Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 filed 11/23/2018 are presented for examination.

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 5/14/2020 and 12/3/2020 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Drawings
The drawing (Fig. 4) is objected to under 37 CFR 1.83(a).  Fig. 4 fails to show “public network access 430” as described in the specification in section [0049].  Any structural detail that is essential for a proper understanding of the disclosed invention should be shown in the drawing. 
The drawings (Fig 3 and Fig 6) are objected to as failing to comply with 37 CFR 1.84(p)(4) because reference characters "316" and "318" have both been used to designate node management.  (See spec [0055] and [0060] where it is referred to as 318).  
The drawing (Fig. 9) is objected to under 37 CFR 1.83(a).  Fig. 9 fails to show “such as cross attached network interface 942,” as described in the specification in section [0070].  Any structural detail that is essential for a proper understanding of the disclosed invention should be shown in the drawing. 
Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is 

Specification
The disclosure is objected to because of the following informalities: 
Section [0017] recites “Given the diversity of entities likely to participate in a blockchain network, networking barriers can arise which can be complex to overcome in order to enable access for differently situate entities participating in the blockchain network.” and should recite “Given the diversity of entities likely to participate in a blockchain network, networking barriers can arise which can be complex to overcome in order to enable access for differently situated entities participating in the blockchain network.”
Section [0018] recites “Moreover, participant resources may need to direct requests to particularly specified nodes in the blockchain network, a feature not typically supported by managed service for external which do not typically provide visibility” and should recite “Moreover, participant resources may need to direct requests to particularly specified nodes in the blockchain network, a feature not typically supported by managed service for external nodes which do not typically provide visibility”
Section [0034] recites “A may provide storage” and should recite “A data storage service 230 may provide storage”
Section [0034] recites “such as internet small computer interface (iSCSI)” and should recite “such as internet small computer system interface (iSCSI)”
 may offer clients a variety of different data management services, according to their various needs. In some cases, clients may wish to store and maintain large of amounts data, such as sales records, marketing, management reporting, business process management, budget forecasting, financial reporting, website analytics, or many other types or kinds of data.”
Section [0037] recites “That is, client 250 may be an application may interact directly with provider network 200.” And should recite “That is, client 250 may be an application that may interact directly with provider network 200.”
Section [0041] recites “Blockchain network management 324” and should recite “Blockchain network management 314 
Section [0049 recites “Because the blockchain network 410 is permission, in some scenarios public network access 430 (e.g., to the Internet) may be provided or configured in order to allow external nodes operating on the same blockchain framework to participate in the blockchain network 410.” And should recite “Because the blockchain network 410 is permissionless, in some scenarios public network access 430 (e.g., to the Internet) may be provided or configured in order to allow external nodes operating on the same blockchain framework to participate in the blockchain network 410.”
Section [0053] recites “Certificate authorities, such as certificate authority 524, 534, and 536 could rely upon a stored certificate at the certificate authority in some embodiments to provide other certificates to peer node(s) 522.” And should recite “Certificate authorities, such as certificate authority 544 could rely upon a stored certificate at the certificate authority in some embodiments to provide other certificates to peer node(s) 522.”
Section [0056] recites “For example, a request 610 to create an application node in another provider network may be received via interface 316” And should recite “For example, a request 610 to create an application node in another provider network may be received via interface 312”
Section [0064] recites “For example, one or more routes that between a networking device implementing network endpoint 730 and load balancer 740 may be updated to include a route that forwards network traffic to load balancer 740.” And should recite “For example, one or more routes  between a networking device implementing network endpoint 730 and load balancer 740 may be updated to include a route that forwards network traffic to load balancer 740.”
Section [0075] recites “Instead of denying the request remedial action(s) may be taken, such as provisioning or launching a new private network for the node in a provider network which a different and non-conflicting range of private network address and launching or moving the node to the new private network.” And should recite “Instead of denying the request remedial action(s) may be taken, such as provisioning or launching a new private network for the node in a provider network which  is different and non-conflicting range of private network address and launching or moving the node to the new private network.”
Section [0076] recites “[0076] As indicated at 1030, route(s) between the private network and a private network for the blockchain network in the managed blockchain service that enable he node to direct private communications to individual ones of the existing nodes in the private network of the managed blockchain service may be determined by the control plane, in some embodiments.”  And should recite “[0076] As indicated at 1030, route(s) between the private network and a private network for the blockchain network in the managed blockchain service that enable the node to direct private 
Section [0079] recites “For example, one or more networking devices managed by network configuration service 290 that implement a substrate network for provider network 200. may be modified to include route(s) that will forward traffic received from within the private network of the node (as other nodes could also use the same network endpoint) to the load balancer.” And should recite “For example, one or more networking devices managed by network configuration service 290 that implement a substrate network for provider network 200[[.]] may be modified to include route(s) that will forward traffic received from within the private network of the node (as other nodes could also use the same network endpoint) to the load balancer.”
Section [0082] recites “For instance, the private network address values may be identified as within a range of network address (e.g., a CIDR block)” and should recite “For instance, the private network address values may be identified as within a range of network addresses (e.g., a CIDR block)”
Appropriate correction is required.

