DETAILED ACTION
This office action is in response to applicant’s amendment filed on 08/24/2021.  Claims 1, 11, and 16 have been amended.  Claims 1-20 are pending and are directed towards apparatus, method, and computer product for Threshold-Based Override of Data Privacy Using Distributed Ledgers and Key Shares.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
1.	Applicant’s arguments filed 08/24/2021 have been fully considered.
A) Applicant’s arguments, with respect to the 101 rejection of claims 1, 11 and 16, that Madhusudhana, Ramachandran, and Robinson do not teach “wherein the inner key comprises a secret key known to the user device and the service provider, wherein the user device encrypts the data of the user that the user device sends to the distributed ledger using the inner key to generate partially encrypted data of the user and then encrypts the partially encrypted data of the user using the outer key to generate encrypted data of the user” (page 
	Claim Rejections - 35 USC § 103
2.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
3.	Claims 1, 3, 10-11, 13, 16, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Nishat et al. (Group-oriented encryption for dynamic groups with constant rekeying cost), hereinafter Nishat, published Aug. 15, 2016 in view of Jacobs et al. (US Pub. 2017/0237554), hereinafter Jacobs, filed on Oct. 3, 2016.
	Regarding claim 1, a method, comprising: 
Nishat does not teach creating, by at least one processing device of a service provider, an agreement between the service provider and a user employing a user device, wherein at least a portion of data related to the agreement is maintained on a distributed ledger, 

Jacobs teaches creating, by at least one processing device of a service provider, an agreement between the service provider and a user employing a user device, wherein at least a portion of data related to the agreement is maintained on a distributed ledger (para 51, line 1-9 and para 54, line 1-15; user may enroll in asset transfer network with resource provider, where the transaction is recorded in a trusted ledger (e.g., a blockchain)), 
wherein the user device comprises an inner key and an outer key for encrypting data of the user that 10the user device sends to the distributed ledger, wherein the inner key comprises a secret key known to the user device and the service provider, wherein the user device encrypts the data of the user that the user device sends to the distributed ledger using the inner key to generate partially encrypted data of the user (para 41, line 1-18 and para 46, line 1-16; each node within the asset transfer network may store their transaction data in 
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat to incorporate the teachings of Jacobs to provide each node within the asset transfer network may store their transaction data in the blockchain, where a digital signature may be created using a private key and a public key may also be used to encrypt a message and the keys allow parties to view and verify transactions.  Doing so would protect the transaction entries from being doctored with false transaction data using the blockchain, as recognized by Jacobs.
Nishat teaches and then encrypts the partially encrypted data of the user using the outer key to generate encrypted data of the user, wherein the 15outer key is split into a plurality of outer key shares using a threshold secret sharing scheme, wherein a predefined number of the plurality of outer key shares is required to reconstruct the outer key and wherein one or more of the plurality of outer key shares is distributed to one or more of the user, the service provider and one or more voters (section 4.3, para 1, line 1-12 and section 5.1, para 2, line 1-21; user create ciphertext of message using the group key and central trusted group 
performing the following steps, by the at least one processing device of the 20service provider, to access at least a portion of the encrypted data of the user: initiating a request to reconstruct the outer key (section 3.2, para 1-10 and section 4.4, para 2, line 1-7; GC performs generation of group key and secret keys, where the group key is generated to decrypt the encrypted message); 
obtaining the reconstructed outer key if the number of outer key shares provided by one or more of the user, the service provider and the one or more voters satisfies the predefined number of outer key shares required to reconstruct the outer key; and 25decrypting the at least the portion of the encrypted data of the user using the reconstructed outer key (section 4.4, para 2, line 1-7 and section 5.1, para 2, line 1-21; central trusted group controller (GC), including current user and new users, acquire group public key using the transmitted secret keys to the group and where the group key is used to decrypt the encrypted message).
Nishat does not teach decrypting the at least the portion of the encrypted data of the user using the inner key.

It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat to incorporate the teachings of Jacobs to provide decrypt the encrypted message using the private key.  Doing so would protect the transaction entries from being doctored with false transaction data using linked encryption keys, as recognized by Jacobs.
Regarding claim 3, Nishat and Jacobs teaches method of claim 1.
