DETAILED ACTION
This communication is in respond to application filed on August 16, 2021 in which claims 1-18 are presented for examination.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 10/01/2021 is being considered by the examiner, except where lined through, which fails to comply with 37 CFR 1.98(a)(2), which requires a legible copy of each cited foreign patent document; each non-patent literature publication or that portion which caused it to be listed; and all other information or that portion which caused it to be listed.  It has been placed in the application file, but the information referred to therein has not been considered.
The information disclosure statement (IDS) submitted on 11/10/2021 is being considered by the examiner.
The information disclosure statement (IDS) submitted on 11/17/2021 is being considered by the examiner.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/ guidance/eTD-info-I.jsp.
Claims 1, 4, 6, 7, 10, 12, 13, 16 and 18 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-18 of U.S. Patent No. 10,757,084 (hereinafter Pat. ‘084) in view of US PG-PUB No. 2013/0191632 A1 to Spector et al. (hereinafter Spector); Claims 2-3, 5, 8-9, 11, 14-15 and  in view of Spector and US PG-PUB No. 2017/0352027 A1 to Zhang et al. (hereinafter Zhang). 
With respect to the claims of the instant application, please refer to the following table, which illustrates the obvious and anticipatory relationship of the claim limitations at issue:
Instant application
US Pat. No. 10,757,084
1. A computer-implemented method for retrieving first data from an external data source that is external to a blockchain network, comprising: 
receiving, by a relay system node external to the blockchain network, a remote attestation request from a key management node; generating, by the relay system node, attestation evidence; transmitting, by the relay system node, the attestation evidence to the key management node in response to receiving the remote attestation request; subsequent to the key management node authenticating the relay system node, 
receiving, by the relay system node from the key management node, a service private key, and storing the service private key; 

receiving, by the relay system node and from a relay system smart contract executing within the blockchain network, a request to retrieve the first data from the external data source, the request comprising encrypted data, the encrypted data comprising access 

decrypting, by the relay system node, the encrypted data using the service private key of the key management node, to obtain the access data; transmitting, by the relay system node, the access data to the external data source; 



receiving, by the relay system node and from the external data source, a return result comprising the first data; generating, by the relay system node, a signature based on the first data and the service private key; and 


transmitting, by the relay system node, the return result and the signature to the relay system smart contract.





....
executing, by the key management node, an attestation process with each of the plurality of relay system nodes and an attestation service, wherein the key management node executes a key distribution process with the plurality of relay system nodes, the key distribution process resulting the service private key of the key management node being distributed to the plurality of relay system node...
...receiving, from a client smart contract and by a relay system smart contract executing within the blockchain network, a request for retrieving the data from the external data source, the request comprising encrypted data, the encrypted data comprising access 
Claim 6... the request is decrypted by the relay system node to obtain the access data using the service private key of the key management node...
Claim 1....selecting, by the relay system smart contract, a relay system node from a plurality of relay system nodes that are external to the blockchain network,...transmitting, by the relay system smart contract, the request to the relay system node; 
receiving, from the relay system node and by the relay system smart contract, a return result in response to the request, the return result comprising the data retrieved from the external data source obtained by the relay system node and a digital signature, wherein the digital signature is generated based on the data retrieved from the external data source and the service private key of the key management node; and transmitting, by the relay system smart contract, the return result to the client smart contract.


the return result comprising the data retrieved from the external data source obtained by the relay system node and a digital signature, wherein the digital 

1....
a relay system node from a plurality of relay system nodes that are external to the blockchain network, wherein the plurality of relay system nodes are distributed with a service private key of the key management node...


