Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This Office Action is in response to the application 16/820,294 filed on 03/16/2020. Claims 1, 14, and 20 are independent claims.  Claims 1-20 have been examined and are pending. This Action is made Non-FINAL.

Drawings
The drawings were received on 03/16/2020.  These drawings are reviewed and accepted by the Examiner.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 06/30/2021 is being considered by the examiner.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows: 
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-13 and 20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.
Regarding claim 1, the claim is directed to a computing system; however, there is no hardware element recited within the claimed system. As recited in the body of the claim, the claimed system contains “one or more processors” and “a computer-readable media.”  
a) Regarding the claimed processors, the specification does not define what type of processors are claimed; at most the specification provides various examples of processors, such as “physical and tangible processor” (par. 0035), “general-purpose processor” (par. 0036), “processor thread” (par. 0038) and “message processors” (par. 0048). The specification does not explicitly define that the claimed “one or more processors” are only implemented in hardware.  One of ordinary skill in the art would understand that a ‘processor’ could be a software processor (See “The Authoritative Dictionary of IEEE Standards Terms,” Seventh Edition, published in 2000).   
b) Regarding the claimed computer-readable media, in light of the specification, the claimed “computer-readable media” include transmission media,” which is non-statutory subject matter.  In addition, under a recent precedential opinion, the scope of the recited “computer readable storage media” encompasses transitory media such as signals or carrier waves, where, as here the Specification does not limit the computer readable storage medium to non-transitory forms.  See Ex parte Mewherter, 107 USPQ2d 1857, 1862.   
As the body of the claim does not positively recite any hardware embodiment, the claim is directed to non-statutory subject matter.  The nominal recitation of the Am. Med. Sys., Inc v. Biolitec, Inc., 618 F.3d 1354, 1358 (Fed. Cir. 2010).    The Examiner respectfully suggests that the claim be further amended to positively recites at least one hardware element within the body of the claim to make the claim statutory subject matter under 35 U.S.C. 101.  
Regarding claims 2-13, claims 2-13 are also rejected under 35 U.S.C 101 as being directed to non-statutory subject matter for the same reasons addressed above.
Regarding claim 20; Claim 20 is rejected under 35 U.S.C. 101 as being directed to non-statutory subject matter as the claimed computer program product is not stored on any non-transitory media and/or hardware device.  The claimed “computer program product” includes “one or more computer-readable storage media.”  The specification does not explicitly exclude propagate signals from the claimed computer-readable storage media. At most, the specification provides some examples regarding “physical and tangible storage medium” (pars. 0042-0043).  However, the specification does not explicitly define the claimed “computer storage media” does not encompass propagate signals.  Please note that under a recent precedential opinion, the scope of the recited “computer readable storage media” encompasses transitory media such as signals or carrier waves, where, as here the Specification does not limit the computer readable storage medium to non-transitory forms.  See Ex parte Mewherter, 107 USPQ2d 1857, 1862.   The Examiner respectfully suggests that the claim be further amended to “A computer program product comprising one or more a non-transitory computer-readable media” or the like to make the claim statutory under 35 U.S.C. 101.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim 14, 15, and 18 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Dmitrij Lagutin (“Lagutin,” Enabling Decentralised Identifiers and Verifiable Credentials for Constrained IoT Devices using OAuth-based Delegation”, 24 Feb. 2019, pages 1-6).
Regarding claim 14, Lagutin teaches a method for authorizing access to a verifiable claim so that a user who is the subject of the verifiable claim need not actively authorize the access, the method comprising:
generating an access token that is configured to provide access to a verifiable claim that was previously issued on behalf of a user that is the subject of the verifiable claim (Lagutin: figures 1, 2: page 2, Col. 1, paragraph 1; page 2 section “A. OAuth 2.0”, generating an access token that can be used by the client to prove the Resource server (RS) that is allowed to access the protected resource within the scope of the access token …”);
providing the access token to an entity that is to be given access to the verifiable claim (Lagutin: figures 1, 2; page 2 section “A. OAuth 2.0”; page 4  Col. 2 step  “5) The AS … send back a proof-of-possession (PoP) access token”);
(Lagutin: figures 1, 2; page 4, Col. 2, step “6) Lecturer proceeds to communication with the printer using the access token”);
validating the access token Lagutin: figures 1, 2; page 4, Col. 2, step “6) Lecturer proceeds to communication with the printer using the access token”; page 4 Col. 2, paragraph 2); and
providing the entity with access to the verifiable claim upon validation of the access token without the user having to actively authorize the access (Lagutin: figures 1, 2; page 4, Col. 2, step “6) Lecturer proceeds to communication with the printer using the access token”; page 4 Col. 2, paragraph 2). 
