Notice of Pre-AIA  or AIA  Status
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
2.	Applicant’s arguments filed on 9/09/2021, with respect to the 35 U.S.C. 103 rejection of claims 1-8, 11-18, 21, and 22 as allegedly being unpatentable over U.S. Publication No. 20170093803 to Nayshtut (hereinafter "Nayshtut") in view of U.S. Publication No. 20140222730 to Vasseur (hereinafter "Vasseur") have been fully considered. However, upon further consideration, a new ground(s) of rejection is made in view of amended claims.
Applicant alleges the Examiner alleges that one of ordinary skill in the art would have motivation to combine Nayshtut and Vasseur in order to "properly select a node in a distributed framework to assist with a computational task." (Office Action, p. 7). Applicant respectfully disagrees. Applicant submits that one of ordinary skill in the art would not be motivated to combine Nayshtut and Vasseur with a reasonable expectation of success. Nayshtut is aimed at secure service matching using a zero-knowledge proof engine. For example, Nayshtut describes "In an example, a user may wish to request a taxi. In requesting the taxi, the user may provide sensitive user data Such as a name, address, telephone number, e-mail address, credit cart, or other similar data. The Vendor-a taxi dispatcher, in this case-may then determine if a taxi is available, and if so, may dispatch one. However, the consumer may also want to 'shop around,' which may include submitting sensitive information to several different taxi services to get a quote from each one" (Paragraph [0017] of Nayshtut). The system of Nayshtut is aimed at a reduction of sensitive information sharing between entities. This is in contrast to Vasseur.  
Vasseur is aimed at choosing a node in a network to assist in distributing a task. For example "In one embodiment, a request is received from a requesting node in a network to assist in distributing a task of the requesting node. Upon receiving the message, a capability to perform the task of one or more helping nodes in the network is evaluated, and a helping node of the one or more helping nodes is selected to perform the task based on the evaluated capability of the selected helping node. The distribution of the task is then authorized from the requesting node to the selected helping node" (Paragraph [0018] of Vasseur). Vasseur simply describes a system for utilizing a learning machine to assist in the distributing tasks between nodes of a network to reduce networking traffic in Low power and Lossy Networks (LLNs) (Paragraph [0007] of Vasseur). 
Vasseur describes a machine learning system to sort through multiple nodes of a network to distribute a task load. This is in contrast to the secure service matching system of Nayshtut, which aims to match a user with a service provider in a secure manner. Therefore, adding the machine learning system and multiple node network of Vasseur with the secure service matching system of Nayshtut would add unnecessary complexity to the system of Nayshtut. As such, one of ordinary skill in the art would have no motivation to combine the secure service matching system of Nayshtut with the machine learning task distribution system of Vasseur. Examiner respectfully disagrees.

"The test for obviousness is not whether the features of a secondary reference may be bodily incorporated into the structure of the primary reference.... Rather, the test is what the combined teachings of those references would have suggested to those of ordinary skill in the art." In re Keller, 642 F.2d 413, 425, 208 USPQ 871, 881 (CCPA 1981). See also In re Sneed, 710 F.2d 1544, 1550, 218 USPQ 385, 389 (Fed. Cir. 1983) ("[I]t is not necessary that the inventions of the references be physically combinable to render obvious the invention under review."); and In re Nievelt, 482 F.2d 965, 179 USPQ 224, 226 (CCPA 1973) ("Combining the teachings of references does not involve an ability to combine their specific structures. However, the claimed combination cannot change the principle of operation of the primary reference or render the reference inoperable for its intended purpose

