DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

Response to Amendment
The Amendment filed on 05/04/2021 has been entered. 
The rejection of claims 4 and 7 under 35 U.S.C 112 (a) is withdrawn in view of the amendment.
Claims 1, 8, 10 and 14 are amended.
Claims 2, 4, 9, 15 and 17 are cancelled.
Claims 1, 3, 5-8, 10-14, 16, 18-20 are pending of which claims 1, 8 and 14 are independent claims.

Response to Arguments
The applicant's arguments filed on 05/04/2021 regarding claims 1-20 necessitated a new ground(s) of rejection in this Office action. Please See MPEP 706.07(a), for New Ground of Rejection necessitated by Amendment.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 3, 7-8, 10, 13-14, 16 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over SHPUROV et al. (Pub. No.: US 2020/0244435, hereinafter SHPUROV) in view of McLean (Pub. No.: US 2019/0149564), NAKARMI et al. (Pub. No.: US 2019/0246275, hereinafter NAKARMI) and Danahy et al. (Pub. No.: US 2018/0189484, hereinafter Danahy).
Regarding claim 1: SHPUROV discloses A method for security assessment of encryption models, the method comprising:
the second device obtaining a first ciphertext security assessment index through computation using the one or more ciphertext model parameters (SHPUROV - [0047]: first computing system may perform any of the exemplary processes described herein to apply one or more predictive fraud models through a performance of verifiable, homomorphic computations on portions of encrypted transaction data 220, and to generate homomorphically encrypted output data that, when decrypted by second computing system 202), and sending the first ciphertext security assessment index to the first device (SHPUROV - [0057]: homomorphic computation module 232 may perform operations that cause first computing system 102 to transmit homomorphically encrypted output data 234 across network 120 to second computing system 202);
the first device decrypting the received first ciphertext security assessment index using a private key corresponding to the public key to generate a plaintext security assessment index (SHPUROV - [0061]: API 240 may route homomorphically encrypted output data 234 to a decryption module 242 of second computing system 202. When executed by the one or more processors or second computing system 202, decryption module 242 may access cryptographic library 208 (e.g., as maintained within data repository 204) and extract homomorphic private cryptographic key 212. Executed decryption module 242 may perform operations that decrypt all or a portion of homomorphically encrypted output data 234 using homomorphic private cryptographic key 212, and that generate decrypted output data 244. See also [0043] for key paring), and 
However SHPUROV doesn’t explicitly teach:
a first device training a data model and performing homomorphic encryption on one or more plaintext model parameters of the data model to obtain one or more ciphertext model parameters of the data model;
the first device sending to a second device a deployment request for deploying a homomorphically-encrypted data model on the second device , wherein the deployment request 
forwarding the plaintext security assessment index to the second device; 
the second device encrypting the plaintext security assessment index using the public key to generate a second ciphertext security assessment index, comparing the first ciphertext security assessment index with the second ciphertext security assessment index to determine consistency thereof, and determining whether to deploy the homomorphically-encrypted data model according to the comparing; and
determining whether to deploy the homomorphically-encrypted data model according to the comparing.
In an analogous art, McLean discloses:
a first device training a data model (McLean - Fig. 3, [0023]: an analytic or threat prediction model 12 … training data 52 or other suitable accessed data, to develop or otherwise generate the derivative data schema component of the threat prediction/identification model) and performing [homomorphic] encryption on one or more plaintext model parameters of the data model to obtain one or more ciphertext model parameters of the data model (McLean - [0024]: The derivation data schema component 44 of the model will, however, be encrypted for transmission to various or selected participants or verified/trusted members of threat intelligence communities); 
the first device sending to a second device a deployment request for deploying a homomorphically-encrypted data model on the second device, wherein the deployment request comprises the one or more ciphertext model parameters of the data model and a public key for the homomorphic encryption (McLean - [0029]: Fig. 4, at Step 112, the derivation data schema to be applied by the model can be encrypted before such function is transmitted or shared, e.g., by applying a cryptographic function or algorithm, such as an asymmetric cryptographic function … An encryption key or other suitable feature to decrypt the encrypted derivation data schema also can be provided to the trusted or verified threat intelligence community member(s) (Step 116). The model, the encrypted derivative data schema, and/or the encryption key can be shared directly between participants or members of the trusted/verified threat intelligence communities, e.g., using existing platforms, such as a Malware Information Sharing Platform (MISP)) 
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of SHPUROV including homomorphic encryption with McLean so that the encrypted model components are transmitted or shared. The modification would have allowed the system to securely transmit the derivation data schema to be used by the model.
However, the combination of SHPUROV and McLean doesn’t explicitly teach:
forwarding the plaintext security assessment index to the second device; 
the second device encrypting the plaintext security assessment index using the public key to generate a second ciphertext security assessment index, comparing the first ciphertext security assessment index with the second ciphertext security assessment index to determine consistency thereof, and determining whether to deploy the homomorphically-encrypted data model according to the comparing; and
determining whether to deploy the homomorphically-encrypted data model according to the comparing.
In an analogous art, NAKARMI discloses:
forwarding the plaintext security assessment index to the second device (NAKARMI - [0057]: Upon receiving the secret identifier and the encryption information from the home PLMN 114, the serving PLMN 112 performs a verification operation); 
the second device encrypting the plaintext security assessment index using the public key to generate a second ciphertext security assessment index (NAKARMI - [0057]: utilizing the encryption information to generate an encrypted version of the secret identifier. [0056]: the encryption information is private (i.e. a secret that may be kept only by the home PLMN 114 and any other devices to which the home PLMN 114 allows encryption information access). The encryption information may include a public key associated with the home PLMN 114), comparing the first ciphertext security assessment index with the second ciphertext security assessment index to determine consistency thereof, and determining whether to deploy the homomorphically-encrypted data model according to the comparing (NAKARMI - [0057]: Once the encrypted secret identifier is generated, the serving PLMN may compare it to the stored public identifier. If the comparison reveals that the public identifier and the encrypted secret identifier match (e.g. meet certain static or alterable criteria defining a match), the verification procedure may be successful in determining that the public identifier and the secret identifier correspond to a single UE that is an authenticated subscriber of the home PLMN 114 … the serving PLMN may perform the operation related to the UE after verification. [0056]: public identifier (e.g. the IMSI of the UE 102 encrypted with the public key of the home PLMN 114).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of SHPUROV and McLean with NAKARMI so that the received encrypted value is compared with stored encrypted value to determine if two values are the same. The modification would have allowed the system to verify that the received value is not altered.