Regarding claim 15, Lagutin teaches the method of claim 14.  Lagutin further discloses comprising:
attaching the access token to the verifiable claim (Lagutin: page. 4, Col. 2, step “5) The AS verifies Lecturer’s proof and sends back a proof-of- possession (PoP) access token”); and 
providing the verifiable claim to the entity (Lagutin: page. 4, Col. 2, step “5) The AS verifies Lecturer’s proof and sends back a proof-of- possession (PoP) access token”). 
Regarding claim 18, Lagutin teaches the method of claim 14. Lagutin further discloses wherein providing the entity with access to the verifiable claim comprises: allowing the entity to use the verifiable claim when providing a service to the user (Lagutin: page 4, Col. 2, step “6) Lecturer proceeds to communicate with the printer using the access token”).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person.
Claims 1-3, 7, 11, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Dmitrij Lagutin (“Lagutin,” Enabling Decentralised Identifiers and Verifiable Credentials for Constrained IoT Devices using OAuth-based Delegation”, 24 Feb. 2019, pages 1-6) in view of Yang et al. (“Yang,” US 2020/0127847, filed Dec. 18, 2019).
 Regarding claim 1, Lagutin discloses a computing system for authorizing access to a verifiable claim so that a user who is the subject of the verifiable claim need not actively authorize the access (Lagutin: figs. 1-2), the computing system comprising:
 generate an access token that is configured to provide access to a verifiable claim that was previously issued on behalf of a user that is the subject of the verifiable claim (Lagutin: figures 1, 2: page 2, Col. 1, paragraph 1; page 2 section “A. OAuth 2.0”, generating an access token that can be used by the client to prove the Resource server (RS) that is allowed to access the protected resource within the scope of the access token …”);
provide the access token to an entity that is to be given access to the verifiable claim (Lagutin: figures 1, 2; page 2 section “A. OAuth 2.0”; page 4  Col. 2 step  “5) The AS … send back a proof-of-possession (PoP) access token”);
(Lagutin: figures 1, 2; page 4, Col. 2, step “6) Lecturer proceeds to communication with the printer using the access token”);
validate the access token (Lagutin: figures 1, 2; page 4, Col. 2, step “6) Lecturer proceeds to communication with the printer using the access token”; page 4 Col. 2, paragraph 2); and 
  provide the entity with access to the verifiable claim upon validation of the access token without the user having to actively authorize the access (Lagutin: figures 1, 2; page 4, Col. 2, step “6) Lecturer proceeds to communication with the printer using the access token”; page 4 Col. 2, paragraph 2). 
Lagutin disclose authentication Server (AS) but does not explicitly disclose
one or more processors; and one or more computer-readable media having thereon computer-executable instructions that are structured such that, when executed by the one or more processors.
However, in an analogous art, Yang discloses system and method for issuing verifiable claims, wherein one or more processors (Yang: par. 0019, one or more processors and one or more computer-readable memories ….); and one or more computer-readable media having thereon computer-executable instructions that are structured such that, when executed by the one or more processors (Yang: par. 0019, one or more processors and one or more computer-readable memories ….).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Yang with the method and system of Lagutin, wherein one or more processors; and one or more  having thereon computer-executable instructions that are structured such that, when executed by the one or more processors to provide users with means for providing interfaces and automated software solutions for an entity to manage identities on behalf of other entities.  The online platform also includes storage of mapping information between decentralized identities and business accounts or service identifiers.  This facilitates creation of a large number of decentralized identifiers or verifiable claims using simplified control actions as well as effective cross-reference of different identities for a single person or entity (Yang: par. 0025).
Regarding claim 2, the combination of Lagutin and Yang teaches the computing system of claim 1. Lagutin further teaches comprising: 
attaching the access token to the verifiable claim  (Lagutin: page. 4, Col. 2, step “5) The AS verifies Lecturer’s proof and sends back a proof-of- possession (PoP) access token”); and 
providing the verifiable claim to the entity (Lagutin: page. 4, Col. 2, step “5) The AS verifies Lecturer’s proof and sends back a proof-of- possession (PoP) access token).