Nayshtut discloses in one example, a consumer requests a service via a client device, such as a smart phone, equipped with a trusted execution environment (TEE), which may include for example a memory enclave accessible only via special trusted execution instructions. The smart phone sends an encrypted service request to a vendor or other service provider. When the provider receives the encrypted service request, the encrypted data are decoded only within a TEE on the provider's device. Sensitive data may not be revealed to the provider, and indeed the entire operation may Client devices 110 may be communicatively coupled to one another and to other network resources via enterprise network 170 (paragraph 0029). Fig. 3 illustrates Server 300 is described herein separately to illustrate that in certain embodiments, logical operations according to this specification may be divided along a client-server model, wherein client device 200 provides certain localized tasks, while server 300 provides certain other centralized tasks (paragraph 0066).
Vasseur discloses a distributed architecture for machine learning based computation using a decision control point (paragraph 0018). FIG. 1 of Vasseur is a schematic block diagram of an example computer network 100 illustratively comprising nodes/devices 110 (e.g., labeled as shown, "root," "11," "12," . . . "45," and described in FIG. 2) interconnected by various methods of communication (paragraph 0021). Data packets 140 (e.g., traffic and/or messages) may be exchanged among the nodes/devices of the computer network 100 using predefined network communication protocols such as certain known wired protocols, wireless protocols (e.g., IEEE Std. 802.15.4, WiFi, Bluetooth.RTM., etc.), PLC protocols, or other shared-media protocols where appropriate (paragraph 0022). Routing process (services) 244 contains computer executable instructions executed by the processor 220 to perform functions provided by one or more routing protocols, such as proactive or reactive routing protocols as will be understood by those skilled in the art. These functions may, on capable devices, be configured to manage a routing/forwarding table (a data structure 245) containing, e.g., data used to make routing/forwarding decisions (paragraph 0027). 


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
3. 	Claims 1-8, 11-18, 21 and 22 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Publication No. 20770093803 hereinafter Nayshtut in view .

As per claim 1, Nayshtut discloses:
A method of selecting a distributed framework (Fig. 1, para G027 “FIG. 1 is a network-1evel diagram of a secured enterprise 100 according to one or more examples of the present specification. Secured enterprise 100 may be
configured to provide services to a consumer 162 via 4 secure service matching method as described herein.”0, the method comprising:
receiving, by a selection device, a description of a computing task to be performed (para 0022” In one example, a consumer requests a service via a client device, such as a smart phone, equipped with a trusted execution environment (TEE), which may include for example a memory enclave accessible only via special trusted execution instructions. The smart phone sends an encrypted service request to a vendor or other service provider. When the provider receives the encrypted service request, the encrypted data are decoded only within a TEE on the provider's device. Sensitive data may not be revealed to the provider, and indeed the entire operation may be completely automated up to a point);
selecting, by the selection device, at least a remote device, of a plurality of remote devices (Para 0085 “Turning to FIG. 5B, after receiving encrypted service request 520, each provider 510 performs match processing 530. Match processing 530 may include, for example, analyzing encrypted service 
wherein selecting further comprises: receiving an authorization token including a secure proof of an attestation conferring a credential on the at least a remote device; evaluating the authorization token (para 0103 “In block 710, flow processor 640 encrypts user data and sends encrypted service request 520 via communicator 660. It should be noted that in some cases, encrypting the encrypted service request may include interoperation with TEE 610 and zero knowledge proof engine 630. One example is pre-shared symmetrical key or asymmetrical keys for encryption and decryption” Para 0105 “In block 740, flow processor 640 provides the one or more match notifications 540 to zero knowledge proof engine 630 of TEE 610. TEE 610 may use encryption tokens within key storage 670 to internally decrypt match notifications 540. Zero knowledge proof engine 630 may then compare selection criteria 620 to data provided within the encrypted match notifications 540." Para 0080 “Enclave 440 may also digitally sign its output, which provides a verifiable means of ensuring that content has not been tampered with or modified since being rendered by secure rendering engine 410. A digital signature provided by enclave 440 is unique to enclave 440 and is unique to the hardware of the device hosting enclave 440. Additionally, enclave 440 may provide a trusted 
and selecting the at least a remote device based on the evaluation of the authorization token; and assigning, by the selection device, the computing task to the at least a remote device (para 0107 “In block 750, zero knowledge proof engine 630 provides a selection notification 560, if any, to flow processor 640. Flow processor 640 then sends the selection notification 560 via communicator 660.” Para 0108 “In block 760, consumer 162 and provider 510 may perform final contract negotiations, either one way or interactively, and either automatically or via a human interaction) 