Nishat teaches the obtaining the reconstructed outer key further comprises 30obtaining one or more votes to release the outer key from one or more of the user, the service provider and the one or more voters (section 4.3, para 1, line 1-12 and section 5.1, para 2, line 1-21; user create ciphertext of message using the group key and central trusted group controller (GC), including current user and new users, acquire group public key using the transmitted secret keys to the group).
Regarding claim 10, Nishat and Jacobs teach method of claim 1.

Nishat does not teach wherein the inner key is known only to the user and service provider and whereby the data remains protected on the blockchain
Jacobs teaches wherein the inner key is known only to the user and service provider and whereby the data remains protected on the blockchain (para 41, line 1-18 and para 46, line 1-16; each node within the asset transfer network may store their transaction data in the blockchain, where a digital signature may be created using a private key and a public key may also be used to encrypt a message and the keys allow parties to view and verify transactions)
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat to incorporate the teachings of Jacobs to provide each node within the asset transfer network may store their transaction data in the blockchain, where a digital signature may be created using a private key and a public key may also be used to encrypt a message and the keys allow parties to view and verify 
Regarding claim 11, an apparatus comprising:  
Nishat does not teach 30at least one processing device comprising a processor coupled to a memory;  22117525.01 
Jacobs teaches at least one processing device comprising a processor coupled to a memory (para 76, line 1-14; a processor 150A executing code from a computer readable medium 150E);
  22117525.01 It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat to incorporate the teachings of Jacobs to provide a processor executing code from a computer readable medium.  Doing so would allow for validating a digital asset and protect the transaction entries from being doctored with false transaction data using the blockchain, as recognized by Jacobs.
Nishat teaches the at least one processing device corresponding to a service provider and being configured to implement the following steps (section 3.2, para 1-10 and section 4.4, para 2, line 1-7; GC performs generation of group key and secret keys, where the group key is generated to decrypt the encrypted message):

wherein the user device comprises an inner key and an outer key for encrypting data of the user that 10the user device sends to the distributed ledger, wherein the inner key comprises a secret key known to the user device and the service provider, wherein the user device encrypts the data of the user that the user device sends to the distributed ledger using the inner key to generate partially encrypted data of the user 
Jacobs teaches creating, by at least one processing device of a service provider, an agreement between the service provider and a user employing a user device, wherein at least a portion of data related to the agreement is maintained on a distributed ledger (para 51, line 1-9 and para 54, line 1-15; user may enroll in asset transfer network with resource provider, where the transaction is recorded in a trusted ledger (e.g., a blockchain)), 
wherein the user device comprises an inner key and an outer key for encrypting data of the user that 10the user device sends to the distributed ledger, wherein the inner key comprises a secret key known to the user device and the 
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat to incorporate the teachings of Jacobs to provide each node within the asset transfer network may store their transaction data in the blockchain, where a digital signature may be created using a private key and a public key may also be used to encrypt a message and the keys allow parties to view and verify transactions.  Doing so would protect the transaction entries from being doctored with false transaction data using the blockchain, as recognized by Jacobs.
Nishat teaches and then encrypts the partially encrypted data of the user using the outer key to generate encrypted data of the user, wherein the 15outer key is split into a plurality of outer key shares using a threshold secret sharing scheme, wherein a predefined number of the plurality of outer key shares is required to 
performing the following steps, by the at least one processing device of the 20service provider, to access at least a portion of the encrypted data of the user: initiating a request to reconstruct the outer key (section 3.2, para 1-10 and section 4.4, para 2, line 1-7; GC performs generation of group key and secret keys, where the group key is generated to decrypt the encrypted message); 
obtaining the reconstructed outer key if the number of outer key shares provided by one or more of the user, the service provider and the one or more voters satisfies the predefined number of outer key shares required to reconstruct the outer key; and 25decrypting the at least the portion of the encrypted data of the user using the reconstructed outer key (section 4.4, para 2, line 1-7 and section 5.1, para 2, line 1-21; central trusted group controller (GC), including current user and new users, acquire group public key using the 
Nishat does not teach decrypting the at least the portion of the encrypted data of the user using the inner key.
Jacobs teaches Nishat does not teach decrypting the at least the portion of the encrypted data of the user using the inner key (para 41, line 1-18 and para 46, line 1-16; decrypt the encrypted message using the private key).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat to incorporate the teachings of Jacobs to provide decrypt the encrypted message using the private key.  Doing so would protect the transaction entries from being doctored with false transaction data using linked encryption keys, as recognized by Jacobs.
