do not leave the user agent server's control, while the public keys can be provided to the entity when they need to verify a signature. As a result, the user agent server can interact with other participants in a one-to-one manner, while no other participant shares a common identifier for the user agent server.''), (Par. 0450 "Occasionally, an IdP may wish to revoke one or more identity attributes that have been issued previously. This may occur, for example, if a user ceases to be a client of a financial institution, if a payment card number is cancelled, if a driver's license is revoked, etc."), (Par. 0451 "To revoke a previously issued identity status, an IdP server 350 can append or modify ledger entries in the IdP private service ledger with an updated revocation status that indicates that data in the ledger entry is no longer valid. Subsequently, when a participant attempts to verify the data, or is performing an audit, the data will be identified as revoked '').

Regarding dependent claim 8 (Original), the combination of Rhonda and Madisetti teaches the method of claim 1. Rhonda further teaches the method of claim 7, further comprising an entity in the network revoking a private key in the blockchain on the network. (Par. 0209 "At 406, user agent server 3390 can generate cryptographic keys for use with IdP server 350. User agent server 3390 can generate a user agent cryptographic key pair for use with a public key cryptographic system, including a user agent public key (UPub) and a user agent private key (UPr). The generated cryptographic key pair is specific to the user agent server and IdP. Once the key pair is generated, user agent server 3390 can generate a pseudonym or user agent address (User@IdP) uniquely identifying the user agent server to the identity provider server, which can be generated based on UPub. In some embodiments, the pseudonym may be created and assigned to the user agent by another entity, such as the IdP or a digital lock box provider which stores the user's private keys. In either event, the public key UPub is associated with the pseudonym, and the private key remains with the creating agent ( e.g., user agent server or digital lock box provider). In this way, possession of the private key associated with a public key can prove ownership of a pseudonym.''), (Par. 0313 "With this hierarchy, the user agent server can now interact with each entity using a different key pair to sign messages and perform key agreement. As usual with public key cryptography, the private keys generally do not leave the user agent server's control, while the public keys can be provided to the entity when they need to verify a signature. As a result, the user agent server can interact with other participants in a one-to-one manner, while no other participant shares a common identifier for the user agent server. ''), (Par. 0450 "Occasionally, an IdP may wish to revoke one or more identity attributes that have been issued previously. This may occur, for example, if a user ceases to be a client of a financial institution, if a payment card number is cancelled, if a driver's license is revoked, etc."), (Par. 0451 "To revoke a previously issued identity status, an IdP server 350 can append or modify ledger entries in the IdP private service ledger with an updated revocation status that indicates that data in the ledger entry is no longer valid. Subsequently, when a participant attempts to verify the data, or is performing an audit, the data will be identified as revoked '').

Regarding dependent claim 9 (Original), the combination of Rhonda and Madisetti teaches the method of claim 1. Rhonda further teaches the method of claim 8, further comprising one or more the plurality of the entities in the network predefining a condition for a rollback of a blockchain. (Par. 0173 "In addition to the cryptographic operations locally performed by the user agent or user agent server, system 300 has a number of oracles, which can include both blinding auditors and key registrars. An oracle generally is an independent server that has a cryptographic key pair, and which can sign transactions on request and can maintain state data for system 300, to help prevent attacks or errors that would lead to the introduction of inconsistent or erroneous data in system 300. ''), (Par. 0509 "When an investigation or audit is desired for a particular transaction, the unique transaction identifier for the transaction in question can be provided to the relevant auditor ledger for that transaction, or in some cases a designated contact. The auditor ledger or designated contact can then retrieve the required information/or the audit, from the ledger.''), (Par. 0518-0519 "Once the initiating auditor has a sufficient set of key parts, the decryption key can be reconstructed, and used to decrypt the preserved transaction record, validate the signature on the transaction, and ensure that the appropriate ledger records exist in the relevant auditor ledgers. In some cases, the audit procedure can be nested to retrieve one type of audit record, and use the result of that retrieval to audit a further set of related records. For example, an auditor may audit the transactions performed by particular pseudonymous user identifier, and use the transaction identifiers thus obtained to request audits of the transactions themselves.'').