Claim Objections
Claim 1 is objected to because of the following informalities:  The claim recites “A managed blockchain service”.  For purposes of examination it is interpreted as “A managed blockchain system comprising:  a managed blockchain service”.  The “system” and the “managed blockchain service” are needed for antecedent basis in dependent claims 2-4.  Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):



The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-4 and 19 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 1 recites the limitation "the one or more networking devices" in paragraph 6.  There is insufficient antecedent basis for this limitation in the claim.
Claims 2, 3 and 4 recite "the system of claim 1.”  There is insufficient antecedent basis for this limitation in the claims.
Claim 4 recites “wherein the blockchain network was created responsive to a request associated with a first user account of the provider network, and wherein the node and the second logically isolated network associated second user account of the provider network.”  The second wherein clause is not clear.  The limitation is interpreted as “wherein the blockchain network was created responsive to a request associated with a first user account of the provider network, and wherein the node and the second logically isolated network are associated with a second user account of the provider network ”
Claims 19 recites “media of claim 5”.  There is insufficient antecedent basis for this limitation in the claim.  The claim is interpreted as “media of claim 14”



Claim Rejections - 35 USC § 103

A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 4, 5, 7, 9, 13, 14, 17 19 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Zhou (CN108512935) in view of Tappin (2019/0166036).

Regarding claim 1, Zhou teaches 
a managed blockchain service, comprising: 
a first plurality of nodes, respectively comprising at least one processor and a memory, that host a blockchain network in a first logically isolated network;
a second plurality of nodes, respectively comprising at least one other processor and another memory, that implement a control plane for the managed blockchain service; (Zhou, Page 3, Summary of Invention, paragraphs 3 and 4, At least one access server, the access server is configured to provide access services for at least one blockchain platform, and provide users with web-based blockchain management and viewing functions;  Page 5 ¶4, In a possible design, the access server is also used to provide private network configuration services based on multiple hosts and multiple container clusters (EN: Access server provides the control, blockchain platform hosts and container clusters read on first nodes))
the control plane configured to: (Zhou, Page 5 ¶4, the access server)
receive, via an interface for the control plane, a request to enable a node hosted in a second logically private network to communicate with the blockchain network; (Zhou, page 5, ¶8, After the user selects the target host, he can also define a private network in the blockchain 
identify one or more routes between the second logically isolated network and the first logically isolated network that enable the node to direct private communications to individual ones of the first plurality of nodes in the first logically isolated network; and (Zhou, page 7,  ¶2, In addition, the access server can be configured with IP addresses and routing policies, and through the CDH host, the private network between different users can be isolated , page 7, ¶6,   Further, the access server can also obtain the target extranet network domain name, and associate the mirror path of the target container cluster, the private network address corresponding to the target container cluster, and the target extranet network domain name, and store the   (EN: CDH is Cloud Virtual Machine Dedicated Host))
routes between the second logically isolated network and the first logically isolated network (Zhou page 7, ¶6, The mapping relationship between the mirroring path, the address of the private network and the target external network domain name, so as to establish the corresponding relationship between the external network, the internal network and the container cluster.)
Zhou teaches the access server has a mapping relationship with the hosts (nodes) but does not teach sending routes.
However Tappin teaches send requests to cause the one or more networking devices to add the identified one or more routes (Tappin, [0039] In operation 330, each node (e.g., node A3 or node A6), of the nodes 150 of the network 140 that meets a specified route injection criteria defined by an entity that transmitted the request to the route injection server 110 installs the specified IP route in a routing table associated with the node, and, in operation 340, 
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Tappin’s route injections with Zhou’s blockchain network because doing so improves the variety of applications that can run on the network (Tappin, [0013] The systems and methods, therefore, may be utilized with any routing protocols, and may be utilize to inject (or, install or otherwise add) IP routes into a network for a variety of applications.)