Regarding claim 13, Nishat and Jacobs teaches apparatus of claim 11.
Nishat teaches the obtaining the reconstructed outer key further comprises 30obtaining one or more votes to release the outer key from one or more of the user, the service provider and the one or more voters (section 4.3, para 1, line 1-12 and section 5.1, para 2, line 1-21; user create ciphertext of message using the group key and central trusted group controller (GC), including current user and 
Regarding claim 16, Nishat does not teach a non-transitory processor-readable storage medium having stored therein program code of one or more software programs, wherein the program code when executed by at least one processing device
Jacobs teaches a non-transitory processor-readable storage medium having stored therein program code of one or more software programs, wherein the program code when executed by at least one processing device (para 76, line 1-14; a processor 150A executing code from a computer readable medium 150E)
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat to incorporate the teachings of Jacobs to provide a processor executing code from a computer readable medium.  Doing so would allow for validating a digital asset and protect the transaction entries from being doctored with false transaction data using the blockchain, as recognized by Jacobs.
Nishat teaches at least one processing device of a service provider causes the at least one processing device of the service provider to perform the following steps (section 3.2, para 1-10 and section 4.4, para 2, line 1-7; GC performs 
Nishat does not teach creating, by at least one processing device of a service provider, an agreement between the service provider and a user employing a user device, wherein at least a portion of data related to the agreement is maintained on a distributed ledger, 
wherein the user device comprises an inner key and an outer key for encrypting data of the user that 10the user device sends to the distributed ledger, wherein the inner key comprises a secret key known to the user device and the service provider, wherein the user device encrypts the data of the user that the user device sends to the distributed ledger using the inner key to generate partially encrypted data of the user 
Jacobs teaches creating, by at least one processing device of a service provider, an agreement between the service provider and a user employing a user device, wherein at least a portion of data related to the agreement is maintained on a distributed ledger (para 51, line 1-9 and para 54, line 1-15; user may enroll in asset transfer network with resource provider, where the transaction is recorded in a trusted ledger (e.g., a blockchain)), 

It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat to incorporate the teachings of Jacobs to provide each node within the asset transfer network may store their transaction data in the blockchain, where a digital signature may be created using a private key and a public key may also be used to encrypt a message and the keys allow parties to view and verify transactions.  Doing so would protect the transaction entries from being doctored with false transaction data using the blockchain, as recognized by Jacobs.

performing the following steps, by the at least one processing device of the 20service provider, to access at least a portion of the encrypted data of the user: initiating a request to reconstruct the outer key (section 3.2, para 1-10 and section 4.4, para 2, line 1-7; GC performs generation of group key and secret keys, where the group key is generated to decrypt the encrypted message); 
obtaining the reconstructed outer key if the number of outer key shares provided by one or more of the user, the service provider and the one or more voters satisfies the predefined number of outer key shares required to reconstruct the outer key; and 25decrypting the at least the portion of the 
Nishat does not teach decrypting the at least the portion of the encrypted data of the user using the inner key.
Jacobs teaches Nishat does not teach decrypting the at least the portion of the encrypted data of the user using the inner key (para 41, line 1-18 and para 46, line 1-16; decrypt the encrypted message using the private key).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat to incorporate the teachings of Jacobs to provide decrypt the encrypted message using the private key.  Doing so would protect the transaction entries from being doctored with false transaction data using linked encryption keys, as recognized by Jacobs.
Regarding claim 18, Nishat and Jacobs teaches computer product of claim 16.
.
4.	Claims 2, 7-8, 12, 15, 17, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Nishat in view of Jacobs and Levy (US Pub. 2012/0173439) filed on Jan. 4, 2012.
	Regarding claim 2, Nishat and Jacobs teaches method of claim 1.
	Nishat teaches when the service provider initiates the 25request to reconstruct the outer key to access the at least the portion of the encrypted data of the user (section 3.2, para 1-10 and section 4.4, para 2, line 1-7; GC performs generation of group key and secret keys, where the group key is generated to decrypt the encrypted message)
Nishat and Jacobs do not teach the agreement further comprises one or more of a first buffer for storing evidence provided by the service provider and a 
Levy teaches the agreement further comprises one or more of a first buffer for storing evidence provided by the service provider and a second buffer for storing evidence provided by the user to prevent the service provider from accessing the at least a portion of the encrypted data of the user (para 66, line 1-4 and para 115, line 1-5 and para 124, line 1-10; store tenant related information where the encrypted data is secured against unauthorized access and store user’s service provider information).  
