DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 01/13/2020 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 16-19 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. 
Claim 16 is directed towards a system lacking at least one hardware element. The system comprising one or more processors (specification defines it in paragraphs 0039 and 0175 with open definition and therefore could be software), a private database (specification has no definition and would suggest to one of ordinary skill in the art data structures that fails to be statutory) and one or more computer-readable media (broadly interpreted in light of the specification (No definition) would suggest to one of ordinary skill in the art signals or other forms of propagation and transmission media that fails to be statutory). Therefore, the system lacks at least one hardware element. The Examiner respectfully 
Dependent claims 17-19 are also rejected for being directed to a non- statutory subject matter.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 6, 9-10, 12, 16, 18 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Chen et al. (WO 2017/160317, hereinafter Chen, IDS provided reference) in view of Ramachandran et al. (Pub. No.: US 2016/0078431).
Regarding claim 1: Chen discloses A method for preserving privacy in comparing private datasets of a first computing system and a second computing system, the method comprising: 
identifying, by the second computing system, a first set of identifiers corresponding to records in a private database of the second computing system (Chen - [0072]: method 800 may include identifying a set of server elements and a set of data objects, each data object of the set of data objects being associated with at least one server element of the set of server elements); 
for each identifier in the first set of identifiers: 
(i) generating, by the second computing system, an encrypted version of the identifier using a homomorphic encryption process (Chen - [0074]: In block 823, method 800 may include encrypting the set of server elements and the set of data objects using the homomorphic encryption scheme), 
(ii) providing, from the second computing system and to the first computing system, the encrypted version of the identifier (Chen - [0075]: In block 824, method 800 may include sending the encrypted sets of server elements and data objects to the client computing device), 
receiving, by the second computing system, blinded versions of a second set of identifiers corresponding to records in a private database of the first computing system (Chen - [0073]: In block 822, method 800 may include receiving, from the client computing device, the set of client elements that are encrypted using a homomorphic encryption scheme); 
determining, by the second computing system, an intersection, or a characteristic of the intersection, of the records in the private database of the first computing system and the records in the private database of the second computing system based on matches between the blinded versions of the first set of identifiers and the blinded versions of the second set of identifiers (Chen - [0075]: retrieve the particular data object if the particular data object is associated with a private set intersection (PSI) between the set of server elements and the set of client elements. [0027]: a PSI between the set of server elements and the set of client elements may comprise a subset of the set of server elements and a subset of the set of client elements where each server element of the subset of the set of server elements has an identical client element in the subset of the set of client elements); and 
providing, by the second computing system, an indication of the intersection or the characteristic of the intersection (Chen - [0039]: Access engine 135, as discussed in detail below, may enable sharing and/or providing access to data objects (e.g., information about the threat actors) associated with the PSI).
However Chen doesn’t explicitly teach, but Ramachandran discloses:
(iii) receiving, by the second computing system and from the first computing system, a blinded-encrypted version of the identifier that was generated using a secret key of the first computing system (Ramachandran - [0047]: The transaction data provider 210 double encrypts the received encrypted second set of common identifiers, C(IDy), using the second encryption algorithm to generate a second set of double encrypted common identifiers, T(C(IDy)). [0041]: The encrypted data may be generated using the public key for the additive homomorphic algorithm. See also [0038]), and 
Ramachandran - [0041]: To recover the added value of x+y, the private key of the additive homomorphic algorithm is used); 
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Chen with Ramachandran so that the encrypted identifiers is encrypted again and decrypted to recover the encrypted identifier. The modification would have allowed the system to double encrypt the identifiers. 
Regarding claim 16: this claim defines a system claim that corresponds to method claim 1 and does not define beyond limitations of claim 1. Therefore, claim 16 is rejected with the same rational as in the rejection of claim 1. Furthermore, Chen in para. [0046] discloses database, a processor (para. [0021]) and machine-readable storage medium (paragraph [0021]).
Regarding claim 20: this claim defines a computer readable medium claim that corresponds to system claim 1 and does not define beyond limitations of claim 1. Therefore, claim 20 is rejected with the same rational as in the rejection of claim 1. Furthermore, Chen in paragraph [0021] discloses computer readable storage medium where the storage medium executes instructions from a processor.
Regarding claims 6 and 18: Chen as modified discloses further comprising: 
for each identifier in the first set of identifiers, mapping by the second computing system the blinded version of the identifier to the identifier; and 
for each identified match between a blinded version of an identifier from the first set of identifiers and a blinded version of an identifier from the second set of identifiers: 
identifying, by the second computing system, the record in the private database of the second computing system that corresponds to the identifier that is mapped to the blinded version of the identifier from the first set of identifiers; and classifying, by the second computing system, the identified record as being within the intersection of the records in the private database of the first computing system and the records in the private database of the second computing system (Chen - [0075]: retrieve the particular data object if the particular data object is associated with a private set intersection (PSI) between the set of server elements and the set of client elements. [0027]: a PSI between the set of server elements and the set of client elements may comprise a subset of the set of server elements and a subset of the set of client elements where each server element of the subset of the set of server elements has an identical client element in the subset of the set of client elements)
Regarding claim 9: Chen as modified discloses comprising determining, by the second computing system, the characteristic of the intersection of the records in the private database of the first computing system and the records in the private database of the second computing system, without determining which records are within the intersection (Chen - [0012]: The server computing device and/or client computing device may learn (e.g., have access to) the intersection (e.g., the elements in the intersection) without learning any information about the other computing device's input set beyond the size of the input set).
Regarding claim 10: Chen as modified discloses wherein the characteristic of the intersection represents a count of a number of common identifiers included in both the first set of identifiers corresponding to records in the private database of the second computing system and the second set of identifiers corresponding to records in the private database of the first computing system (Chen - [0012]: the size of the input set).
Regarding claim 12: Chen as modified discloses wherein a first subset of identifiers from the first set of identifiers are also included among the second set of identifiers, and a second subset of identifiers from the first set of identifiers are not included among the second set of identifiers (Chen - [0012]: A private set intersection (PSI) protocol may enable two parties to share the data that is common to the first party's input set and the second party's input set without disclosing the input sets to each other).