Regarding dependent claim 10 (Original), the combination of Rhonda and Madisetti teaches the method of claim 1. Rhonda further teaches the method of claim 9, further comprising one or more of the plurality of the entities in the network predefining a condition for a rollback of a subset of transactions in the blockchain. (Par. 0509-0511 "When an investigation or audit is desired for a particular transaction, the unique transaction identifier for the transaction in question can be provided to the relevant auditor ledger for that transaction, or in some cases a designated contact. The auditor ledger or designated contact can then retrieve the required information for the audit, from the ledger. In some cases, when requesting an audit, the requesting party may be required to provide a reason or rationale for the audit request, which can subsequently be stored in the auditor ledger ( e.g., as a salted hash). Once the initial information is retrieved, each auditor ledger for every other party to the transaction can be requested to approve the audit and unlock the necessary decryption keys ( e.g., provide parts of keys needed to reconstruct the decryption key).", (Once the initiating auditor has a sufficient set of key parts, the decryption key can be reconstructed, and used to decrypt the preserved transaction record, validate the signature on the transaction, and ensure that the appropriate ledger records exist in the relevant auditor ledgers. In some cases, the audit procedure can be nested to retrieve one type of audit record, and use the result of that retrieval to audit a further set of related records. For example, an auditor may audit the transactions performed by particular pseudonymous user identifier, and use the transaction identifiers thus obtained to request audits of the transactions themselves. '').

Claim 11 is/are rejected under 35 U.S.C. 103 as being unpatentable over Rhonda et al. (U.S Pub. No. 20170250972, hereinafter referred to as “Rhonda") and Madisetti et al. (U.S Patent No. 10/102,265 (See Provisional Application No. 62/484,555), hereinafter referred to as "Madisetti") in further view of Johnson U.S Pub. No. 20180330385.

Regarding dependent claim 11 (New), the combination of Rhonda and Madisetti teaches the method of claim 1 but do not explicitly teach The method of claim 2, wherein the security verification service includes a percentage score of each of the plurality of entities in the network based on a certification from other entities in the network.
The method of claim 2, wherein the security verification service includes a percentage score of each of the plurality of entities in the network based on a certification from other entities in the network. (Par. (0031) “Another embodiment of our invention is to incorporate blockchain technology in order to make our verification data part of the distributed ledger, thereby creating an unalterable audit log of all of the verifications; blockchain with verification service), (Par. (0047) “ In one embodiment of the present invention, specific testing results and percentage ranks of any individual's RWS Certification can be made available to potential employers. Tracking and recording of all internal messaging systems will ensure communications between employers and potential hires are reviewed for security purposes.”; percentage score (percentage ranking) based on certification from other entities (employers)).
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Johnson to the self-validating blockchain network coupled with a verification service and a plurality of entities that are participants teachings of Rhonda and the time-based analysis security verification with a detection of compromised transactions and roll back message teachings of Madisetti because of the analogous concept of verification of other entities within a blockchain network. Johnson includes a method for other entities in the blockchain network to certify each other with a percentage ranking that is displayed. This eliminates confusion for entities in the blockchain from unauthorized access of illegitimate users that are not credible. This provides a constant review of security that ensures blockchain participants that the corresponding user they are in communication with is not fake or artificial. The 
The motivation to combine these reference is by displaying a percentage score on based on certification of other entities it establishes trust within the blockchain network and assures participants that confidential information such as currency and private information will not be compromised and each entity that is certified will display the accurate percentage score of that is certified, this in return leads to the fast and efficient exchange of communication that neither impeded or altered. 

Claims 12-13 is/are rejected under 35 U.S.C. 103 as being unpatentable over Rhonda et al. (U.S Pub. No. 20170250972, hereinafter referred to as “Rhonda") and Madisetti et al. (U.S Patent No. 10/102,265 (See Provisional Application No. 62/484,555), hereinafter referred to as "Madisetti") in further view of Wuehler U.S Pub. 20170093830.