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat and Jacobs to incorporate the teachings of Levy to provide store tenant related information where the encrypted data is secured against unauthorized access and store user’s service provider information.  Doing so would allow for processing of an action for breach of contract, as recognized by Levy.
Regarding claim 7, Nishat and Jacobs teaches method of claim 1.
Nishat teaches one or more of the user, the service provider and one or more of the voters (section 4.3, para 1, line 1-12 and section 5.1, para 2, line 1-21; user create ciphertext of message using the group key and central trusted group 
Nishat and Jacobs do not teach a trusted third party submits evidence to be evaluated 
Levy teaches a trusted third party submits evidence to be evaluated (para 38, line 1-6 and line 19-33; each party may present evidence relevant to their defense and a mediation entity may be involved)  
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat and Jacobs to incorporate the teachings of Levy to provide each party may present evidence relevant to their defense and a mediation entity may be involved.  Doing so would allow for processing of an action for breach of contract, as recognized by Levy.
Regarding claim 8, Nishat, Jacobs, and Levy teaches method of claim 7.
Nishat teaches one or more of the voters automatically release respective outer key shares based at least in part on the evidence using predefined logic to evaluate the evidence (section 4.3, para 1, line 1-12 and section 5.1, para 2, line 1-21; user create ciphertext of message using the group key and central trusted 
Nishat and Jacobs do not teach the evidence submitted by the trusted third party
Levy teaches the evidence submitted by the trusted third party (para 38, line 1-6 and line 19-33; each party may present evidence relevant to their defense and a mediation entity may be involved)
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat and Jacobs to incorporate the teachings of Levy to provide each party may present evidence relevant to their defense and a mediation entity may be involved.  Doing so would allow for processing of an action for breach of contract, as recognized by Levy.
Regarding claim 12, Nishat and Jacobs teaches apparatus of claim 11.
	Nishat teaches when the service provider initiates the 25request to reconstruct the outer key to access the at least the portion of the encrypted data of the user (section 3.2, para 1-10 and section 4.4, para 2, line 1-7; GC performs generation of group key and secret keys, where the group key is generated to decrypt the encrypted message)

Levy teaches the agreement further comprises one or more of a first buffer for storing evidence provided by the service provider and a second buffer for storing evidence provided by the user to prevent the service provider from accessing the at least a portion of the encrypted data of the user (para 66, line 1-4 and para 115, line 1-5 and para 124, line 1-10; store tenant related information where the encrypted data is secured against unauthorized access and store user’s service provider information).  
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat and Jacobs to incorporate the teachings of Levy to provide store tenant related information where the encrypted data is secured against unauthorized access and store user’s service provider information.  Doing so would allow for processing of an action for breach of contract, as recognized by Levy.
Regarding claim 15, Nishat and Jacobs teaches apparatus of claim 11.

Nishat and Jacobs do not teach a trusted third party submits evidence to be evaluated 
Levy teaches a trusted third party submits evidence to be evaluated (para 38, line 1-6 and line 19-33; each party may present evidence relevant to their defense and a mediation entity may be involved)  
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat and Jacobs to incorporate the teachings of Levy to provide each party may present evidence relevant to their defense and a mediation entity may be involved.  Doing so would allow for processing of an action for breach of contract, as recognized by Levy.
Nishat teaches one or more of the voters automatically release respective outer key shares based at least in part on the evidence using predefined logic to evaluate the evidence (section 4.3, para 1, line 1-12 and section 5.1, para 2, line 1-
Nishat and Jacobs do not teach the evidence submitted by the trusted third party
Levy teaches the evidence submitted by the trusted third party (para 38, line 1-6 and line 19-33; each party may present evidence relevant to their defense and a mediation entity may be involved)
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat and Jacobs to incorporate the teachings of Levy to provide each party may present evidence relevant to their defense and a mediation entity may be involved.  Doing so would allow for processing of an action for breach of contract, as recognized by Levy.
Regarding claim 17, Nishat and Jacobs teaches computer product of claim 16.
	Nishat teaches when the service provider initiates the 25request to reconstruct the outer key to access the at least the portion of the encrypted data of the user (section 3.2, para 1-10 and section 4.4, para 2, line 1-7; GC performs 
Nishat and Jacobs do not teach the agreement further comprises one or more of a first buffer for storing evidence provided by the service provider and a second buffer for storing evidence provided by the user to prevent the service provider from accessing the at least a portion of the encrypted data of the user.  