However, the combination of SHPUROV, McLean and NAKARMI doesn’t explicitly teach but Danahy discloses determining whether to deploy the homomorphically-encrypted data model according to the comparing (Danahy - [0120]: At 510, base model 400 and ML Model 400′ are analyzed, to determine whether the ML Model 400′ performs at or above a predetermined accuracy threshold … If the ML Model 400′ accuracy is greater than that of the current model, then the current model is replaced with the ML Model 400′).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of SHPUROV, McLean and NAKARMI with Danahy so that the decision to update or deploy a model is based on the result/report of comparison. The modification would have allowed the system to enhance security.
Regarding claim 3: SHPUROV as modified discloses further comprising:
the second device generating a model security assessment report for determining whether to deploy the homomorphically-encrypted data model based on comparison results of a plurality of first ciphertext security assessment indices and a plurality of second ciphertext security assessment indices (NAKARMI - [0047]: This comparison may result in a determination by the network node 106 that the encrypted secret identifier and the public identifier match. Such a match may indicate that the verification has succeeded).
prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of SHPUROV and McLean, Danahy with NAKARMI so that the verification is performed by comparing received encrypted value with stored encrypted value. The modification would have allowed the system to verify that the received value is not altered.
Regarding claim 7: SHPUROV as modified discloses further comprising: the second device denying the deployment request in response to determining that the first ciphertext security assessment index and the second ciphertext security assessment index are not consistent (Danahy - [0113]: ML Model 400′ is tested on a regular basis against past and future data feeds (“prediction feeds”) received from the user machine/endpoint, e.g., via management module 114′ (FIG. 17), to ensure that a specified endpoint is only updated when a new ML Model 400′ is generated that represents an improvement relative to the existing ML Model).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of SHPUROV, McLean and NAKARMI with Danahy so that the decision to update or deploy a model is based on the result/report of comparison. The modification would have allowed the system to enhance security.
Regarding claim 8: SHPUROV discloses A method for security assessment of encryption models, the method comprising:
the first device obtaining a first ciphertext security assessment index that is generated by the security assessment device using the one or more ciphertext model parameters and the public key (SHPUROV - [0047]: first computing system may perform any of the exemplary processes described herein to apply one or more predictive fraud models through a performance of verifiable, homomorphic computations on portions of encrypted transaction data 220, and to generate homomorphically encrypted output data that, when decrypted by second computing system 202. - [0057]: homomorphic computation module 232 may perform operations that cause first computing system 102 to transmit homomorphically encrypted output data 234 across network 120 to second computing system 202), decrypting the first ciphertext security assessment index using a private key corresponding to the public key to generate a plaintext security assessment index, and forwarding the plaintext security assessment index to the security assessment device SHPUROV - [0061]: API 240 may route homomorphically encrypted output data 234 to a decryption module 242 of second computing system 202. When executed by the one or more processors or second computing system 202, decryption module 242 may access cryptographic library 208 (e.g., as maintained within data repository 204) and extract homomorphic private cryptographic key 212. Executed decryption module 242 may perform operations that decrypt all or a portion of homomorphically encrypted output data 234 using homomorphic private cryptographic key 212, and that generate decrypted output data 244. See also [0043] for key paring);
However SHPUROV doesn’t explicitly teach:
a first device training a data model and performing homomorphic encryption on one or more plaintext model parameters of the data model to obtain one or more ciphertext model parameters of the data model;
the first device sending to a second device a deployment request for deploying a homomorphically-encrypted data model on the second device , wherein the deployment request comprises the one or more ciphertext model parameters of the data model and a public key for the homomorphic encryption;
the second device forwarding the one or more ciphertext model parameters and the public key to a security assessment device;
the second device obtaining a model security assessment report from the security assessment device, wherein the model security assessment report is generated by the security assessment device encrypting the plaintext security assessment index using the public key to generate a second ciphertext security assessment index and comparing the first ciphertext security assessment index with the second ciphertext security assessment index to determine consistency thereof; and
the second device determining whether to deploy the homomorphically-encrypted data model according to the model security assessment report.
In an analogous art, McLean discloses:
a first device training a data model (McLean - Fig. 3, [0023]: an analytic or threat prediction model 12 … training data 52 or other suitable accessed data, to develop or otherwise generate the derivative data schema component of the threat prediction/identification model) and performing [homomorphic] encryption on one or more plaintext model parameters of the data model to obtain one or more ciphertext model parameters of the data model (McLean - [0024]: The derivation data schema component 44 of the model will, however, be encrypted for transmission to various or selected participants or verified/trusted members of threat intelligence communities); 
the first device sending to a second device a deployment request for deploying a homomorphically-encrypted data model on the second device, wherein the deployment request comprises the one or more ciphertext model parameters of the data model and a public key for the homomorphic encryption (McLean - [0029]: Fig. 4, at Step 112, the derivation data schema to be applied by the model can be encrypted before such function is transmitted or shared, e.g., by applying a cryptographic function or algorithm, such as an asymmetric cryptographic function … An encryption key or other suitable feature to decrypt the encrypted derivation data schema also can be provided to the trusted or verified threat intelligence community member(s) (Step 116). The model, the encrypted derivative data schema, and/or the encryption key can be shared directly between participants or members of the trusted/verified threat intelligence communities, e.g., using existing platforms, such as a Malware Information Sharing Platform (MISP)) 
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of SHPUROV including homomorphic encryption with McLean so that the encrypted model components are transmitted or shared. The modification would have allowed the system to securely transmit the derivation data schema to be used by the model.
However, the combination of SHPUROV and McLean doesn’t explicitly teach:
the second device forwarding the one or more ciphertext model parameters and the public key to a security assessment device;
the second device obtaining a model security assessment report from the security assessment device, wherein the model security assessment report is generated by the security assessment device encrypting the plaintext security assessment index using the public key to generate a second ciphertext security assessment index and comparing the first ciphertext security assessment index with the second ciphertext security assessment index to determine consistency thereof; and

