DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) is/are: "user entity adapted to supply, cryptographic unit adapted to compute, network component adapted to transmit, and validation entity adapted for validation" in Claim 29.

If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 29 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claim 29 limitations "user entity adapted to supply, cryptographic unit adapted to compute, network component adapted to transmit, and validation entity adapted for 
Applicant may:
(a)        Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph; 
(b)        Amend the written description of the specification such that it expressly recites what structure, material, or acts perform the entire claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 
(c)        Amend the written description of the specification such that it clearly links the structure, material, or acts disclosed therein to the function recited in the claim, without introducing any new matter (35 U.S.C. 132(a)).
If applicant is of the opinion that the written description of the specification already implicitly or inherently discloses the corresponding structure, material, or acts and clearly links them to the function so that one of ordinary skill in the art would recognize what structure, material, or acts perform the claimed function, applicant should clarify the record by either: 
(a)        Amending the written description of the specification such that it expressly recites the corresponding structure, material, or acts for performing the claimed function and clearly links or associates the structure, material, or acts to the claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 
(b)        Stating on the record what the corresponding structure, material, or acts, which are implicitly or inherently set forth in the written description of the specification, perform the claimed function. For more information, see 37 CFR 1.75(d) and MPEP §§ 608.01(o) and 2181.

	
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claim 30 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter because Claims 30 is drawn to “computer program product” which could include a digital signal. The specification fails to definitively describe what the computer readable medium includes or does not include.. In general a “computer program product” covers both transitory and non-transitory medium. According to the broadest reasonable interpretation in light of the specification, the “computer program product” can be transitory. Signals per se do not fit within recognized categories of statutory subject matter. Examiner suggests adding the limitation "non-transitory" before "computer program product" in Claim 30 to overcome the rejection under 35 USC 101.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claims 16-19, 21, 29, and 30 are rejected under 35 U.S.C. 103 as being unpatentable over Ebrahimi (US 20160330027 A1) hereinafter referred to as Ebrahimi in view of Cavendish et al., (US 20180292522 A1) hereinafter referred to as Cavendish.
Regarding Claims 16, 29, and 30, Ebrahimi discloses A method for the confidential verification of an identity while employing a cryptographically chained list, having the steps of: supplying identity attributes of the identity…by a user entity; [paragraph 0034, In the example of the identification card 202, personal data 204 is contained thereon, which identifies the user] 
computing a respective hash value for each identity attribute in such a manner that it is not possible to infer the identity even if the identity attribute is known; [paragraph 0039, In this embodiment, the hashing logic 220 is used for hashing the input data (or selected fields of the input data or personal data) to provide or generate a hash value] 
writing the computed hash values as at least one list entry into the cryptographically chained list; [paragraph 0040, The user accessible interface 226 might be used by the user to transmit the digitally signed hash value and, optionally, the public key to a public storage facility 228 via a line 230, and receive back from the public storage facility 228 a transaction number 232 corresponding to the transmitted hash value and public key] [paragraph 0041, In one embodiment, the public storage facility 228 can take the form of a block chain (e.g., in a bitcoin online payment system) or any other public or private distributed database] 
transmitting an address of the at least one list entry…from the user entity to a validation entity; [paragraph 0043, The user accessible interface 226 (e.g., a GUI) can be controllable by the user of the input device 212 to encrypt and provide the transaction number 232, the input data ( or selected fields of the input data), and, optionally, the public key to an input device 242 (e.g., a smartphone) of a certifier] 
validating by the validation entity the at least one list entry having the computed hash values while employing an identity document which has the identity attributes, wherein it is verified whether the identity attributes supplied and saved at the address match the identity attributes of the identity document; [paragraph 0044, In one embodiment, the decrypted input data (or selected fields of the input data) might be hashed into a hash value by hashing logic 272 on the certifier's input device 242, using the same hashing algorithm that was used to create the hash value that was digitally signed by the user. And the decrypted transaction number 232 might be used by a user accessible interface 280 (e.g., a GUI) to access the public storage facility 228 (e.g., the block chain) and retrieve the signed hash value and public key of the user. The retrieved signed hash value, the generated hash value, and the retrieved or obtained public key might then be input to verifying logic 273 for verification]
and writing a signature of the at least one list entry into the cryptographically chained list in the case of a positive validation of the identity attributes by the validation entity. [paragraph 0047, Upon receipt of a #true# value from encryption logic 270, the certifier might create a certification record that refers to the verification. In an example embodiment, the certification record might include the transaction number 232, the input data (or selected fields of the input data), received from the user, and, optionally, a timestamp, and the certification record might be hashed and digitally signed by the certifier using a private key of the certifier associated with a public key. Then the certifier might use user accessible interface 280 (e.g., a GUI) to transmit the signed certification record to the public storage facility 228 for storage and receive in return transaction number 282 from the public storage facility 228]
Ebrahimi does not explicitly teach together with a symmetrical key information item; together with the symmetrical key information item.
Cavendish teaches together with a symmetrical key information item; together with the symmetrical key information item; [paragraph 0064, Once the acknowledgement message payload is produced, a hash function (e.g., SHA-256 or some other hash function) may be applied to the payload, together with a secret cryptographic key associated with the initiator device (the secret cryptographic key may be a symmetrical key, which may be the same or different from a symmetric key used by the responder device] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Cavendish with the disclosure of Ebrahimi. The motivation or suggestion would have been for verifying/authenticating the message. (paragraph 0064)
Regarding Claim 17, Ebrahimi discloses wherein a transmission of the address of the at least one list entry, the symmetrical key information item and the identity attributes is effected from the user entity to an entity which queries the identity, whereupon this querying entity verifies the written at least one list entry having the computed hash values on the basis of the transmitted data. [paragraph 0044, the decrypted input data (or selected fields of the input data) might be hashed into a hash value by hashing logic 272 on the certifier's input device 242, using the same hashing algorithm that was used to create the hash value that was digitally signed by the user. And the decrypted transaction number 232 might be used by a user accessible interface 280 (e.g., a GUI) to access the public storage facility 228 (e.g., the block chain) and retrieve the signed hash value and public key of the user – teaches access to the block chain to retrieve the signed hash value. This indicates an “address of the at least one list entry”]
Regarding Claim 18, Ebrahimi discloses wherein the verification of the at least one list entry also includes a verification of the written signature. [Abstract, The logic hashes the personal data using the hashing algorithm to create a generated hash value and verifies the signed hash value against the generated hash value]
Regarding Claim 19, Ebrahimi discloses wherein a challenge-response authentication is carried out between the user entity and the querying entity. [paragraph 0003, In still other systems, a user may be given challenge questions to verify his/her identity – although this teaches a challenge/response authentication in “other systems”, this still is a teaching of this limitation]
Regarding Claim 21, Ebrahimi discloses wherein the cryptographically chained list is present as a block chain. [paragraph 0026, In one embodiment, the public storage facility 128 can take the form of a block chain]

Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Ebrahimi in view of Cavendish, as applied to Claim 16, above, and further in view of Ksontini et al., (US 20070198834 A1) hereinafter referred to as Ksontini.
Regarding Claim 20, the combination of Ebrahimi and Cavendish does not explicitly teach wherein the hash values are keyed hash values.
Ksontini teaches wherein the hash values are keyed hash values. [paragraph 0062, In another variant the cryptogram (CRY) generated with the aid of a key of the RSA or IDEA type can be replaced by a block generated with a shared key HMAC (Keyed-Hashing for Message Authentication) from the set (IMSI, IMEISV, application identifier, application digest, SIM resource identifiers, instructions for locking/release of SIM resources)] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Ksontini with the disclosures of Ebrahimi and Cavendish. The motivation or suggestion would have been for message authentication. (paragraph 0062)

Claim 22 is rejected under 35 U.S.C. 103 as being unpatentable over Ebrahimi in view of Cavendish, as applied to Claim 16, above, and further in view of Thomas et al., (US 20110231645 A1) hereinafter referred to as Thomas.
Regarding Claim 22, the combination of Ebrahimi and Cavendish does not explicitly teach wherein the validation while employing the identity document includes a video identification method.
Thomas teaches wherein the validation while employing the identity document includes a video identification method. [paragraph 0041, The present invention can be successfully incorporated into any electronic system where the establishing of legal admissibility and evidential weight is required to support the integrity or authenticity of the subject data file. Deployment can cover, not exclusively, e-mail text based documents, drawings, video images] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Thomas with the disclosures of Ebrahimi and Cavendish. The motivation or suggestion would have been for “establishing of legal admissibility and evidential weight.” (paragraph 0041)

Claim 23 is rejected under 35 U.S.C. 103 as being unpatentable over Ebrahimi in view of Cavendish, as applied to Claim 16, above, and further in view of Ivanov et al., (US 20160292450 A1) hereinafter referred to as Ivanov.
Regarding Claim 23, the combination of Ebrahimi and Cavendish does not explicitly teach wherein the writing of the signature includes a writing of a level of trust which indicates how high the trust in the correctness of the identity is.
Ivanov teaches wherein the writing of the signature includes a writing of a level of trust which indicates how high the trust in the correctness of the identity is. [paragraph 0106, the status of a signature is assigned depending on the popularity of the signature, for example, the more popular the signature, the higher level of trust is assigned] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Ivanov with the disclosures of Ebrahimi and Cavendish. The motivation or suggestion would have been to assign status to signatures. (paragraph 0106)

