Notice of Pre-AIA  or AIA  Status
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
2.	Applicant’s arguments filed 06/29/2021, with respect to the 35 U.S.C 103(a) rejection(s) of claims 1-4, 6-14, 16-18, and 20-23 stand rejected as
unpatentable over Nayshtut (20170093803) in view of Smith (20160182497) have been fully considered. However, upon further consideration, a new ground(s) of rejection is made in view of amended claims.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

3. 	Claims 1 -4, 6-14, 16-18, and 20-23 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Publication No. 20170093803 hereinafter Nayshtut in view of U.S. Publication No. US 20160182497 hereinafter Smith, and further in view of U.S. Publication No. 20170178237 hereinafter Wong.

As per claim 1, Nayshtut discloses:
Fig. 1, para 0027 “FIG. 1 is a network-level diagram of a secured enterprise 100 according to one or more examples of the present specification. Secured enterprise 100 may be configured to provide services to a consumer 162 via a secure service matching method as described herein.”), the method comprising:
identifying, by a selection device coupled to a memory, at least a first cryptographic evaluator of a plurality of cryptographic evaluators (para 0014 “In an example, there is disclosed a computing apparatus having one or more logic elements forming a non-encrypted flow processor engine; and one or more logic elements forming a service selection engine, wherein the one or more logic elements include a trusted execution environment (TEE).” para 0022 “In one example, a consumer requests a service via a client device, such as a smart phone, equipped with a trusted execution environment (TEE), which may include for example a memory enclave accessible only via special trusted execution instructions.” Para 0023 “Within the TEE, the provider's device may decrypt the encrypted service request, and match the request against parameters (such as predefined descriptors of the service or item for sale) including contextual data and service data to determine whether the provider is available to service the request..” Para 0028 “In the example of FIG. 1, one or more users 120 operate one or more client devices 110.” Para 0085 “Turning to FIG. 5B, after receiving encrypted service request 520, each provider 510 performs match processing 530. Match processing 530 may include, for example, analyzing encrypted service request 520 within an enclave 440 running a service selection engine 224. At this stage, service selection engine 224 does not reveal to providers 510 the contents of encrypted service request 520. Rather, service selection engine 224 simply performs its matching function to determine whether each provider 510 is available to provide services according to encrypted service request 520.”),
wherein identifying the at least a first cryptographic evaluator further comprises: evaluating a secure proof generated by the at least a first cryptographic evaluator and identifying the at least a first cryptographic evaluator as a function of the secure proof (para 0103 “In block 710, flow processor 640 encrypts user data and sends encrypted service request 520 via communicator 660. It should be noted that in some cases, encrypting the encrypted service request may include interoperation with TEE 610 and zero knowledge proof engine 630.” Para 0105 “In block 740, flow processor 640 provides the one or more match notifications 540 to zero knowledge proof engine 630 of TEE 610. TEE 610 may use encryption tokens within key storage 670 to internally decrypt match notifications 540. Zero knowledge proof engine 630 may then compare selection criteria 620 to data provided within the encrypted match notifications 540.” Para 0106 “Enclave 440 may also digitally sign its output, which provides a verifiable means of ensuring that content has not been tampered with or modified since being rendered by secure rendering engine 410. A digital signature provided by enclave 440 is unique to enclave 440 and is unique to the hardware of the device hosting enclave 440. Additionally, enclave 440 may provide a trusted measurement of itself for external verification of 
assigning a confidence level (para 0080 “Enclave 440 may also digitally sign its output, which provides a verifiable means of ensuring that content has not been tampered with or modified since being rendered by secure rendering engine 410. A digital signature provided by enclave 440 is unique to enclave 440 and is unique to the hardware of the device hosting enclave 440. Additionally, enclave 440 may provide a trusted measurement of itself for external verification of integrity and to provide assurance to client 110, user 120, consumer 162, admin 150, client app 112, or cluster 142 that the enclave operates on untampered, isolated (and therefore trusted) software. This trust indication may be submitted before receiving private data, and software 112 or 142 may decide whether it is safe to proceed with the data exchange. The 
and assigning a task, wherein the task comprises computational and data storage tasks (para 0073 “Service management engine 324 may include one or more non-transitory computer-readable mediums having stored thereon executable instructions operable to instruct a processor to provide a security engine. At an appropriate time, such as upon booting server 140 or upon a command from operating system 322 or a user 120 or security administrator 150, processor 310 may retrieve a copy of service management engine 324 (or software portions thereof) from storage 350 and load it into memory 320. Processor 310 may then iteratively execute the instructions of service management engine 324 to provide the desired method.” Para 0113 “Similar to service selection engine 224-1 of FIG. 6, service selection engine 224-2 includes a flow processor 840, a communicator 860, a TEE 810 including a zero knowledge proof engine 830 and key storage 870, and inputs such as local context 830 and service data 820. In this example, flow processor 840 and communicator 860 perform substantially similar or identical functions to their counterparts in FIG. 6. Similarly, zero knowledge proof engine 830 and key Para 0114 “Local context 830 may include static or real-time contextual data that may influence the ability of provider 510 to service a particular request. For example, if a taxi service is provided, context 830 may include an input from a GPS receiver, indicating where a particular taxi is at a given time. Depending on his or her location, provider 510 may or may not be able to service a particular request. Decisions informed by context 830 may go beyond simple boolean "yes" or "no" decisions, and may indicate the desirability of servicing a particular request. For example, if provider 510 is operating a taxi two miles away from the consumer's pickup location, this may be considered a highly desirable fare because the consumer is very close. On the other hand, if provider 510 is 10 miles away, it may be possible to service a request for 20 minutes from now, but may be less desirable than if the consumer were much closer. Context may also include inputs such as traffic conditions, speed limits on the fastest route to the pickup location, road conditions, and other similar factors. Thus, based on context 830, a sliding scale may be defined for desirability of servicing a particular encrypted service request 520. As with consumer 162, provider 510 may provide feedback after the fact to "train" service selection engine 240-1 224-2 for making better future decisions.”)