Levy teaches the agreement further comprises one or more of a first buffer for storing evidence provided by the service provider and a second buffer for storing evidence provided by the user to prevent the service provider from accessing the at least a portion of the encrypted data of the user (para 66, line 1-4 and para 115, line 1-5 and para 124, line 1-10; store tenant related information where the encrypted data is secured against unauthorized access and store user’s service provider information).  
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat and Jacobs to incorporate the teachings of Levy to provide store tenant related information where the encrypted data is secured against unauthorized access and store user’s service provider information.  Doing so would allow for processing of an action for breach of contract, as recognized by Levy.
Regarding claim 20, Nishat and Jacobs teaches computer product of claim 16.
Nishat teaches one or more of the user, the service provider and one or more of the voters (section 4.3, para 1, line 1-12 and section 5.1, para 2, line 1-21; user create ciphertext of message using the group key and central trusted group controller (GC), including current user and new users, acquire group public key using the transmitted secret keys to the group)
Nishat and Jacobs do not teach a trusted third party submits evidence to be evaluated 
Levy teaches a trusted third party submits evidence to be evaluated (para 38, line 1-6 and line 19-33; each party may present evidence relevant to their defense and a mediation entity may be involved)  
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat and Jacobs to incorporate the teachings of Levy to provide each party may present evidence relevant to their defense and a mediation entity may be involved.  Doing so would allow for processing of an action for breach of contract, as recognized by Levy.
evidence using predefined logic to evaluate the evidence (section 4.3, para 1, line 1-12 and section 5.1, para 2, line 1-21; user create ciphertext of message using the group key and central trusted group controller (GC), including current user and new users, acquire group public key using the transmitted secret keys to the group).
Nishat and Jacobs do not teach the evidence submitted by the trusted third party
Levy teaches the evidence submitted by the trusted third party (para 38, line 1-6 and line 19-33; each party may present evidence relevant to their defense and a mediation entity may be involved)
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat and Jacobs to incorporate the teachings of Levy to provide each party may present evidence relevant to their defense and a mediation entity may be involved.  Doing so would allow for processing of an action for breach of contract, as recognized by Levy.
Claims 4-6, 14, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Nishat in view of Jacobs and Madhusudhana et al. (US Patent 7,136,489), hereinafter Madhusudhana, filed on Sep. 12, 2002.
Regarding claim 4, Nishat and Jacobs teaches method of claim 1.
Nishat and Jacobs do not teach the service provider initiates the request to reconstruct the outer key when one or more of: the user violates a legal requirement of a legal authority and the user breaches terms of the agreement with the service provider.
Madhusudhana teaches the service provider initiates the request to reconstruct the outer key when one or more of: the user violates a legal requirement of a legal authority and the user breaches terms of the agreement with the service provider (col. 5, line 33-49 and col. 6, line 16-26; MAZS system service initiates a request for key shares to ensure that a malicious attacker does not subvert the integrity of policy data).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat and Jacobs to incorporate the teachings of Madhusudhana to provide service initiates a request for key shares to ensure that a malicious attacker does not subvert the integrity of policy data.  Doing so would ensure the security and 
Regarding claim 5, Nishat and Jacobs teaches method of claim 1.
Nishat and Jacobs do not teach a number of shares allocated to each of the user, the service provider and each voter comprises a voting weight granted to the respective party
Madhusudhana teaches a number of shares allocated to each of the user, the service provider and each voter comprises a voting weight granted to the respective party (col. 3, line 50-67 and col. 9, line 10-14; a stakeholder may need to manage multiple different key shares and key shares are distributed to users, MAZS system service administrators, and other stakeholders).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat and Jacobs to incorporate the teachings of Madhusudhana to provide a stakeholder may need to manage multiple different key shares and key shares are distributed to users, MAZS system service administrators, and other stakeholders.  Doing so would ensure the security and integrity of transaction authorization in the computer network, as recognized by Madhusudhana.
Regarding claim 6, Nishat, Jacobs, and Madhusudhana teaches method of claim 5.
Nishat and Jacobs do not teach the number of shares assigned to the service provider and 10to each individual voter is less than the predefined number of outer key shares required to reconstruct the outer key.