Regarding dependent claim 12 (New), the combination of Rhonda and Madisetti teaches the method of claim 1 but do not explicitly teach The method of claim 2, wherein the security verification service comprises detecting operating system changes for the plurality of entities in the network and detecting unpatched operating system versions for the plurality of entities in the network.
Wherein Wuehler teaches The method of claim 2, wherein the security verification service comprises detecting operating system changes for the plurality of entities in the network and detecting unpatched operating system versions for the plurality of entities in the network. (Par. (0034) “This disclosure contemplates key manager 120 determining whether node A 105 is authorized to communicate over network 115 based on any appropriate characteristic or configuration of node A 105. For example, key manager 120 may make this determination based on an operating system, operating system version, and/or patch level of node A 105. If node A 105 does not have a particular operating system, operating system version, and/or patch level installed, then node A 105 may be vulnerable to certain types of malware and intrusions that could jeopardize network 115 or other nodes of network”; security verification service (key manager) detecting (determining) operating system version patch level) plurality of entities (nodes) on network), (Par. (0029)” In certain embodiments, ledger 135 may be a block chain. When a new node joins network 115, the new node may communicate an encrypted message to ledger 135 indicating whether the new node is authorized to communicate over network”; blockchain component with entities (nodes).
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Wuehler to the self-validating blockchain network coupled with a verification service and a plurality of entities that are participants teachings of Rhonda and the time-based analysis security verification with a detection of compromised transactions and roll back message teachings of Madisetti because of the analogous concept of verification of entities within a blockchain network. Wuehler includes a detection system to identify potential risks of unpatched operating systems in a blockchain. This allows participants in the network to be informed and aware of 
The motivation to combine these references is because by identifying the unpatched or out of date operating system version it will in return lead to the fast and free flowing exchange of communication of the blockchain network. Particpants would be hesitate to interact with a party that has an older operating system version because it can lead to risk and vulnerabilities. By tracking and identifying the problem first it establishes a level of trust that transactions and communication in the blockchain network can commence without risk or concerns. This strengthens the overall protection of the blockchain network and does not halt or impede communication with hesitancy from participants.

In regards to Claim 13, claim 13 recites similar limitations as claim 12 and the teachings of Rhonda, Madisetti, and Wuehler address all the limitation discussed in Claim 13 and are thereby rejected under the same grounds. 

Claims 14 and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Rhonda et al. (U.S Pub. No. 20170250972, hereinafter referred to as “Rhonda") and Madisetti et al. (U.S Patent No. 10/102,265 (See Provisional Application No. .

Regarding dependent claim 14 (New), the combination of Rhonda and Madisetti teaches the method of claim 1 but do not explicitly teach The method of claim 4, wherein the encrypted information is encrypted and decrypted using encryption keys managed in hardware, the hardware being a Hardware Security Module (HSM).
Wherein Velissarios teaches The method of claim 4, wherein the encrypted information is encrypted and decrypted using encryption keys managed in hardware, the hardware being a Hardware Security Module (HSM). (Par. (0016) “Accordingly, a request for encryption or decryption is sent to the relevant system hardware security module (HSM), e.g., the HSM 128 which supports the peer node for Entity A”; encryption and decryption of entities in a blockchain network with HSM (Hardware security Module”).
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Velissarios to the self-validating blockchain network coupled with a verification service and a plurality of entities that are participants teachings of Rhonda and the time-based analysis security verification with a detection of compromised transactions and roll back message teachings of Madisetti because of the analogous concept of verification of entities within a blockchain network. Velissarios includes a method of utilizing hardware security module in the encryption and decryption process to support the transaction chains in a blockchain network. This prevents the copying of keys to access confidential information and transactions on the 
The motivation to combine these reference is because by allowing the hardware security module to manage the keys used for the encryption and decryption process it provides a level of assurances and limits the concern of blockchain participants conducting transactions on the possibility of fake or falsified users impersonating trusted parties on the blockchain network. This strengthens the integrity of the entities in the network and further reduces the possibility of compromise keeping the blockchain network intact and a secure flow of communication.

Regarding dependent claim 19 (New), the combination of Rhonda and Madisetti teaches the method of claim 1 but do not explicitly teach The method of claim 4, wherein the encrypted information is encrypted and decrypted using encryption keys, the encryption keys including symmetric keys and a public key of authorized receivers.
Wherein Velissarios teaches The method of claim 4, wherein the encrypted information is encrypted and decrypted using encryption keys, the encryption keys including symmetric keys and a public key of authorized receivers. (Par. (0017) “The security controller circuitry 134 may employ symmetric cryptography, with all keys remaining securely in the HSMs”; symmetric cryptography with all keys (public and private)., (Par.(0020) “Once the accounts for Entity A and Entity B are in decrypted format and following the balance updates in the respective accounts, the updated Authorized receivers with encryption keys (Entity A, B)).
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Velissarios to the self-validating blockchain network coupled with a verification service and a plurality of entities that are participants teachings of Rhonda and the time-based analysis security verification with a detection of compromised transactions and roll back message teachings of Madisetti because of the analogous concept of verification of entities within a blockchain network. Velissarios includes a method of using symmetric cryptography and issuing encryption keys with authorized users of the blockchain network. This provides clarity within blockchain particpants that the corresponding user that it is in exchange with ha the correct corresponding key that is not altered or compromised. This allows for the secure and protected line of communication of blockchain participants dealing with currency or confidential information.
The motivation to combine these references is because by implementing symmetric cryptography with encrypted keys it will allow only the corresponding entity or entities access to different permission on the blockchain, whether it is to read, write, edit, etc. This allows the secure free flowing line of exchange that is not susceptible to compromise or the impersonation of a wrongful user.  