Regarding claim 3, the combination of Lagutin and Yang teaches the computing system of claim 1. Lagutin further teaches, wherein the entity is an issuing entity that issued the verifiable claim on behalf of the user (Lagutin: figures 1, 2; the printing services).
Regarding claim 7, the combination of Lagutin and Yang teaches the computing system of claim 1. Lagutin further teaches, wherein providing the entity with to access to the verifiable claim comprises: 
(Lagutin: page 4, Col. 2, step “6) Lecturer proceeds to communicate with the printer using the access token”). 
Regarding claim 11, the combination of Lagutin and Yang teaches the computing system of claim 1. The combination of Lagutin and Yang further teaches, wherein the computing system is associated with a management module controlled by the user (Yang: pars. 0048, 0103, user agent 411 allow the user to take control over the decentralized identifier (DID) using the recovery key).
Regarding claim 20, claim 20 is directed to a computer program product comprising one or more computer-readable storage media having thereon computer-executable instructions that are structured such that, when executed by one or more processors of a computing system, cause the computing system to perform a method for authorizing access to a verifiable claim so that a user who is the subject of the verifiable claim need not actively authorize the access associated with the method claimed in claim 1; claim 14 is similar in scope to claim 1, and is therefore rejected under similar rationale.
Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over Dmitrij Lagutin (“Lagutin,” Enabling Decentralised Identifiers and Verifiable Credentials for Constrained IoT Devices using OAuth-based Delegation”, 24 Feb. 2019, pages 1-6) in view of Yang et al. (“Yang,” US 2020/0127847, filed Dec. 18, 2019), and further in view of Hoyer et al. (“Hoyer,.
Regarding claim 4, the combination of Lagutin and Yang teaches the computing system of claim 1. Lagutin does not explicitly disclose wherein the entity is a relying party that uses the verifiable claim when providing a service to the user.
However, in an analogous art, Hoyer teaches mobile credential with online/offline delivery, wherein the entity is a relying party that uses the verifiable claim when providing a service to the user (Hoyer: par. 0005, a license/credential that is verifiable under different conditions, including a relying party device not communicating with a centralized verification system). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Hoyer with the method and system of Lagutun and Yang, wherein the entity is a relying party that uses the verifiable claim when providing a service to the user to provide users with means for providing a license/credential that is verifiable  under different conditions, including a relying party device not communicating with a centralized verification system (Hoyer: par. 0005).
Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Dmitrij Lagutin (“Lagutin,” Enabling Decentralised Identifiers and Verifiable Credentials for Constrained IoT Devices using OAuth-based Delegation”, 24 Feb. 2019, pages 1-6) in view of Yang et al. (“Yang,” US 2020/0127847, filed Dec. 18, 2019), further in view of Lin et al. (“Lin,” US 2020/0145196, filed Jan. 6, 2020). 
Regarding claim 5, the combination of Lagutin and Yang teaches the computing system of claim 1.  The combination of Lagutin and Yang further teaches 
However, in an analogous art, Lin discloses system and method for implementing a resolver service for decentralized identifiers, wherein allowing the entity to update one or more properties of the verifiable claim (Lin: par. 0009, the event data further comprises a plurality of updates associated with a plurality of verifiable claims (VCs). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Lin with the method and system of Lagutin and Yang, wherein allowing the entity to update one or more properties of the verifiable claim to provide users with means for the resolver service integrates the capabilities of executing DID methods, creating blockchain operations, and collecting data from the blockchain, and makes such capabilities accessible to external systems or applications via API interfaces.  This allows flexible control of operations related to decentralized identity management and convenient access to information associated with decentralized identities using programming languages or protocols other than those required by the blockchain (Lin: par. 0026).
Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over Dmitrij Lagutin (“Lagutin,” Enabling Decentralised Identifiers and Verifiable Credentials for Constrained IoT Devices using OAuth-based Delegation”, 24 Feb. 2019, pages 1-6) in view of Yang et al. (“Yang,” US 2020/0127847, filed Dec. 18, 2019), further in view of Lin et al. (“Lin,” US 2020/0145196, filed Jan. 6, 2020), and Alexander Muhle (“Muhle.