As per claim 1, Pat. ‘084 does not explicitly recite “receiving, by a relay system node external to the blockchain network, a remote attestation request from a key management node; generating, by the relay system node, attestation evidence; transmitting, by the relay system node, the attestation evidence to the key management node in response to receiving the remote attestation request; subsequent to the key management node authenticating the relay system node”, however, Pat. ‘084 does recite “...executing, by the key management node, an attestation process with each of the plurality of relay system nodes and an attestation service, wherein the key management node executes a key distribution process with the plurality of relay system nodes, the key distribution process resulting”, in an analogous art in secure network communications, Spector disclosed the concept of authenticating/attesting a network node prior to distributing keys to the network node, i.e., Spector disclosed receiving by a network node, a remote attestation request from a key management node; generating, by the network node, attestation evidence; transmitting, by the network node, the attestation evidence to the key management node in response to receiving the remote attestation request, and subsequent to the key management node authenticating the network node, receiving by the network node from the key management node, 
As per claims 2, Pat. ‘084 does not explicitly recite “wherein the attestation evidence comprises a measurement value, the measurement value comprising a digest of an initial state of the relay system node.”, however, in an analogous art in network security, Zhang disclosed attestation evidence comprises a measurement value, the measurement value comprising a digest of an initial state of the relay system node (Zhang, par 0081, “SGX allows a remote system to verify the software in an enclave and communicate securely with it. When an enclave is created, the CPU produces a hash of its initial state known as a measurement. The software in the enclave may, at a later time, request a report which includes a measurement and supplementary data provided by the process, such as a public key. The report is digitally signed using a hardware-protected key to produce a proof that the measured software is running in an SGX-protected enclave. This proof, known as a quote, can be verified by a remote system, 
As per claim 3, Pat. ‘084 in view of Spector and Zhang disclosed the computer-implemented method of claim 2, wherein the measurement value comprises a hash value of a process code of the relay system node (Zhang, par 0081, “SGX allows a remote system to verify the software in an enclave and communicate securely with it. When an enclave is created, the CPU produces a hash of its initial state known as a measurement. The software in the enclave may, at a later time, request a report which includes a measurement and supplementary data provided by the process, such as a public key. The report is digitally signed using a hardware-protected key to produce a proof that the measured software is running in an SGX-protected enclave. This proof, known as a quote, can be verified by a remote system, while the process-provided public key can be used by the remote system to establish a secure channel with the enclave or verify signed data it emits. We use the generic term "attestation" to refer to a quote, and denote it by att. We assume that a trustworthy measurement of the code for the enclave component of TC is available to any client that wishes to verify an attestation.”).
As per claim 5, Pat. ‘084 in view of Spector and Zhang disclosed the computer-implemented method of claim 1, comprising implementing, by the relay system node, an enclave program in which relay system node functions are performed (Zhang, par 0009, “The trusted bridge comprises a secure enclave component and a relay component. The trusted bridge is configured to receive in the secure enclave component a request for authenticated data via the relay component, to receive encrypted credentials in 

Claims 7-12 recite substantially the same limitations as claims 1-6, respectively, in the form of a non-transitory computer-readable storage medium storing instructions implementing the corresponding method, therefore, they are rejected under the same rationale.

Claims 13-18 recite substantially the same limitations as claims 1-6, respectively, in the form of a system implementing the corresponding method, therefore, they are rejected under the same rationale.

Claims 1, 4, 6, 7, 10, 12, 13, 16 and 18 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-18 of U.S. Patent No. 11,095,629 (hereinafter Pat. ‘629) in view of US PG-PUB No. 2013/0191632 A1 to Spector et al. (hereinafter Spector); Claims 2-3, 5, 8-9, 11, 14-15 and 17are rejected  on the ground of nonstatutory double patenting as being unpatentable over claims 1-18 of Pat. ‘629 in view of Spector and US PG-PUB No. 2017/0352027 A1 to Zhang et al. (hereinafter Zhang). 
With respect to the claims of the instant application, please refer to the following table, which illustrates the obvious and anticipatory relationship of the claim limitations at issue:
Instant application
US Pat. No. 11,095,629
1. A computer-implemented method for retrieving first data from an external data source that is external to a blockchain network, comprising: 

receiving, by the relay system node from the key management node, a service private key, and storing the service private key; 
receiving, by the relay system node and from a relay system smart contract executing within the blockchain network, a request to retrieve the first data from the external data source, the request comprising encrypted data, the encrypted data comprising access data for accessing the external data source, wherein the encrypted data is encrypted with a service public key paired with the service private key; 
decrypting, by the relay system node, the encrypted data using the service private key of the key management node, to obtain the access data; 






transmitting, by the relay system node, the return result and the signature to the relay system smart contract.










.... the plurality of relay system nodes are distributed with a service private key of the key management node...
receiving, from a client smart contract and by a relay system smart contract executing within the blockchain network, a request for retrieving the data from the external data source, the request comprising encrypted data, the encrypted data comprising access data for accessing the external data source that is encrypted using a service public key of a key management node that is external to the blockchain network; 
claim 6.... the request is decrypted by the relay system node to obtain the access data using the service private key of the key management node...
claim 1....


1....
the return result comprising the data retrieved from the external data source obtained by the relay system node and a digital signature, wherein the digital signature is generated based on the data retrieved from the external data source and the service private key of the key management node...
6. The computer-implemented method of claim 1, wherein the relay system node is included in a plurality of relay system nodes forming a multi-node cluster, and wherein the service private key is distributed to the plurality of relay system nodes.
1....a relay system node from a plurality of relay system nodes that are external to the blockchain network, wherein the plurality of relay system nodes are distributed with a service private key of the key management node...