Nayshtut does not disclose:
wherein a secure proof is evaluated as a function of a temporally sequential listing
assigning, by a selection device, a confidence level of the at least a first cryptographic evaluator; selecting, by a selection device, a distributed framework from the plurality of cryptographic evaluators as a function of the confidence level
and assigning a task to the distributed framework

Smith discloses:
assigning, by a selection device, a confidence level of the at least a first cryptographic evaluator (para 0023, 0053 and 0064 “In one example, the issuer 26a may choose Taskinfo=Vendor TEE for a TEE within the prover 16a that is provided by a particular vendor (e.g., Intel.RTM. TEE), and add the Taskinfo value to the S3 message 34 to provide an attestation proof of vendor hardware, vendor software, and so on. Notably, since the Taskinfo value is provided over the secure channel and/or includes a message that is signed by a legitimate EPID value EPID.sub.D, the group generator 20 may trust that the Taskinfo value is legitimate and use the Taskinfo value to determine a level of trust for the TEE.”)
selecting, by a selection device, a distributed framework from the plurality of cryptographic evaluators as a function of the confidence level (Fig. 4, para 0065 “Illustrated processing block 122 maintains a list of TEID values as the only identifiers for each prover device that is a participant of the group. Thus, the 
Thus, the list of group operations may be referenced to provide a service.” Para 0066 “For example, user input from a Ul of the verifier device may be identified to detect that the service is needed. Illustrated processing block 126 issues a session request including a TEID value that is stored external to prover device for verification by the prover device. For example, the processing block 126 may contact the prover device to provide the service (e.g., confirm participation) when the service is needed. In response, illustrated processing block 128 receives the session request including the TEID value, and illustrated processing block 130 verifies the TEID value in the session request to determine whether to respond to the request.” Para 0067 “Accordingly, the processing block 130 may receive the value that identifies the group (e.g., Basename) in the session request that is stored external to the prover device and may generate a re-derived TEID based on a combination of the unique value (e.g., MasterlD) internal to the TEE that is not exposed outside of the TEE and the value that identifies the group (e.g., Basename) in the session request. In addition, the processing block 130 may compare the TEID value in the session request with the re-derived TEID to determine whether a match exists to verify the TEID that was received in the session request.”)
and assigning a task to the distributed framework (para 0068 “Illustrated processing block 132 issues a participation reply when the TEID value is 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method for providing services to a consumer via a secure service matching method Nayshtut to include assigning, by a selection device, a confidence level of the at least a first cryptographic evaluator, selecting, by a selection device, a distributed framework from the plurality of cryptographic evaluators as a function of the confidence level and assigning a task to the distributed framework, as taught by Smith.
The motivation would have been to determine the trust level to properly select a distributed framework to increase the security of assigned task to trusted networks.