Regarding claim 6, the combination of Lagutin, Yang, and Lin further discloses teaches the computing system of claim 5, wherein updating the one or more properties of the verifiable claim but does not explicitly disclose updating duration information metadata that specifies a time period that the verifiable claim is valid or a predetermined number of times the verifiable is valid for use.
However, in an analogous art, Muhle discloses a survey on essential components of a self-sovereign identity, wherein a verifiable claim includes a valid period (Muhle: page 84, Col. 1, section 5. Verifiable claims).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Muhle with the method and system of Lagutin, Yang, and Lin, wherein updating the one or more properties of the verifiable claim but does not explicitly disclose updating duration information metadata that specifies a time period that the verifiable claim is valid or a predetermined number of times the verifiable is valid for use to provide users with means for protecting against tampering by the claim issuer.
Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Dmitrij Lagutin (“Lagutin,” Enabling Decentralised Identifiers and Verifiable Credentials for Constrained IoT Devices using OAuth-based Delegation”, 24 Feb. 2019, pages 1-6) in view of Yang et al. (“Yang,” US 2020/0127847, filed Dec. 18, 2019), further in view of Zamir et al. (“Zamir,” US 2021/0034778, filed Aug. 1, 2019).
Regarding claim 8, the combination of Lagutin and Yang teaches the computing system of claim 1.  The combination of Lagutin and Yang teaches, wherein the (Lagutin: abstract (DID)), (2) a property of the subject entity (Lagutin: fig. 2, Lecturer (User)), (3) a value corresponding to the property (Lagutin: fig. 2, Printer (IoT device)), and (5) one or more conditions for accessing the verifiable claim (Lagutin: page 4, Col. 2,  step “5) The Authentication server (AS) verifies Lecturer’s proof and send back a proof-of possession (PoP) access token” ; page 4, Col. 2,step “ 6) Lecturer proceeds to communicate with the printer using the access token”).
Lagutin and Yang do not teaches wherein the verifiable claim comprises a unique identifier identifying the corresponding verifiable claim
However, in an analogous art, Zamir teaches anonymous ranking service, wherein the verifiable claim comprises a unique identifier identifying the corresponding verifiable claim (Zamir: par. 0027, a verifiable claim may bind a unique identifier to an identifier from the decentralized identify system).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Zamir with the method and system of Lagutin and Yang, wherein the verifiable claim comprises a unique identifier identifying the corresponding verifiable claim to provide users with means for protecting data including user data which is controlled by the user (Zamir: abstract).
Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Dmitrij Lagutin (“Lagutin,” Enabling Decentralised Identifiers and Verifiable Credentials for Constrained IoT Devices using OAuth-based Delegation”, 24 Feb. 2019, pages 1-6) in view of Yang et al. (“Yang,” US 2020/0127847, filed Dec. 18, 2019), further in view of Zamir et al. Zamir,” US 2021/0034778, filed Aug. 1, 2019), and Gonzales, Jr. (“Gonzales,” US 2019/0207995, published Jul. 4, 2019).
Regarding claim 9, the combination of Lagutin, Yang, and Zamir teaches the computing system of claim 8. The combination of Lagutin, Yang, and Zamir further teaches, the one or more conditions but does not explicitly disclose comprising at least one of the following: (1) requiring a relying entity to pay a predetermined amount of value, (2) requiring a relying entity to provide identification information, (3) requiring a relying entity to provide one or more verifiable claim(s), (4) requiring a relying entity to grant permission for accessing a portion of data, or (5) requiring a relying entity to provide a particular service.
However, in an analogous art, Gonzales discloses secure management of content distribution of content distribution data blocks on a blockchain, wherein the one or more conditions comprising at least one of the following: (1) requiring a relying entity to pay a predetermined amount of value, (2) requiring a relying entity to provide identification information, (3) requiring a relying entity to provide one or more verifiable claim(s), (4) requiring a relying entity to grant permission for accessing a portion of data (Gonzales:fig. 3B,  pars. 0070-0073, the record of metadata, one or more conditions  to access or provide service), or (5) requiring a relying entity to provide a particular service to provide users with means for (Gonzales:fig. 3B,  pars. 0070-0073, the record of metadata, one or more conditions  to access or provide service).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Zamir with the method and system of Lagutin, Yang, and Zamir, wherein the one or more conditions (Gonzales: pars. 0005, 0034).
Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Dmitrij Lagutin (“Lagutin,” Enabling Decentralised Identifiers and Verifiable Credentials for Constrained IoT Devices using OAuth-based Delegation”, 24 Feb. 2019, pages 1-6) in view of Yang et al. (“Yang,” US 2020/0127847, filed Dec. 18, 2019), further in view of Birgisson et al. (“Birgisson,” US 2017/0220793, published Aug. 3, 2017).
Regarding claim 10, the combination of Lagutin and Yang teaches the computing system of claim 1.  The combination of Lagutin and Yang disclose the access verifiable claim but does not explicitly disclose, further comprising:
generating revocation data that is configured to revoke the access token; 
providing the revocation data to the entity; and 
revoking the access to the verifiable claim. 

generating revocation data that is configured to revoke the access token (Birgisson: pasr. 0038-0039, the revocation of access has been initiated by the owner device 110.  For instance, the revocation data can include user identifiers that represent values indicative of a user identity, such as a hash value or other types of derivatives of data associated with the user. The access control blacklist 132 also specifies information related to the limited token 126a for a user whose access has been revoked); 
providing the revocation data to the entity (Birgisson: pars. 0038, 0039, the revocation of access has been initiated by the owner device 110.  For instance, the revocation data can include user identifiers that represent values indicative of a user identity, such as a hash value or other types of derivatives of data associated with the user); and 
revoking the access to the verifiable claim (Birgisson: pars. 0038-0039, … The access control blacklist 132 also specifies information related to the limited token 126a for a user whose access has been revoked). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Birgisson with the method and system of Lagutin and Yang, wherein generating revocation data that is configured to revoke the access token; providing the revocation data to the entity; and revoking the access to the verifiable claim to provide users with means for preventing replay attacks in which valid data transmissions are used maliciously or fraudulently repeated (Birgisson: par. 0004).
Claims 12-13 are rejected under 35 U.S.C. 103 as being unpatentable over Dmitrij Lagutin (“Lagutin,” Enabling Decentralised Identifiers and Verifiable Credentials for Constrained IoT Devices using OAuth-based Delegation”, 24 Feb. 2019, pages 1-6) in view of Yang et al. (“Yang,” US 2020/0127847, filed Dec. 18, 2019), further in view of Callahan et al. (“Callahan,” US 2020/0036707, published Jan. 30, 2020).
Regarding claim 12, the combination of Lagutin and Yang teaches the computing system of claim 1.  Lagutin and Yang do not explicitly disclose wherein the computing system is associated with an identity hub controlled by the user (Callahan: pars. 0195. In one or more implementations, the identity hubs 2208 are configured as a database or storage system, flat file system, relational database, or bulk storage facility; par. 0195; verifiable claim is stored in one or more identity hubs and repositories 2208).
However, in an analogous art, Callahan disclose system and method for biometric protocol standards, wherein (Callahan: pars. 0195. In one or more implementations, the identity hubs 2208 are configured as a database or storage system, flat file system, relational database, or bulk storage facility; par. 0195; verifiable claim is stored in one or more identity hubs and repositories 2208)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Callahan with the method and system of Lagutin and Yang teaches, wherein the computing system is associated with an identity hub controlled by the user to provide users with a means for providing secure communication between a user computing device and a server computing device (Callahan: abstract)
Regarding claim 13, the combination of Lagutin and Yang teaches the computing system of claim 1.  Lagutin and Yang do not explicitly disclose, wherein the verifiable claim is stored in an identity hub controlled by the user Callahan: par. 0194; verifiable claim is stored in one or more identity hubs and repositories 2208).
However, in an analogous art, Callahan disclose system and method for biometric protocol standards, wherein the verifiable claim is stored in an identity hub controlled by the user (Callahan: pars. 0195. par. 0195; verifiable claim is stored in one or more identity hubs and repositories 2208).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Callahan with the method and system of Lagutin and Yang teaches, wherein the computing system is associated with an identity hub controlled by the user to provide users with a means for providing secure communication between a user computing device and a server computing device (Callahan: abstract).