Nayshtut does not disclose:

wherein an authorization token is generated from a physically unclonable function

Vasseur discloses:
selecting, at least a remote device, of a plurality of remote devices, for inclusion in a distributed framework (para 0065 “FIG. 9 illustrates an example simplified procedure for machine learning based computation using a decision control point. As shown in FIG. 9, the procedure 900 may start at step 905, continue to step 910, and so forth, where, as described in greater detail above, a request to assist in distributing a task is received, and a helping node is selected to which the task should be distributed.” Para 0066 “At Step 910, the procedure 900 includes receiving a request from a requesting node in a network to assist in distributing a task of the requesting node. Upon receiving the request, at Step 915, a capability to perform the task of one or more helping nodes in the network is evaluated. At Step 920, a helping node of the one or more helping nodes is then selected to perform the task based on the evaluated capability of the selected helping node. At Step 925, the distribution of the task from the requesting node to the selected helping node is authorized. The procedure 900 illustratively ends at Step 930.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the 
The motivation would have been to properly select a node in a distributed framework to assist with a computational task.

Nayshtut in view of Vasseur does not disclose:
wherein an authorization token is generated from a physically unclonable function

	Walsh discloses:
wherein an authorization token is generated from a physically unclonable function (para 0036 “A cryptographic enrollment token (or series of tokens) {(c.sub.d, P.sub.d, A.sub.d mod p)} is collected from each PUF device d in response to a challenge query (or queries) by the server. Each device chooses a private key P.sub.d.sup.priv uniformly at random from the space {0, 1}.sup.λ, where λ is the security parameter (e.g., the number of bits in the modulus p) and calculates A.sub.d=P.sub.d.sup.priv.Math.G mod p as the device's public key, were G is a base point of order q on an elliptic curve over.” para 0041 “Non-interactive authentication may be employed so as to provide first packet authentication in zero knowledge. For example, the first packet sent by the proving end device may contain the following authentication token, which is sufficient for the verifying end device to establish the identity of the proving end TABLE BELOW PARAGRAPH discloses how authentication tokens are generated by PUF) 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method for providing services of a consumer via a secure service matching method Nayshtut in view of Vasseur to include selecting, at least a remote device, of a plurality of remote devices, for inclusion in a distributed framework, as taught by Vasseur.
The motivation would have been to increase the security and protection of authentication tokens. 

	As per claim 2, Nayshtut in view of Vasseur and Walsh discloses:
The method of claim 1, wherein receiving the description of the computing task further comprises receiving a description of an amount of memory needed to perform the computing task (Vasseur para 0054-0058, The 

As per claim 3, Nayshtut in view of Vasseur and Walsh discloses:
The method of claim 1, wherein receiving the description of the computing task further comprises receiving a description of a number of computational cycles needed to perform the computing task (Vasseur para 0054-0058, The motivation would have been to know computational requirements to select the best node for the task).

As per claim 4, Nayshtut in view of Vasseur and Walsh discloses:
The method of claim 1, wherein receiving the description of the computing task further comprises receiving a description of a type of hardware needed to perform the computing task (Vasseur para 0048, 0054-0058, The motivation would have been to know high-end node requirements to select the best node for the task).

As per claim 5, Nayshtut in view of Vasseur and Walsh discloses:
The method of claim 1, wherein receiving the description of the computing task further comprises receiving a description of a geographical region in which resources are needed to perform a computing task (Vasseur para 0048, 0054- 0058, The motivation would have been to know location requirements to select the best node for the task).
As per claim 6, Nayshtut in view of Vasseur and Walsh discloses:
The method of claim 1, wherein receiving the description of the computing task further comprises receiving a description of a security constraint for resources needed to perform the computing task (Vasseur para 0048, 0054- 0058, The motivation would have been to know encryption requirements to select the best node for the task).