In an analogous art,  NAKARMI discloses:
the second device forwarding the one or more ciphertext model parameters and the public key to a security assessment device (NAKARMI - Fig. 1. [0056]: the encryption information is private (i.e. a secret that may be kept only by the home PLMN 114 and any other devices to which the home PLMN 114 allows encryption information access). The encryption information may include a public key associated with the home PLMN 114. [0041]: the network node 106 of serving PLMN 112 may receive, from the UE, a public identifier (i.e., non-secret or unencrypted identifier associated with the UE) and/or a pseudonym corresponding to the UE. After receiving the public identifier and/or pseudonym, the network node 106 may forward the public identifier and/or pseudonym to the home PLMN 114 of the UE);
the second device obtaining a model security assessment report from the security assessment device, wherein the model security assessment report is generated by the security assessment device encrypting the plaintext security assessment index using the public key to generate a second ciphertext security assessment index and comparing the first ciphertext security assessment index with the second ciphertext security assessment index to determine consistency thereof (NAKARMI - [0057]: Once the encrypted secret identifier is generated, the serving PLMN may compare it to the stored public identifier. If the comparison reveals that the public identifier and the encrypted secret identifier match (e.g. meet certain static or alterable criteria defining a match), the verification procedure may be successful in determining that the public identifier and the secret identifier correspond to a single UE that is an authenticated subscriber of the home PLMN 114 … the serving PLMN may perform the operation related to the UE after verification. [0056]: public identifier (e.g. the IMSI of the UE 102 encrypted with the public key of the home PLMN 114); 
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of SHPUROV and McLean with NAKARMI so that the received encrypted value is compared with stored encrypted value to determine if two values are the same. The modification would have allowed the system to verify that the received value is not altered. 