Nayshtut in view of Smith does not disclose:
 	wherein a secure proof is evaluated as a function of a temporally sequential listing
	Wong discloses:
wherein a secure proof is evaluated as a function of a temporally sequential listing (para 0058 “In one embodiment a public ledger system, also known as block chain, is being made use of and records are signed, similar to cryptocurrencies, to protect the blocks and records inside the blocks from being doctored with false transaction data for the benefit of any entity and double spending, thereby making all transactions immutable and irreversible.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method for providing services to a consumer via a secure service matching method Nayshtut in view of Smith to wherein a secure proof is evaluated as a function of a temporally sequential listing, as taught by Wong.
The motivation would have been to create and manage virtual currency in order to make all transactions irreversible.

As per claim 2, Nayshtut in view of Smith and Wong discloses:
The method of claim 1, wherein the secure proof further comprises a digital signature (Nayshtut para 0080) and (Smith para 0020, 0023, 0063, and 0087 “The motivation would have been to utilize a signature as secure proof to properly provided attestation of trusted participants”).

As per claim 3, Nayshtut in view of Smith and Wong discloses:


As per claim 4, Nayshtut in view of Smith and Wong discloses:
The method of claim 1, wherein the secure proof is a zero-knowledge proof (Nayshtut para 0102-0108).

As per claim 6, Nayshtut in view of Smith and Wong discloses:
The method of claim 1, wherein evaluating the secure proof further comprises: receiving a verification datum corresponding to the secure proof, and evaluating the secure proof as a function of the verification datum (Nayshtut para 0080 and 0105).

As per claim 7, Nayshtut in view of Smith and Wong discloses:
The method of claim 1, wherein identifying the at least a first cryptographic evaluator further comprises identifying a first cryptographic evaluator using a first identification protocol and identifying a second cryptographic evaluator using a second identification protocol, wherein the first identification protocol is distinct from the second identification protocol (Smith para 0004 and 0019, the motivation would have been to properly select the cryptographic evaluator based on the best suitable identification protocol).
As per claim 8, Nayshtut in view of Smith and Wong discloses:
The method of claim 1 further comprising determining a confidence level in an identity of the at least a first cryptographic evaluator, and wherein assigning the at least a confidence level further comprises assigning the at least a confidence level as a function of the at least a confidence level in the identity
(Nayshtut para 0080) and Smith para 0023, 0050, 0055 and 0064 “The motivation would have determine the confidence level based on the identity to properly verify the authenticity of a device or individual.”)

As per claim 9, Nayshtut in view of Smith and Wong discloses:
The method of claim 1, wherein assigning a confidence level further comprises: evaluating at least a digitally signed assertion signed by a cryptographic evaluator of the at least a first cryptographic evaluator; and assigning a confidence level to the cryptographic evaluator as a function of the evaluation of the at least a digitally signed assertion (Smith para 0019, 0023, 0024, 0062 and 0063 “The motivation would have determine the confidence level based on the identity to properly verify the authenticity of a device or individual.”).

As per claim 10, Nayshtut in view of Smith and Wong discloses:
The method of claim 9, wherein: the digitally signed assertion is contained in a temporally sequential listing of digitally signed assertions (Nayshtut para 0080) and (Smith para 0024 and 0032 “The motivation would have determine the confidence level based on the identity to properly verify the authenticity of a device or individual.”).

As per claim 11, Nayshtut in view of Smith and Wong discloses:
The method of claim 1, wherein assigning the at least a confidence level further comprises receiving a consensus evaluation of the at least a confidence level from a network of cryptographic evaluators (Nayshtut para 0087, 0088, 0106, and 0145).