Claim 24 is rejected under 35 U.S.C. 103 as being unpatentable over Ebrahimi in view of Cavendish, as applied to Claim 16, above, and further in view of Benini (US 20190013931 A1) hereinafter referred to as Benini.
Regarding Claim 24, the combination of Ebrahimi and Cavendish does not explicitly teach wherein the writing of the computed hash values takes place in each case at different addresses of the cryptographically chained list.
Benini teaches wherein the writing of the computed hash values takes place in each case at different addresses of the cryptographically chained list. [paragraph 0007, In order to conduct bitcoin transactions, a cryptographic public/private key pair is generated by a user. The private key is held solely by the contributor (e.g. in a "wallet software") and used to claim bitcoins. An "address" is a hash of the public key, and is noted in each bitcoin exchange, serving like an account number. A contributor may have different addresses for each transaction to enhance their anonymity in the transaction ledger. Bitcoins are passed from address to address with each transaction. The private key is also used to create a digital signature of the transaction. The public key is included in the transaction] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Benini with the disclosures of Ebrahimi and Cavendish. The motivation or suggestion would have been to “enable someone to verify that the contributor of the transaction is the holder of the associated private key via cryptographic challenge and response]

Claims 25-27 are rejected under 35 U.S.C. 103 as being unpatentable over Ebrahimi in view of Cavendish, as applied to Claim 16, above, and further in view of Schibuk et al., (US 20210119968 A1) hereinafter referred to as Schibuk.
Regarding Claim 25, the combination of Ebrahimi and Cavendish does not explicitly teach wherein a trustworthy entity is interposed in a communication between the user entity, the querying entity and/or the validation entity.
Schibuk teaches wherein a trustworthy entity is interposed in a communication between the user entity, the querying entity and/or the validation entity. [Figure 3A, teaches multiple different “trustworthy entities” in between the Source Signer (user entity) and the Validator/Destination (validation entity)] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Schibuk with the disclosures of Ebrahimi and Cavendish. The motivation or suggestion would have been for “validation of a data received through a messaging network.” (paragraph 0002)
Regarding Claim 26, the combination of Ebrahimi and Cavendish does not explicitly teach wherein the user entity, the querying entity and the validation entity are connected in terms of communication technology.
Schibuk teaches wherein the user entity, the querying entity and the validation entity are connected in terms of communication technology. [paragraph 0020, FIG. 3A is an exemplary schematic representation showing one packet traversing the network of FIG. 1 from a source to a destination, with a unique signature being attached to the packet, at one or more switches in the network that the packet passes through as it moves through the network.] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Schibuk with the disclosures of Ebrahimi and Cavendish. The motivation or suggestion would have been for “validation of a data received through a messaging network.” (paragraph 0002)
Regarding Claim 27, the combination of Ebrahimi and Cavendish does not explicitly teach wherein the validation entity is supplied by a network-based service.
Schibuk teaches wherein the validation entity is supplied by a network-based service. [paragraph 0013, a packet-switched network may be provided that blocks malicious, or otherwise harmful packets, from reaching a destination in a network] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Schibuk with the disclosures of Ebrahimi and Cavendish. The motivation or suggestion would have been for “validation of a data received through a messaging network.” (paragraph 0002)

Claim 28 is rejected under 35 U.S.C. 103 as being unpatentable over Ebrahimi in view of Cavendish, as applied to Claim 16, above, and further in view of Yang et al., (US 20210037009 A1) hereinafter referred to as Yang.
Regarding Claim 28, the combination of Ebrahimi and Cavendish does not explicitly teach wherein the method is executed in decentralized manner in a data technology network.
Yang teaches wherein the method is executed in decentralized manner in a data technology network. [paragraph 0002, The present disclosure relates in general to biometric authentication, and in particular to a decentralized platform for biometric authentication] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Yang with the disclosures of Ebrahimi and Cavendish. The motivation or suggestion would have been “for biometric authentication.” (paragraph 0002)

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANDREW J STEINLE whose telephone number is (571)272-9923.  The examiner can normally be reached on M-F 10am-6pm CT.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on (571) 272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ANDREW J STEINLE/Primary Examiner, Art Unit 2497