Regarding claim 4, Zhou and Tappin teach
the system of claim 1, wherein the managed blockchain service is implemented as part of a provider network, wherein the blockchain network was created responsive to a request associated with a first user account of the provider network, and wherein the node and the second logically isolated network are associated with a second user account of the provider network (Zhou, page 4, ¶ 6, The multiple hosts and the multiple container clusters provide isolated private network services for the multiple users based on the private network configuration performed by the multiple users through the access server, and pass the multiple containers  A blockchain engine running the private network services of the multiple users in a cluster;)

Regarding claim 7, Zhou and Tappin teach
the method of claim 6, wherein the node is an application node that sends one or more requests to the existing nodes of the blockchain network according to one or more (Application Programming Interfaces) (APIs) (Zhou, page 5, ¶ 3, As shown in Figure 2, the access server may include 

Regarding claim 9, Zhou and Tappin teach
the method of claim 8, wherein the node is a peer node that sends one or more communications according to a gossip protocol for the blockchain network (Tappin, [0039] In operation 330, each node (e.g., node A3 or node A6), of the nodes 150 of the network 140 that meets a specified route injection criteria defined by an entity that transmitted the request to the route injection server 110 installs the specified IP route in a routing table associated with the node, and, in operation 340, advertises the installed IP route to other nodes 150 of the IP network 140.) 

Regarding claim 13, Zhou and Tappin teach
the method of claim 5, wherein the managed blockchain service is implemented as part of a provider network, wherein the private network that hosts the 15node is an on premise network external to the provider network, and wherein the private communications from the node are sent via a virtual private network (VPN) connection between the on-premise network and the provider network (Zhou, page 11, ¶3, When receiving a joining request from any blockchain organization, if the joining request is initiated through a third-party platform, the access server communicates with the third-party platform through the dedicated line provided by the Baas bus or the secure virtual private network ipsec VPN. )

Regarding claim 19, Zhou and Tappin teach
the one or more non-transitory, computer-readable storage media of claim [[5]] 14, wherein the node is both an application node and a peer node (Zhou, page 9, ¶ 1, Three-party platform for 

Claim 5 is a method claim for the system claim 1 and is rejected for the same reasons as claim 1.

Claim 14 is a media claim for the system claim 1 and is rejected for the same reasons as claim 1.

Claims 17 and 20 are media claims for the method claims 9 and 13 and are rejected for the same reasons as claims 9 and 13.


Claims 2, 3, 6, 8, 15 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Zhou (CN108512935) in view of Tappin (2019/0166036) in view of Savolainen (2010/0257276).

Regarding claim 2, Zhou and Tappin teach
the system of claim 1, wherein to send the requests to cause the one or more networking devices to add the identified one or more routes between the second logically isolated network and the first logically isolated network, the control plane is configured to enable a load balancer in the first logically isolated network of the managed blockchain service to: (Zhou, Page 9, ¶6, The service request is allocated to the router corresponding to the service type, and the service request is dynamically scheduled through the load balancing function of the gateway TGW; for the private network, the data service system can transfer the service according to the load of multiple servers associated with the Baas bus.)
listen and forward based on the ports.
However Savolainen teaches listen at a plurality of ports for communications directed to a network endpoint created within the second logically isolated network that hosts the node; and 
forward the communications received at the plurality of ports to the individual ones of the first plurality of nodes individually assigned to different ones of the plurality of ports (Savolainen, [0031] The Network Address Translator 1200 tracks such data about each active connection as the destination address and port. When a reply returns from the Internet 1300 to the Network Address Translator 1200, it uses the connection tracking data it stored during the outbound phase to determine where on the private network 1000 to forward the reply. [0039] Further in accordance with the above embodiment of the invention, the virtual network interface 1140 further comprises a second interceptor 1142 that is configured to, in response to at least one network address translator traversal protocol message (e.g. a TURN message) being sent from the TURN server 1310 to at least one of the applications 1110, 1120, 1130, intercept the sent at least one network address translator traversal protocol message. The second interceptor 1142 is further configured to analyze data in the intercepted at least one network address translator traversal protocol message.)
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Savolainen’s network interface for traffic relay to Zhou’s blockchain network because doing so improves the system capability for multiple applications  (Savolainen, [0010] It would be useful to implement the STUN protocol and its TURN extension to a platform or an operating system as a service that can simultaneously be used by multiple applications.)