As per claim 7, Nayshtut in view of Vasseur and Walsh discloses:
The method of claim 1, wherein receiving the description of the computing task further comprises a resource distribution requirement (Vasseur para 0048, 0054-0058, The motivation would have been to know distributed requirements to select the best node for the task).

As per claim 8, Nayshtut in view of Vasseur and Walsh discloses:
The method of claim 1, wherein evaluating the authorization token further comprises verifying inclusion of the secure credential in a secure listing (Nayshtut para 6080 and O102-0708).

As per claim 11, Nayshtut in view of Vasseur and Walsh discloses:
The method of claim 1, wherein: the plurality of remote devices is connected to the selection device via a network; and selecting the distributed framework further comprises selecting at least a proximate remote device of the plurality of remote devices in a graph representing the network 

As per claim 12, Nayshtut in view of Vasseur and Walsh discloses:
The method of claim 1, wherein selecting the at least a remote device further comprises selecting at least a geographically proximate remote device of the plurality of remote devices (Vasseur para 0048, 0054-0058, The motivation would have been to know distributed requirements to select the best node for the task).

As per claim 13, the implementation of the claim of claim 1 will execute the system of claim 13. The claim is analyzed with respect to claim 1.

As per claim 14, the claim is analyzed with respect to claim 2.

As per claim 15, the claim is analyzed with respect to claim 3.

As per claim 16, the claim is analyzed with respect to claim 4.

As per claim 17, the claim is analyzed with respect to claim 5.

As per claim 18, the claim is analyzed with respect to claim 8.

As per claim 21, the claim is analyzed with respect to claim 11. 

As per claim 22, the claim is analyzed with respect to claim 12.

4. 	Claims 9, 10, 19 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Nayshtut in view of Vasseur, and further in view of Walsh, and further in view of LLS. Publication No. US 20160182497 hereinafter Smith. 

As per claim 9, Nayshtut in view of Vasseur and Walsh discloses: 
The method of claim 1, wherein evaluating the authorization token Nayshtut para 0080 and 0704) 

Nayshtut in view of Vasseur and Walsh does not disclose: 
further comprises: identifying a temporal attribute of the authorization token; and evaluating the temporal attribute (Nayshtut para 0680 and 6104) Smith discloses: further comprises: identifying a temporal attribute of the authorization token and evaluating the temporal attribute (para 0024, 0032, 0050, 0063 and 0064) 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method for providing services of a consumer via a secure service matching method Nayshtut in view of Vasseur and Walsh to include identifying a temporal 
The motivation would have been to identifying a temporal attribute of the authorization token to increase the security of assigned task to trusted networks. 

As per claim 10, Nayshtut in view of Vasseur and Walsh discloses:
The method of claim 1, wherein: the credential (Nayshtut para 0080 and 0704) 

Nayshtut in view of Vasseur and Walsh does not disclose:
credential is included in a chain of attestation; and evaluating the authorization token further comprises evaluating the chain of attestation 

Smith discloses:
credential is included in a chain of attestation; and evaluating the authorization token further comprises evaluating the chain of attestation (para 0023, 0049, 0052, and 0065)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method for providing services of a consumer via a secure service matching method Nayshtut in view of Vasseur and Walsh to include credential is included 
The motivation would have been to include credential in a chain of attestation and evaluating the authorization token to further validate the authenticity of a node for an assigned task. 

As per claim 19, the claim is analyzed with respect to claim 9. 

As per claim 20, the claim is analyzed with respect to claim 10.


Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GARY S GRACIA whose telephone number is (571)270-5192. The examiner can normally be reached Monday-Friday 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/GARY S GRACIA/           Primary Examiner, Art Unit 2491