Claim 15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Rhonda et al. (U.S Pub. No. 20170250972, hereinafter referred to as “Rhonda") and 

Regarding dependent claim 15 (New), the combination of Rhonda and Madisetti teaches the method of claim 1, Rhonda and Madisetti further teach The method of claim 3, wherein the verifying the security evaluation, validation or certification of other entities on the network comprises: each entity using a hash of the blockchain for each respective entity combined with a hash of an environment for each respective entity and sending the hash to the blockchain with a timestamp and nonce. (Madisetti Figure 2 labels “timestamp”, “nonce”, “mixedhash, prevhaash”; each entity in the blockchain sends a hash with a timestamp and a nonce).
However Rhonda and Madisetti do not teach each entity signing a message with a private key; each entity confirming a copy of the blockchain
Wherein Haldenby teaches each entity signing a message with a private key; Haldenby   (Par.(0165) “block-chain ledger 612 and the SV load and/or purchase transaction blocks within digitally signed settlement data [..] may apply an additional digital signature to digitally signed settlement data 618 using a private cryptographic key”; signing of message (data) with private key).
each entity confirming a copy of the blockchain (Par. (0097) “to confirm that the extracted copy of SV block-chain ledger 113 corresponds to the locally stored copy of SV block-chain ledger”; confirming copy of the blockchain)

The motivation to combine these references is because it provides a system or criteria for either certifying a blockchain participant or removing one. This allows the blockchain network to be protected and eliminate possible risk or vulnerability for those trying to gain unlawful actions or illegal activities. By completing both the steps of verification in signing a message with a private key and confirming a copy of the blockchain other entities will be able to see who met the criteria for certification and who 
However Rhonda, Madisetti and Haldenby do not teach each entity verifying an operating system version, each entity verifying a software version.
Wherein Wright teaches each entity verifying an operating system version; (Par. (0038)” Verification—as used herein means the identification of exceptions between a tag stored in a client computer,[..] Verification refers to (1) the comparison between the tag on the client computer and tag stored by the service to determine if they are identical, and (2) if they are determined to be identical then an analysis of the tag attributes to see if there are exceptions relative to a pre-established policy. The policy governs any actions that are taken as a result of having identified an exception. For example, if the tag stored in the client is different than the tag stored by the service then the policy may be to alert an administrator that tampering has occurred”; verifying the operating system (client computer) in a blockchain network).
each entity verifying a software version; (Par.(0038) “Generally, verification will determine matters such as if the client software component is of the right version or patch level, if the number of instances of a client software component are in conformance”; verifying the software version in a blockchain network).
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Wright to the to the self-validating blockchain network coupled with a verification service and a plurality of entities that are participants teachings of Rhonda, the time-based analysis security verification with a detection of compromised transactions, roll back message teachings and the entity 
The motivation to combine these reference is because it strengthens the protection of the blockchain network, entities utilize financial software, issue payments on their operating system, and exchange intellectual property. These could all be at risk is an unauthorized user attacks on an un-updated of out of date version of the software and operating system. By allowing the verification of both to be included in the self-certification of each entity it in return leads to the reduction of risk and facilitates the growth and increase in activity of assured participants that can interact with trusted parties with rightful software and operating system versions. 



s 16 and 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Rhonda et al. (U.S Pub. No. 20170250972, hereinafter referred to as “Rhonda") and Madisetti et al. (U.S Patent No. 10/102,265 (See Provisional Application No. 62/484,555), hereinafter referred to as "Madisetti") in further view of Pierce U.S Pub. No. 20180039667.