As per claim 12, Nayshtut in view of Smith and Wong discloses:
The method of claim 1, wherein assigning the at least a confidence level further comprises: evaluating an assertion, in a temporally sequential listing of assertions, assigning a recorded confidence level to a cryptographic evaluator of the at least a first cryptographic evaluator; and assigning the confidence level as a function of the recorded confidence level (Smith para 0013, 0023, 0024, 0050, 0063 and 0064 “The motivation would have been to properly assigned a confidence level in order to properly determine an authenticity of a subject.”).

As per claim 13, Nayshtut in view of Smith and Wong discloses:
The method of claim 1, wherein assigning the at least a confidence level further comprises performing a trusted time evaluation of at least an action performed by the at least a first cryptographic evaluator (Nayshtut para (Smith para 0014, 0033, and 0040, “The motivation would have been to perform a temporary trusted ephemeral identifier to assigned the confidence level in order to properly conduct trust transactions at certain times”).

As per claim 14, Nayshtut in view of Smith and Wong discloses:
The method of claim 1, wherein selecting the distributed framework further comprises selecting a distributed framework including the at least a first cryptographic evaluator (Nayshtut Figs.1 and 5a-e, para 0021 and 0084).

As per claim 16, Nayshtut in view of Smith and Wong discloses:
The method of claim 1, wherein selecting the distributed framework further comprises selecting at least a geographically proximate cryptographic evaluator of the plurality of cryptographic evaluators (Nayshtut para 0114).

As per claim 17, Nayshtut in view of Smith and Wong discloses:
The method of claim 1, wherein selecting the distributed framework further comprises selecting at least a temporally proximate cryptographic evaluator (Nayshtut para 0114).

As per claim 18, Nayshtut in view of Smith and Wong discloses:
(Nayshtut para 0051).

As per claim 20, Nayshtut in view of Smith and Wong discloses:
The method of claim 1, wherein selecting the distributed framework further comprises: generating a cost function of confidence level and communication latency; and minimizing the cost function (Nayshtut para 0080, 0087, 0114 and 0115).

As per claim 21, Nayshtut in view of Smith and Wong discloses:
The method of claim 1 wherein selecting the distributed framework further comprises: receiving, from the at least a first cryptographic evaluator, an identification of at least a second cryptographic evaluator of the plurality of cryptographic evaluators; and selecting the at least a second cryptographic evaluator as a function of the identification of the at least a second cryptographic evaluator (Nayshtut Fig. 7, para 0105).

As per claim 21, Nayshtut in view of Smith and Wong discloses:
The method of claim 21, wherein the identification of the at least a second cryptographic evaluator further comprises a digitally signed assertion generated by the at least a first cryptographic evaluator (Nayshtut para 0080).
As per claim 23, the implementation of the method of claim 1 will execute the system of claim 23. The claim is analyzed with respect to claim 1.

4. 	Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Nayshtut in view of Smith, and in view of Wong, and further in view of U.S. Publication No. 20180351753 hereinafter Gardner.

As per claim 5, Nayshtut in view of Smith and Wong discloses:
The method of claim 1, wherein the secure proof (Nayshtut para 0080, 0104 and 0105) is generated using a physically unclonable function

Nayshtut in view of Smith and Wong does not disclose:
secure proof is generated using a physically unclonable function

Gardner discloses:
secure proof is generated using a physically unclonable function (para 0098 “Using Algorithms 1 and 2 for storing and retrieving a sensitive value, and Algorithm 4 for performing the initial distributed key generation protocol, arbitrary PUF-enabled threshold cryptographic operations (e.g., decryption, digital signatures, zero knowledge proofs) can be performed. Algorithm 5 describes how to evaluate an arbitrary threshold cryptographic operation O that includes as input a participant's share r.sub.i. Note that the recovered share Also see para 0099-0111).	
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method for providing services to a consumer via a secure service matching method Nayshtut in view of Smith and Wong to include secure proof is generated using a physically unclonable function, as taught by Smith.
The motivation would have been to utilize a secure function to determine secure proofs for verification processes.

5. 	Claim 15 is rejected under 35 U.S.C. 103 as being unpatentable over Nayshtut in view of Smith, and in view of Wong, and further in view of U.S. Publication No. 20100153928 hereinafter Livshits.