Madhusudhana teaches the number of shares assigned to the service provider and 10to each individual voter is less than the predefined number of outer key shares required to reconstruct the outer key (col. 3, line 50-67 and col. 7, line 52-64; key is split into key shares where K number of key shares out of total key shares are needed to reconstruct the key and K key shares are distributed to users, MAZS system service administrators, and other stakeholders).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat and Jacobs to incorporate the teachings of Madhusudhana to provide key is split into key shares where K number of key shares out of total key shares are needed to reconstruct the key and K key shares are distributed to users, MAZS system service administrators, and other stakeholders.  Doing so would ensure the security and integrity of transaction authorization in the computer network, as recognized by Madhusudhana.
Regarding claim 14, Nishat and Jacobs teaches apparatus of claim 11.
Nishat and Jacobs do not teach the service provider initiates the request to reconstruct the outer key when one or more of: the user violates a legal requirement of a legal authority and the user breaches terms of the agreement with the service provider.
Madhusudhana teaches the service provider initiates the request to reconstruct the outer key when one or more of: the user violates a legal requirement of a legal authority and the user breaches terms of the agreement with the service provider (col. 5, line 33-49 and col. 6, line 16-26; MAZS system service initiates a request for key shares to ensure that a malicious attacker does not subvert the integrity of policy data).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat and Jacobs to incorporate the teachings of Madhusudhana to provide service initiates a request for key shares to ensure that a malicious attacker does not subvert the integrity of policy data.  Doing so would ensure the security and integrity of transaction authorization in the computer network, as recognized by Madhusudhana.
Regarding claim 19, Nishat and Jacobs teaches computer product of claim 16.
Nishat and Jacobs do not teach the service provider initiates the request to reconstruct the outer key when one or more of: the user violates a legal requirement of a legal authority and the user breaches terms of the agreement with the service provider.
Madhusudhana teaches the service provider initiates the request to reconstruct the outer key when one or more of: the user violates a legal requirement of a legal authority and the user breaches terms of the agreement with the service provider (col. 5, line 33-49 and col. 6, line 16-26; MAZS system service initiates a request for key shares to ensure that a malicious attacker does not subvert the integrity of policy data).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat and Jacobs to incorporate the teachings of Madhusudhana to provide service initiates a request for key shares to ensure that a malicious attacker does not subvert the integrity of policy data.  Doing so would ensure the security and integrity of transaction authorization in the computer network, as recognized by Madhusudhana.
Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Nishat in view of Jacobs and Ramachandran et al. (US Pub. 2018/0316492), hereinafter Ramachandran, filed on May 1, 2018 .
Regarding claim 9, Nishat and Jacobs teaches method of claim 1.
	Nishat and Jacobs do not teach the encrypted data of the user is stored in one or more of the agreement in the distributed ledger; and in a data storage by a data custodian with one or more hash values of the encrypted data stored in the distributed ledger to reference the data stored by the data custodian.
	Ramachandran teaches the encrypted data of the user is stored in one or more of the agreement in the distributed ledger; and in a data storage by a data custodian with one or more hash values of the encrypted data stored in the distributed ledger to reference the data stored by the data custodian (para 51, line 11-23 and para 95, line 1-11; data may be added to the blockchain, where the data is associated with authorized participants of the blockchain and a hash value is used to represent encrypted hashed data).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Nishat and Jacobs to incorporate the teachings of Ramachandran to provide data may be added to the blockchain, where the data is associated with authorized .
Conclusion
7.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The following are relevant prior arts: Corduan et al. (US Pub. 2019/0007205) discloses persona management in online environments provides an identity by proxy with trusted parties having portions of the private cryptographic key of the consumer so that the private cryptographic key of the consumer may be generated; Numao et al. (US Pub. 2003/0081789) discloses decryption method systems and apparatus in which terminals belonging to a subset selected as a recipient group can collaborate to decrypt encrypted information; Pogorelik et al. (US Pub. 2016/0044001) discloses receive an encrypted provisioning message from a management device and key generation logic to generate a decryption key based on the plurality of key fragments.
8.	Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).

9.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to NHAN H NGUYEN whose telephone number is (571)272-6443.  The examiner can normally be reached on Monday-Friday 8:30am - 4:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on 571-272-4006.  The fax 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/NHAN HUU NGUYEN/Examiner, Art Unit 2492

/SALEH NAJJAR/Supervisory Patent Examiner, Art Unit 2492