DETAILED ACTION

Currently pending claims are 1 – 9 and 11 – 21.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows: 
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claim 8 is rejected under 35 U.S.C. 101 because the claimed invention may be directed to software per se which is directed to non-statutory subject matter.  Examiner notes for a device claim, at least one recited element, in the claim body, must be a hardware component; however, the claim may be reasonably interpreted as being not limited to hardware elements according to the disclosure of the specification (SPEC-PG.PUB: Para [0219]: some (NOT “all”) of each device are implemented with a plurality of information processing devices, or circuitry and the like (JUST “for example”) – i.e. which is not limited to a "hardware processor", wherein  a functional module may take the form of “software”) and thus the claim may be merely directed to software per se as a non-statutory subject matter for a device claim.  It is respectfully suggested by the Examiner to amend the claim limitation in the claim body, for example, to explicitly include (comprise) “at least one hardware processor (or computing device or processor device) configured for:”.   Any other claims not addressed are rejected by virtue of their dependency.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  


Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


Claims 1 – 9 and 11 – 21 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Day et al. (U.S. Patent 10,068,397).  

As per claim 1, 8 & 9, Day teaches an information verification system comprising: 
a first node group including a plurality of nodes, and a second node group including at least one node, wherein the at least one of nodes included in the second node group includes a request unit configured to transmit a request signal for requesting information (Day: Figure 2A / E-2000, E-4000 & E-5000: (a) a plurality of nodes, within a first node group, include, at least, an access control system 4000 and an event validation system and (b) at least one client agent (browser) node as a requestor within a second node group to transmit a request message for requesting information from the access control system); 
the request signal including verification information that is information for use in verification to be generated each time the request signal is transmitted, to at least any node of the first node group (Day: see above & Col. 18 Line 20 – 22 / Line 17 – 19 / Line 8 – 12, Col. 10 Line 10 – 15 / Line 39 – 49, Col. 3 Line 44 – 52Col. 11 Line 27 – 35 and Col. 9 Line 50 – 54: (a) A situation policy requirement is needed per requester that requires per-challenge approval for the requester to continue the data access request (Col. 10 Line 10 – 15) such that (c) each time when a requester makes a data access request by a client agent (e.g. a browser), a challenge can be created for assuring the server is not a “phishing” scam entity and also include any data (Col. 18 Line 17 – 19 / Line 8 – 12 and Col. 3 Line 44 – 52) such as a data set (template) (Col. 10 Line 39 – 49), which can be generated by the client agent each time the request signal is transmitted so that the control access system can validate and compare with for authorization (Col. 18 Line 20 – 22));
a verification unit configured to verify response information that is information transmitted from any one of the nodes included in the first node group in response to the request signal (Day: see above & Col. 18 Line 27 – 29 / Line 17 – 19 and Col. 10 Line 47 – 49: (a) A data of {Sit} as a part of the data set (template) (see above) is verifiable when the server responds (i.e. to be included also in the response information returned by the server that can be verified by an event verification entity associated with the client agent (browser)) (see above & Col. 18 Line 27 – 29 & Col. 10 Line 47 – 49), which can be included by the requester during the access request (Col. 18 Line 17 – 19) according to the data access request per challenge requirement w.r.t. a special situation policy (Col. 10 Line 10 – 15));
the verification unit determining, regarding the response information, whether or not desired information that is information requested by the request signal or a digest thereof is included, whether or not correct verification information is included, whether or not a value obtained by applying a one-way function to the response information satisfies a predetermined rule defined for common use between the first node group and the second node group (Day: see above & Col. 18 Line 27 – 29, Col. 12 Line 57 – Col. 13 Line 25: using a Guardtime hash tree-based signing mechanism to validate whether or not correct verification information is included, whether or not a value obtained by applying a one-way hash function to the response information satisfies a predetermined rule), and a response time that is a time taken between the transmission of the request signal and the obtainment of the desired information, and on the basis of the determination results thereof, assessing the presence or absence of reliability of the desired information or the degree of reliability thereof (Day: see above & Col. 7 Line 64 – Col. 8 Line 4, Col. 11 Line 51 – 55 and Col. 18 Line 11 – 13: a time-limit between the request and the response messages of the challenge process can be restricted (e.g.) within a certain time period to assure the reliability (trustness) of the communications between the source and destination entities – i.e. w/o expiration ouside of the time window, which can be applied not only to the server challenge but also applied to the client challenge process (Col. 18 Line 11 – 13)).
Examiner Note U.S. Patent Hamel et al. (U.S. Patent 10,460,118) can be used as an additional evidence to be enclosed in the record of 892 to further support the rationale of rejection for the clarity purpose (Hamel: Col. 19 Line 10 – 22: based on a response time window between the request and the response messages for assessing the degree of reliability of the obtainment of the desired information and determining the certainty whether the information obtained from the message has been tampered or not – i.e. to assure the message integrity).