Regarding claim 3, Zhou, Tappin and Savolainen teach, 
the system of claim 1, wherein to send the requests to cause the one or more networking devices to add the identified one or more routes between the second logically isolated network and the first logically isolated network, the control plane is configured to: 
cause a virtual traffic hub to include the one or more routes to route communications originating from the second logically isolated network to the first logically isolated network of the managed blockchain service and to route communications directed to the second logically isolated network from the first logically isolated network of the managed blockchain service (Savolainen, [0031] The Network Address Translator 1200 tracks such data about each active connection as the destination address and port. When a reply returns from the Internet 1300 to the Network Address Translator 1200, it uses the connection tracking data it stored during the outbound phase to determine where on the private network 1000 to forward the reply. [0039] Further in accordance with the above embodiment of the invention, the virtual network interface 1140 further comprises a second interceptor 1142 that is configured to, in response to at least one network address translator traversal protocol message (e.g. a TURN message) being sent from the TURN server 1310 to at least one of the applications 1110, 1120, 1130, intercept the sent at least one network address translator traversal protocol message. The second interceptor 1142 is further configured to analyze data in the intercepted at least one network address translator traversal protocol message.)

Regarding claim 10, Zhou, Tappin and Savolainen teach
the method of claim 8, wherein the virtual traffic hub includes another one or more routes to route communications originating from another private network to the private network of the managed blockchain service and to route communications directed to the other private network from the private network of the managed blockchain service (Savolainen [0031] The private network 1000 is connected to public Internet 1300 via a Network Address Translator 1200. The private network 1000 is 

Claims 6 and 8 are method claims for the system claims 2 and 3 and are rejected for the same reasons as claims 2 and 3.

Claims 15 and 16 are media claims for the system claims 2 and 3 and are rejected for the same reasons as claim 2 and 3.

Claims 11, 12 and 18  are rejected under 35 U.S.C. 103 as being unpatentable over Zhou (CN108512935) in view of Tappin (2019/0166036) in view of Sabet (2016/0234162).

Regarding claim 11, Zhou and Tappin teach
the method of claim 5, wherein the method further comprises: 
receiving, via the interface for the control plane, a request to enable a second node hosted in a third private network to communicate with the blockchain network; 
Zhou does not teach determining private network address conflicts.

determining, …, that a private network address for the second node conflicts with an existing private network address in the private network of the managed blockchain service; and
responsive to determining that the private network address for the second node conflicts with the existing private network address, denying the request to enable the second node to communicate with the blockchain network (Sabet [0023] Still further according to the third aspect of the embodiments, the first device is further adapted to determine if there are any conflicts between IP addresses of existing devices of the existing network and IP addresses of the new devices, and to resolve conflicts between the existing IP addresses and new IP addresses in favor of the existing IP addresses and assigning previously un-assigned IP addresses to the new IP devices. [0138] In essence, dynamic IP address manager /DHCP firmware 354 places a higher priority on IP addresses of existing network devices 104 of EN 100, and modifies the IP addresses of any newly added devices to avoid conflicts (EN: blockchain services are treated as the existing address, and the second node is unable to communicate (denied or not integrated) until its address is changed))
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have applied Sabet’s address resolution to Zhou’s blockchain network because doing so improves network integration (Sabet [0013] Thus, there is a need for a network integration system and method in order to provide substantially seamless integration whenever one or more new networks are added to one or more existing networks.)

Regarding claim 12, Zhou, Tappin and Sabet teach 
the method of claim 11, further comprising: further responsive to determining that the private network address for the second node conflicts with the existing private network address, providing a range of private network addresses that do not conflict with existing private network address in the private network of the managed blockchain service (Sabet, [0137] If a new network is attached, the master list of addresses kept at Router A 404a will be checked, and if there is an overlap, then Router A 404a will re-assign those addresses that are in conflict.)

Claim 18 is a media claim for the method claim 12 and is rejected for the same reasons as claim 12.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Zeng (2019/0268407) teaches management for blockchain networks.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRUCE S ASHLEY whose telephone number is (571)270-0315.  The examiner can normally be reached on 9-5 PDT.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jay Kim can be reached on 571-272-3804.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-






/BRUCE S ASHLEY/               Examiner, Art Unit 2494                                                                                                                                                                                         
/THEODORE C PARSONS/               Primary Examiner, Art Unit 2494