As per claims 2, the Pat. ‘629 does not explicitly recite “wherein the attestation evidence comprises a measurement value, the measurement value comprising a digest of an initial state of the relay system node.”, however, in an analogous art in network security, Zhang disclosed attestation evidence comprises a measurement value, the measurement value comprising a digest of an initial state of the relay system node (Zhang, par 0081, “SGX allows a remote system to verify the software in an enclave and communicate securely with it. When an enclave is created, the CPU produces a hash of its initial state known as a measurement. The software in the enclave may, at a later time, request a report which includes a measurement and supplementary data provided by the process, such as a public key. The report is digitally signed using a hardware-protected key to produce a proof that the measured software is running in an SGX-protected enclave. This proof, known as a quote, can be verified by a remote system, while the process-provided public key can be used by the remote system to establish a secure channel with the enclave or verify signed data it emits. We use the generic term "attestation" to refer to a quote, and denote it by att. We assume that a trustworthy measurement of the code for the enclave component of TC is available to any client that wishes to verify an attestation.”); it would have been obvious to one of ordinary skill in the art before the effective filing date of the invention, to modify the system of Pat. ‘084 to further incorporate the generating of attestation evidence as disclosed by Zhang, in order to ensure the authenticity of relay device can be verified.  
As per claim 3, Pat. ‘629 in view of Spector and Zhang disclosed the computer-implemented method of claim 2, wherein the measurement value comprises a hash value of a process code of the relay system node (Zhang, par 0081, “SGX allows a remote system to verify the software in an enclave and communicate securely with it. When an enclave is created, the CPU produces a hash of its initial state 
As per claim 5, Pat. ‘629 in view of Spector and Zhang disclosed the computer-implemented method of claim 1, comprising implementing, by the relay system node, an enclave program in which relay system node functions are performed (Zhang, par 0009, “The trusted bridge comprises a secure enclave component and a relay component. The trusted bridge is configured to receive in the secure enclave component a request for authenticated data via the relay component, to receive encrypted credentials in the secure enclave component, to decrypt the encrypted credentials in the secure enclave component, to utilize the decrypted credentials to access a corresponding access-controlled account of a given one of the data sources via the relay component in order to obtain data, and to provide a response to the request via the relay component, the response being based at least in part on the data obtained from the given data source via the relay component”).

Claims 7-12 recite substantially the same limitations as claims 1-6, respectively, in the form of a non-transitory computer-readable storage medium storing instructions implementing the corresponding method, therefore, they are rejected under the same rationale.

Claims 13-18 recite substantially the same limitations as claims 1-6, respectively, in the form of a system implementing the corresponding method, therefore, they are rejected under the same rationale.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-18 are rejected under 35 U.S.C. 103 as being unpatentable over US PG-PUB No. 2017/0352027 A1 to Zhang et al. (hereinafter Zhang) in view of US PG-PUB No. 2013/0191632 A1 to Spector et al. (hereinafter Spector).
As per claim 1, Zhang disclosed a computer-implemented method for retrieving first data from an external data source that is external to a blockchain network (Zhang, Fig. 1, Abstract, and par 0005-0010, method and system implementing a trusted bridge between data sources and data consuming device), comprising: 
....; 
receiving, by the relay system node from the key management node, a service private key, and storing the service private key (Zhang, par 0040, “At least a portion of a given request for authenticated data from the secure enclave component 110 may be encrypted by the smart contract program using a public key of the secure enclave component 110. A corresponding secret key of the secure enclave component 110 is securely held in trusted hardware of that component”, which indicates the private key has been previously received and stored);
receiving, by the relay system node and from a relay system smart contract executing within the blockchain network, a request to retrieve the first data from the external data source (Zhang, par 0036-0037, “The secure enclave component 110 is illustratively configured to receive a request for authenticated data from the smart contract program of the blockchain via the relay 
decrypting, by the relay system node, the encrypted data using the service private key of the key management node, to obtain the access data (Zhang, par 0040, “At least a portion of a given request for authenticated data from the secure enclave component 110 may be encrypted by the smart contract program using a public key of the secure enclave component 110”, also par 0043, “Additionally or alternatively, the request may comprise encrypted user credentials. In such an arrangement, the secure enclave component 110 decrypts the user credentials and utilizes the user credentials to obtain access to a corresponding access-controlled user account of a given one of the data sources 104 in order to obtain the data. The user credentials are illustratively encrypted using a public key of the secure enclave component 110”); 
transmitting, by the relay system node, the access data to the external data source; receiving, by the relay system node and from the external data source, a return result comprising the first data; generating, by the relay system node, a signature based on the first data and the U as a digitally signed blockchain message.”);
Zhang does not explicitly disclose “receiving, by a relay system node external to the blockchain network, a remote attestation request from a key management node; generating, by the relay system node, attestation evidence; transmitting, by the relay system node, the attestation evidence to the key management node in response to receiving the remote attestation request” prior to receiving, by the relay system node from the key management node, a service private key, and storing the service private key; however, Zhang disclosed in attestation evidence can be used for verification (Zhang, par 0081, “SGX allows a remote system to verify the software in an enclave and communicate securely with it. When an enclave is created, the CPU produces a hash of its initial state known as a measurement. The software in the enclave may, at a later time, request a report which includes a measurement and supplementary data provided by the process, such as a public key. The report is digitally signed using a hardware-protected key to produce a proof that the measured software is running in an SGX-protected enclave. This proof, known as a 