Regarding dependent claim 16 (New), the combination of Rhonda and Madisetti teaches the method of claim 1 but do not explicitly teach The method of claim 1, wherein the security verification service is a revocation authority, the security verification authority removing an entity of the plurality of entities.
Wherein Pierce teaches The method of claim 1, wherein the security verification service is a revocation authority, the security verification authority removing an entity of the plurality of entities. (Par. (0204)” to the blockchain revoking User A's wallet certificate. The transaction may include syntax that deletes User A from a whitelist or adds User A to a blacklist.”; revocation authority (revoking User A’s certificate), removing (deletes) an entity (User A)), (Par. (0091) “blockchain module 142 may have permissions to set or alter one or more validation rules by generating and transmitting a signed data message including the one or more changes to the validation rules for the blockchain; verification service (blockchain module that validates blockchain network)), (Par. (0122) “The blockchain module 142 may be representative of a blockchain client, e.g. a miner or node and may be configured to run blockchain software that facilitates the validation, generation, and communication of one verification service (Blockchain module).
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Pierce to the self-validating blockchain network coupled with a verification service and a plurality of entities that are participants teachings of Rhonda and the time-based analysis security verification with a detection of compromised transactions and roll back message teachings of Madisetti because of the analogous concept of verification of entities within a blockchain network. Pierce includes a method of revoking and removing unauthorized entities from the blockchain. This prevents vulnerabilities and risk from attacks from delinquent, illegitimate and fraudulent users that could expose sensitive transactions from blockchain participants. By having this authority within the blockchain unlawful users cannot impersonate entities dealings with currency, or inflate order values with market manipulation or even conduct criminal activity such as money laundering from unidentified sources. By verifying, auditing and removing unfamiliar entities it creates a level of trust between parties in interaction and strengthens the integrity of the blockchain system as a whole.
The motivation to combine these references is by having the revocation authority and removing entities from the network blockchain participants can be ensured protection and a secure channel of communication that is less likely and susceptible to compromise by illegitimate users trying to interact.

Regarding dependent claim 18 (New), the combination of Rhonda and Madisetti teaches the method of claim 1 but do not explicitly teach The method of claim 
Wherein Pierce teaches The method of claim 1, wherein the security verification service works with third party services to maintain proper controls, third party services providing Know Your Customer verification. (Par.(0059)” the airline may want to implement an identity management system to facilitate Anti Money Laundering/Know Your Customer, e.g. AML/KYC. Only parties having been vetted by the airline, or other parties (such as banks, travel agencies, etc.) may be allowed to create wallets that may hold airline miles. Certain parties may hold digital certificates that the airline designates as signers who are authorized to sign certificates that entitle users' wallets to hold airline miles. In cases where a user is found to be exchanging airline miles for criminal purposes, that user's certificate may be revoked”; providing KYC or know your customer verification, third party services (other parties), maintain proper controls (hold digital certificates, authorized to sign, revocation of certificates))
(Par.(0057) “An example of private blockchain technology is a blockchain used to record transactions representing airline frequent flier miles. The users of frequent flyer miles acknowledge that the airline administering the frequent flyer program has the right to change the terms and conditions of the program at any point in time. This presents a number of obstacles to using an open, public blockchain”; airline uses blockchain network), (Par. (0122) “The blockchain module 142 may be representative of a blockchain client, e.g. a miner or node and may be configured to run blockchain software that facilitates the validation, generation, and communication of one or more blockchain network on airline contains verification service (blockchain module)).
	Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Pierce to the self-validating blockchain network coupled with a verification service and a plurality of entities that are participants teachings of Rhonda and the time-based analysis security verification with a detection of compromised transactions and roll back message teachings of Madisetti because of the analogous concept of verification of entities within a blockchain network. Pierce includes an exchange that verifies that the blockchain knows who their customers are to avoid nefarious or fraudulent activities, only parties having been vetted an authorized can interact and conduct transactions. This maintains and strengthens the integrity of the blockchain network by eliminating any possible risk or unidentified/ untrusted entities. By implementing this verifications it provides assurances that blockchain participants and exercising and maintaining the proper controls against unwanted activities. This keeps entities alert and vigilant to being susceptible to compromise or interaction with unidentified or certified users.
	The motivation to combine these references is because a system of self-certification it intertwined with self-check, by working with a third party to maintain proper controls blockchain participants become more aware of entities that could pose as a risk and compromise integral information in the network. This leads to a stronger base of protection because not only are the entities certifying each other but other parties are performing a system of checks to keep participants alert for unlawful or unauthorized users/ activities in return protecting the integrity of the blockchain network.



Claim 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Rhonda et al. (U.S Pub. No. 20170250972, hereinafter referred to as “Rhonda") and Madisetti et al. (U.S Patent No. 10/102,265 (See Provisional Application No. 62/484,555), hereinafter referred to as "Madisetti") in further view of Irwan U.S Pub. No. 20190245699.