As per claim 2, Day teaches wherein transmitting, as the response information that is a response to the request signal transmitted from any node included in the second node group, information including a nonce set to cause the response information to satisfy the rule, the desired information or the digest thereof, and the verification information included in the request signal to a node that is a request source, (Day: see above & Col. 5 Line 34 – 36 / Line 45 – 48: a nonce can be included in the  response messge by hashing a random number such that a hacker would not know from time to time even what he would need to include in a faked response) and a search unit configured to search for, using a one-way function, a value of the nonce that satisfies the rule (Day: see above & Col. 5 Line 26 – 27: simply look up (search) the corresonding signature (digest)).  

As per claim 3 and 11, Day teaches transmitting a request signal for requesting identical information a plurality of times to the at least any node of the first node group, and the verification unit assesses the presence or absence of reliability of the desired information or the degree of reliability thereof on the basis of the determination results for the plurality of times (Day: see above & Col. 8 Line 1 – 4: if the response message does not respond correctly, with a certain number of attempts, the degree of reliability of the desired information would be notified and the communications would be locked out).  

As per claim 4 and 12 – 14, Day teaches wherein the rule is specified by the verification information included in the request signal (Day: see above & Col. 18 Line 27 – 29 & Col. 10 Line 47 – 49 / Line 10 – 15: a data template can be included in the verification information such as the data of {Sit} (a situation policy) as a part of the data set (template) (see above), which is verifiable when the server responds (i.e. to be included also in the response information returned by the server that can be verified by an event verification entity associated with the client agent (browser)).  

As per claim 5 – 6 and 15 – 21, Day teaches wherein the rule is defined on the basis of attribute information on the desired information (Day: see above & Col. 10 Line 44 – 49 / Line 52 – 58 and Col. 3 Line 44 – 52: the data template comprising a data set defining a contextual policy information (e.g. a situation policy) associated with attribute information (e.g. w.r.t. a variety of data types (Col. 3 Line 44 – 52)) that are verifiable during the verification process).  

As per claim 7, Day teaches wherein the second node group includes a plurality of nodes each implemented as a ledger management node of a distributed ledger system or as a node capable of accessing a distributed ledger managed by the ledger management node (Day: see above & Col. 12 Line 26 – 44: using a blockchain (i.e. a distributed ledger) to store the data associated with a set of transactions, which can be queried for validation based on a hash-tree verification mechanism), the request unit transmits a request signal including verification information generated on the basis of information included in the distributed ledger, and the verification unit determines, regarding the response information directly received from any node of the first node group or indirectly received via another node of the second node group, whether verification information included in the response information is legitimate on the basis of whether the verification information is generated on the basis of the information included in the distributed ledger (Day: see above & Col. 15 Line 1 – 33 and Col. 12 Line 26 – 44: using a blockchain (i.e. a distributed ledger) to store the data associated with a set of transactions, which can be queried for validation), and determines the response time on the basis of from which generation of information in the distributed ledger the verification information included in the response information is generated and a number of ledgers added to the distributed ledger in a time from the generation of the information to at least reception of the response information (Day: see above & Col. 3 Line 66 – Col. 4 Line 1 – 9, Col. 12 Line 57 – Line 66 and Col. 13 Line 5 – 9: the response time is corresponding to the processing time (bandwidth usage) related to compile a concatenation of a number of input records (additional ledgers) added to the blockchain (which is used for computing hash validation information in a hash tree-based signing infrastruture) during the time from the generation of the information to the reception of the response information during the validation process).  


Any inquiry concerning this communication or earlier communications from the examiner should be directed to LONGBIT CHAI whose telephone number is (571)272-3788.  The examiner can normally be reached on Monday - Friday 9:00am-5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn D. Feild can be reached on 571-272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


---------------------------------------------------
                  /Longbit Chai/
           Longbit Chai E.E. Ph.D.
    Primary Examiner, Art Unit 2431
                   No. #2281 – 2021
---------------------------------------------------