As per claim 2, Zhang-Spector disclosed the computer-implemented method of claim 1, wherein the attestation evidence comprises a measurement value, the measurement value comprising a digest of an initial state of the relay system node (Zhang, par 0081, “SGX allows a remote system to verify the software in an enclave and communicate securely with it. When an enclave is created, the CPU produces a hash of its initial state known as a measurement. The software in the enclave may, at a later time, request a report which includes a measurement and supplementary data provided by the process, such as a public key. The report is digitally signed using a hardware-protected key to produce a proof that the measured software is running in an SGX-protected enclave. This proof, known as a quote, can be verified by a remote system, while the process-provided public key can be used by the remote system to establish a secure channel with the enclave or verify signed data it emits. We use the generic term "attestation" to refer to a quote, and denote it by att. We assume that a trustworthy measurement of the code for the enclave component of TC is available to any client that wishes to verify an attestation.”).

As per claim 3, Zhang-Spector disclosed the computer-implemented method of claim 2, wherein the measurement value comprises a hash value of a process code of the relay system node (Zhang, par 0081, “SGX allows a remote system to verify the software in an enclave and communicate securely with it. When an enclave is created, the CPU produces a hash of its initial state known as a measurement. The software in the enclave may, at a later time, request a report which includes a measurement and supplementary data provided by the process, such as 

As per claim 4, Zhang-Spector disclosed the computer-implemented method of claim 2, wherein the attestation evidence further comprises a public key of the relay system node and a digital signature of the relay system node, and wherein generating the digital signature comprises generating the signature based on the measurement value and the public key using an attestation private key of the relay system node (Zhang, par 0081, “SGX allows a remote system to verify the software in an enclave and communicate securely with it. When an enclave is created, the CPU produces a hash of its initial state known as a measurement. The software in the enclave may, at a later time, request a report which includes a measurement and supplementary data provided by the process, such as a public key. The report is digitally signed using a hardware-protected key to produce a proof that the measured software is running in an SGX-protected enclave. This proof, known as a quote, can be verified by a remote system, while the process-provided public key can be used by the remote system to establish a secure channel with the enclave or verify signed data it emits. We use the generic term "attestation" to refer to a quote, and denote it by att. We assume that a trustworthy measurement of the code for the enclave component of TC is available to any client that wishes to verify an attestation.”).



As per claim 6, Zhang-Spector disclosed the computer-implemented method of claim 1, wherein the relay system node is included in a plurality of relay system nodes forming a multi-node cluster, and wherein the service private key is distributed to the plurality of relay system nodes (Zhang, par 0047, “...the secure enclave component 110 in other embodiments may be one of a plurality of secure enclave components that collectively authenticate data obtained via at least one relay component of at least one trusted bridge....alternative embodiments can implement multiple instances of the secure enclave component 110 and the relay component 112 within the trusted bridge 102 or across multiple instances of the trusted bridge 102. It is also possible for one or both of the secure enclave component 110 and the relay component 112 to each include multiple sets of components or other elements”).



Claims 13-18 recite substantially the same limitations as claims 1-6, respectively, in the form of a system implementing the corresponding method, therefore, they are rejected under the same rationale.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Callan et al. (US Pat. No. 10,243,748 B1) disclosed blockchain based digital certificate provisioning of IoT devices.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to Linglan Edwards whose telephone number is (571)270-5440. The examiner can normally be reached 8:00am - 4:00pm. 
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok B Patel can be reached on 5712723972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To 





/LINGLAN E EDWARDS/Primary Examiner, Art Unit 2491