Regarding dependent claim 17 (New), the combination of Rhonda and Madisetti teaches the method of claim 1 but do not explicitly teach The method of claim 1, wherein the security verification service is an attestation service, the attestation service periodically checking integrity of an entity of the plurality of entities.
Wherein Irwan teaches The method of claim 1, wherein the security verification service is an attestation service, the attestation service periodically checking integrity of an entity of the plurality of entities. (Par. (0044) “For example, the security gateway 170 may store a copy of the certificates, inventory list, and/or revocation list in a local database by periodically checking the blockchain 150 for updated data.”; attestation (periodically checking the blockchain) integrity (certificates, inventory list, revocation), (Par. (0045)” A client device 190 may be a computer, a virtual computer, and/or a computing device. As an example, a computer may be one or more server computers, cloud-based computers, cloud-based cluster of computers”; entity of the plurality of entity (computer, cluster of computers, more than one computer).

The motivation to combine these references is because it gives control to the blockchain participants to be able to see which entity and data have been certified and which entity and data is fraudulent and needs to be removed. This strengthens the integrity of the blockchain network and allows the protected exchange of communication without illegitimate transactions and activities by uncertified users. 



Claim 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Rhonda et al. (U.S Pub. No. 20170250972, hereinafter referred to as “Rhonda") and Madisetti et al (U.S Patent No. 10/102,265 (See Provisional Application No. 62/484,555), hereinafter referred to as "Madisetti") in further view of Jackson U.S Pub. No. 20180331835.

Regarding dependent claim 20 (New), the combination of Rhonda and Madisetti teaches the method of claim 1 but do not explicitly teach The method of claim 4, wherein the encrypted information is encrypted and decrypted using encryption keys, the encryption keys including a public key of authorized receivers allowing for publication in plain text of a security scan result.
Wherein Jackson teaches The method of claim 4, wherein the encrypted information is encrypted and decrypted using encryption keys, the encryption keys including a public key of authorized receivers allowing for publication in plain text of a security scan result. (Par.(0060) “A receiving operation 802 receives, from a trusted blockchain oracle, a blockchain oracle record being signed by a private cryptographic key paired with a public cryptographic key, the public cryptographic key being associated with the trusted blockchain oracle. The receiving operation 802 may be the result of a published blockchain oracle record, a blockchain oracle record received in response to a user request”; public key associated with authorized receiver corresponding with published blockchain results”).

The motivation to combine these references because it provides a level of transparency for the blockchain participants to be able to read published and scan results to ensure that other entities they are in interaction with are validated and certified. This in return leads to the fast and efficient communication that is unhindered or impeded because of concerns of risk or compromise. By implementing an encryption and decryption process associated with the published results, the confidential data is secure and protected for blockchain participants to read and utilize in the future.


Relevant Prior Art

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.

Alex Zinder "System and Methods of Secure Provenance For
Distributed Transaction Databases". Considered this reference because it
addresses the communication between distributed databases with blockchain transactions as well as validation.

Craig Steven Wright "Blockchain-based exchange with
tokenization ". Considered this reference because it addressed a blockchain exchange with a plurality of entities using encryption in the verification process. As well as self or third party authentication

Muftic Sead "Blockchain Identity Management System Based on
Public Identities Ledger". Considered this reference because it address a self-validating network system with distributed ledgers. This application dealt with the verification process of a blockchain as well as peer to peer
authentication.

Conclusion

THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  

A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Applicants are encouraged to take advantage of the After Final Consideration Pilot 2.0 (AFCP 2.0) which authorizes non-production time for consideration of responses filed after a final rejection. The purpose of the pilot is to compact prosecution of the case. The request must include 1) A signed AFCP request form (PTO/SB/434 or equivalent) that includes a statement that applicant is requesting consideration under the AFCP; 2) An amendment to at least one independent claim that does not broaden the scope of the independent claim in any aspect; and 3) A statement that applicant is willing and available to participate in any interview initiated by the examiner concerning the present response.  In the limited amount of non-production time if the examiner’s consideration of a proper AFCP 2.0 request and response does not result in a 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to HASSAN A HUSSEIN whose telephone number is (571)272-3554. The examiner can normally be reached on 7:30am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on (571)272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/HASSAN A HUSSEIN/ 
Examiner, Art Unit 2497
/ELENI A SHIFERAW/Supervisory Patent Examiner, Art Unit 2497