As per claim 15, Nayshtut in view of Smith and Wong discloses:
The method of claim 1, wherein: the plurality of cryptographic evaluators is connected to the selection device via a network; and selecting the distributed framework further comprises selecting at least a proximate cryptographic evaluator of the plurality of cryptographic evaluators (Nayshtut para 0103-0111)

Nayshtut in view of Smith and Wong does not disclose:
selecting at least a cryptographic evaluator in a graph representing a network

Livshits discloses:
(para 0056 “The compiler may incorporate infrastructure-specific information during compilation, and make user guided or autonomous compile time decisions based on the infrastructure-specific information. Infrastructure-specific information may comprise the processor and other hardware present on an executing server, network link capacity, performance, reliability, storage cost, etc. For example, if dedicated cryptographic hardware is available on a server, during compilation the compiler may choose to utilize that dedicated cryptographic hardware to execute cryptographic functions found in the service graph, rather than execute them on the central processor of the server.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method for providing services to a consumer via a secure service matching method Nayshtut in view of Smith and Wong to include selecting at least a cryptographic evaluator in a graph representing a network, as taught by Livshits.
The motivation would have been to properly select at least a cryptographic evaluator in a graph representing a network thereby able to visual associate the network assigned processes.
6. 	Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over Nayshtut in view of Smith and Wong, and further in view of U.S. Publication No. 20170155662 hereinafter Courbon.

As per claim 19, Nayshtut in view of Smith and Wong discloses:
The method of claim 1, wherein selecting the distributed framework further comprises: establishing an aggregate confidence-level threshold (Nayshtut para 0044, 0045, and 0080);

Nayshtut in view of Smith and Wong does not disclose:
determining confidence levels of one or more cryptographic evaluators of a plurality of cryptographic evaluators
aggregating the confidence levels of the one or more cryptographic evaluators to generate an aggregate confidence level
determining that the aggregate confidence level satisfies the aggregate confidence-level threshold and
selecting the one or more cryptographic evaluators

Courbon discloses:
determining confidence levels of one or more cryptographic evaluators of a plurality of cryptographic evaluators, aggregating the confidence levels of the one or more cryptographic evaluators to generate an aggregate confidence level, determining that the aggregate confidence level satisfies the aggregate confidence-level threshold and selecting the one or more para 0090 “If the locstamp matches the record within a preset threshold, a maximum trust score may be determined and the certification of the TCN (trusted computing nodes) is renewed. If not, a zero trust score is determined and certification may be denied or repudiated (Step 750). A routine may be implemented to process cases in error. Also a threshold may be defined within which certification is renewed. A trust score may be defined which may be a function of various parameters: results of different consistency checks possibly performed at the TCN itself or at the orchestrator/scheduler level. Optionally, consistency checks may be performed between peers. For instance, when two TCNs are deemed to operate in specific areas, the sending TCN may acquire by a Subscribe query the position of a candidate receiving TCN before sending a message to the candidate receiving TCN. Alternatively, a TCN may regularly poll the available SLMs of other TCNs to which it regularly sends messages and maintain locally a list of TCNs with their confidence score, so that it can avoid sending messages/data to untrustworthy TCNs. Alternatively, a list of untrustworthy TCNs, possibly for specific applications, may be broadcast regularly by the TCN Registry. The trust score of the TCN recorded in the TCN Registry is updated at step 760.” Para 0091 “Based on the last current trust score, the parameterization of the task scheduler 720 may be updated. Task scheduling may be based on available resources, QoS, cost, national Para 0094 “In some embodiments of the invention, it is possible to include in a TCN, notably in its hypervisor or its VMs, an application which confines a number of tasks/functions to be executed on the TCN on this TCN and avoid migration, or only authorize migration to TCNs located in a predefined geographic area and/or to TCNs having a predefined minimum trust score.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method for providing services to a consumer via a secure service matching method Nayshtut in view of Smith and Wong to include determining confidence levels of one or more cryptographic evaluators of a plurality of cryptographic evaluators, aggregating the confidence levels of the one or more cryptographic evaluators to generate an aggregate confidence level, determining that the aggregate confidence level satisfies the aggregate confidence-level threshold and selecting the one or more cryptographic evaluators, as taught by Courbon.
.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GARY S GRACIA whose telephone number is (571)270-5192.  The examiner can normally be reached on Monday-Friday 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/GARY S GRACIA/Primary Examiner, Art Unit 2491