the second device determining whether to deploy the homomorphically-encrypted data model according to the model security assessment report (Danahy - [0120]: At 510, base model 400 and ML Model 400′ are analyzed, to determine whether the ML Model 400′ performs at or above a predetermined accuracy threshold … If the ML Model 400′ accuracy is greater than that of the current model, then the current model is replaced with the ML Model 400′). 
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of SHPUROV, McLean and NAKARMI with Danahy so that the decision to update or deploy a model is based on the result/report of comparison. The modification would have allowed the system to enhance security. 
Regarding claims 10 and 13: The limitations of claims 9-10 are substantially similar to the limitations of claims 3 and 7, thus it is interpreted and rejected for the reasons set forth above in the rejection of claims 3 and 7.
Regarding claims 14, 16 and 20: Claims are directed to computer readable medium claims and do not teach or further define over the limitations recited in claims 1,3 and 7. Therefore, claims 14, 16 and 20 are also rejected for similar reasons set forth in claims 1, 3 and 7. 

Claims 5, 11 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over SHPUROV et al. (Pub. No.: US 2020/0244435, hereinafter SHPUROV) in view of McLean (Pub. No.: US 2019/0149564), NAKARMI et al. (Pub. No.: US 2019/0246275, hereinafter NAKARMI), Danahy et al. (Pub. No.: US 2018/0189484, hereinafter Danahy) and Furuichi et al. (Pub. No.: US 2018/0239922, hereinafter Furuichi).
Regarding claims 5, 11 and 18: SHPUROV as modified doesn’t explicitly teach but Furuichi discloses wherein the deployment request further comprises a random number such that using the public key with the random number results in a consistent encryption result for the same data (Furuichi - [0036]: the access request sender 230 may generate a random number and encrypt the onetime use password with the appended random number and preferences as described previously using the public key)
prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of SHPUROV, McLean , NAKARMI and Danahy with Furuichi so to increase security.

Claims 6, 12 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over SHPUROV et al. (Pub. No.: US 2020/0244435, hereinafter SHPUROV) in view of McLean (Pub. No.: US 2019/0149564), NAKARMI et al. (Pub. No.: US 2019/0246275, hereinafter NAKARMI), Danahy et al. (Pub. No.: US 2018/0189484, hereinafter Danahy) and Shukla et al. (Pub. No.: US 2015/0213079, hereinafter Shukla).
Regarding claims 6, 12 and 19: SHPUROV as modified doesn’t explicitly teach but Shukla discloses wherein the first ciphertext security assessment index is obtained by calculating a variance of the one or more ciphertext model parameters (Shukla - [0131]: the mean and variance of the posterior distribution may be calculated for particular values of the parameters).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of SHPUROV, McLean , NAKARMI and Danahy with Shukla so that variance of parameters are calculated. The modification would have allowed the system to use variance of parameters as security assessment index.

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
VAN DER VELDEN et al. (Pub. No.: US  2019/0273607) - SYSTEM FOR DIGITAL IDENTITY AUTHENTICATION AND METHODS OF USE 
Nandakumar et al. (Pub. No.: US  2020/0252198) -  SECURE MULTI-PARTY LEARNING AND
INFERRING INSIGHTS BASED ON ENCRYPTED DATA
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MENG LI whose telephone number is (571)272-8729.  The examiner can normally be reached on M-F 8:30-5:30.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s acting supervisor, Kristine Kincaid can be reached on (571) 272-4063.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8729.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MENG LI/
Primary Examiner, Art Unit 2437