Claims 2-3 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Chen et al. (WO 2017/160317, hereinafter Chen, IDS provided reference) in view of Ramachandran et al. (Pub. No.: US 2016/0078431, hereinafter Ramachandran) and Resch et al. (Pub . No.: US 2019/0297064, hereinafter Resch).
Regarding claim 2: Chen as modified doesn’t explicitly teach but Resch discloses wherein for each identifier in the first set of identifiers, the first computing system generates the blinded-encrypted version of the identifier by processing the encrypted version of the identifier and the secret key of the first Resch - [0006]: a sub-key ID is generated based on the data ID and a requester secret. Then, the sub-key ID is processed based on a blinding key in accordance with an Oblivious Pseudorandom Function (OPRF) blinding operation (e.g., homomorphic encryption, one or more other blinding operations, etc.) to generate a blinded input).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Chen and Ramachandran with Resch so that an Oblivious Pseudorandom Function (OPRF) blinding operation is used to generate a blinded input. The modification would have allowed the system to further secure the data. 
Regarding claim 3: Chen as modified discloses wherein the pseudo-random function is an oblivious pseudo-random function (Resch - [0006]: an Oblivious Pseudorandom Function (OPRF) blinding operation).
Regarding claim 17: The limitations of claim 17 are substantially similar to the limitations of claim 2, thus it is interpreted and rejected for the reasons set forth above in the rejection of claim 2.

Allowable Subject Matter
Claims 4-5, 7-8, 11, 13-15 and 19 are objected to as being dependent upon a rejected base claim, but would be allowable if the 101 rejection for claim 19, set forth in this Office action, are overcome and if rewritten in independent form including all of the limitations of the base claim and any intervening claims. The reason for allowance will be furnished upon allowance of the application.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Jung et al. (Patent No.: US 10,348,494) - Level-two decryption associated with individual privacy and public safety protection via double encrypted lock box
Resch et al. (Pub. No.: US 2019/0296897) - Virtualizing a key hierarchy using a partially-oblivious pseudorandom function

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s acting supervisor, Kristine Kincaid can be reached on (571) 272-4063.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8729.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MENG LI/
Primary Examiner, Art Unit 2437