Claim 16 is rejected under 35 U.S.C. 103 as being unpatentable over Dmitrij Lagutin (“Lagutin,” Enabling Decentralised Identifiers and Verifiable Credentials for Constrained IoT Devices using OAuth-based Delegation”, Feb., 2019, pages 1-6) in view of Lin et al. (“Lin,” US 2020/0145196, filed Jan. 6, 2020). 
Regarding claim 16, Lagutin discloses the method of claim 14. Lagutin further discloses, wherein providing the entity with access to the verifiable claim but does not explicitly a allowing the entity to update one or more properties of the verifiable claim. 
However, in an analogous art, Lin discloses system and method for implementing a resolver service for decentralized identifiers, wherein allowing the entity to update one or (Lin: par. 0009, the event data further comprises a plurality of updates associated with a plurality of verifiable claims (VCs). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Lin with the method and system of Lagutin, wherein allowing the entity to update one or more properties of the verifiable claim to provide users with means for the resolver service integrates the capabilities of executing DID methods, creating blockchain operations, and collecting data from the blockchain, and makes such capabilities accessible to external systems or applications via API interfaces.  This allows flexible control of operations related to decentralized identity management and convenient access to information associated with decentralized identities using programming languages or protocols other than those required by the blockchain (Lin: par. 0026).
Claim 17 is rejected under 35 U.S.C. 103 as being unpatentable over Dmitrij Lagutin (“Lagutin,” Enabling Decentralised Identifiers and Verifiable Credentials for Constrained IoT Devices using OAuth-based Delegation”, Feb., 2019, pages 1-6) in view of Lin et al. (“Lin,” US 2020/0145196, filed Jan. 6, 2020), and Alexander Muhle (“Muhle,” A survey on essential components of a self-sovereign identity, Computer Science Review, 2018, pages 80-86).
Regarding claim 17, the combination of Lagutin and Lin teaches the method of claim 16, wherein updating the one or more properties of the verifiable claim but does not explicitly disclose updating duration information metadata that specifies a time period that the verifiable claim is valid or a predetermined number of times the verifiable is valid for use.
(Muhle: page 84, Col. 1, 5. Verifiable claims).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Muhle with the method and system of Lagutin and Lin, wherein updating the one or more properties of the verifiable claim but does not explicitly disclose updating duration information metadata that specifies a time period that the verifiable claim is valid or a predetermined number of times the verifiable is valid for use to provide users with means for protecting against tampering by the claim issuer.

Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over Dmitrij Lagutin (“Lagutin,” Enabling Decentralised Identifiers and Verifiable Credentials for Constrained IoT Devices using OAuth-based Delegation”, Feb., 2019, pages 1-6) further in view of Birgisson et al. (“Birgisson,” US 2017/0220793, published Aug. 3, 2017).
Regarding claim 19, Lagutin teaches the method of claim 14. Lagutin further disclose the access verifiable claim but does not explicitly disclose comprising: generating revocation data that is configured to revoke the access token; providing the revocation data to the entity; and revoking the access to the verifiable claim. 
However, in an analogous art, Birgisson discloses device access revocation, wherein
generating revocation data that is configured to revoke the access token (Birgisson: pasr. 0038-0039, the revocation of access has been initiated by the owner device 110.  For instance, the revocation data can include user identifiers that represent values indicative of a user identity, such as a hash value or other types of derivatives of data associated with the user. The access control blacklist 132 also specifies information related to the limited token 126a for a user whose access has been revoked); 
providing the revocation data to the entity (Birgisson: pars. 0038, 0039, the revocation of access has been initiated by the owner device 110.  For instance, the revocation data can include user identifiers that represent values indicative of a user identity, such as a hash value or other types of derivatives of data associated with the user); and 
revoking the access to the verifiable claim (Birgisson: pars. 0038-0039, … The access control blacklist 132 also specifies information related to the limited token 126a for a user whose access has been revoked). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Birgisson with the method and system of Lagutin, wherein generating revocation data that is configured to revoke the access token; providing the revocation data to the entity; and revoking the access to the verifiable claim to provide users with means for preventing replay attacks in which valid data transmissions are used maliciously or fraudulently repeated (Birgisson: par. 0004).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Canh Le whose telephone number is 571-270-1380. The examiner can normally be reached on Monday to Friday 6:00AM to 3:30PM other Friday off.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on 571-270-5002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/Canh Le/
Examiner, Art Unit 2439

September 14th, 2021 


/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439