Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
DETAILED ACTION
This action is in response to original filings made on 9/18/2020. Claims 1-20 are pending.
Priority
Acknowledgment is made of applicant’s claim for foreign priority under 35 U.S.C. 119 (a)-(d). 
Specification (Title)
The title of the invention is not descriptive.  A new title is required that is clearly indicative of the invention to which the claims are directed. 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 5-7, 11-13 and 15-20 are rejected under 35 U.S.C. 103 as being unpatentable over Jayachandran et al. (US Patent No. 10,735,202 and Jayachandran hereinafter) in view of Shah (US Patent Publication No. 2017/0091397).

As to claims 1 and 11, Jayachandran teaches a method for controlling a data access right, wherein the method comprises: 
receiving, by a first proxy node, a first request message from a request node (i.e., …Jayachandran teaches as part of his claim 1 feature(s) the following: “sending, via a device associated with a first authorized user of a blockchain, a request to a second authorized member of the blockchain to access an encrypted user profile stored on the blockchain”),  
wherein the first request message comprises an identity of the request node and an identifier of to-be- accessed data (i.e., … Jayachandran teaches in col. 3 lines 60-67 the following: “a signed message that includes an encryption key or other information necessary to identify the customer profile and access the information.”), 
determining, by the first proxy node, a first encrypted ciphertext on a blockchain based on the identifier of the to-be-accessed data (i.e., …. Jayachandran teaches in col. 3, lines 55-67 the following: “information may be encrypted and stored 126 in the blockchain 110.…may then use the signed credentials to request the customer information 134 directly from the blockchain”), 
and determining, based on the identity of the request node, whether the request node has a right to read the first encrypted ciphertext (i.e., … Jayachandran teaches in col. 4 lines 60-67 the following: “The profile must be readable only by a provider possessing valid consent from the customer. An auditor must be able to unambiguously map the identity in the consent to a real identity.”.); 
and if the request node has the right to read the first encrypted ciphertext (i.e.,. … Jayachandran teaches in col. 6 lines 40-50 the following: “In all likelihood, the request may be denied without prior access privileges being granted. A request for the customer consent may be sent for access to the customer's KYC data. The customer may provide consent to B's requests for blockchain access. The provider `B` may then attempt again to access the KYC information again, however, this time with the signed consent. The chaincode may authorize the request and the blockchain may notify provider `A` of 
initiating a right verification request for the request node to at least one second proxy node (i.e.,. … Jayachandran teaches in col. 6 lines 40-50 the following: “In all likelihood, the request may be denied without prior access privileges being granted. A request for the customer consent may be sent for access to the customer's KYC data. The customer may provide consent to B's requests for blockchain access. The provider `B` may then attempt again to access the KYC information again, however, this time with the signed consent. The chaincode may authorize the request and the blockchain may notify provider `A` of the authorization event and `A` may perform targeted release of the corresponding profile encryption key.”.), 
and determining, based on a feedback result of the at least one second proxy node, provisioning of the first encrypted ciphertext (i.e.,. … Jayachandran teaches in col. 6 lines 40-50 the following: “In all likelihood, the request may be denied without prior access privileges being granted. A request for the customer consent may be sent for access to the customer's KYC data. The customer may provide consent to B's requests for blockchain access. The provider `B` may then attempt again to access the KYC information again, however, this time with the signed consent. The chaincode may authorize the request and the blockchain may notify provider `A` of the authorization event and `A` may perform targeted release of the corresponding profile encryption key.”. …teaches in col. 9 lines 10-21 the following: “The consent may include read and write access to the user profile, and a key for decrypting the user profile is provided via the blockchain to the requesting authorized member of the blockchain without exposing the key to other blockchain members”.).

Jayachandran does not expressly teach: proxies.
In this instance the examiner notes the teachings of prior art reference Shah.

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Jayachandran with the teachings of Shah by including the feature of proxies. Utilizing proxies as taught by Shah above allows a system to provide comprehensive access control and therefore provides the motivation in this instance to combine the references. The examiner contends that by combining the references, Jayachandran's system will obtain the capability to provide enhanced data security. 

As to claims 2 and 12, the system of Jayachandran and Shah as applied to claims 1 and 11 above teaches adding encrypted data to a blockchain, specifically Jayachandran teaches a method according to claim 1 and/or network node according to claim 11, wherein the determining, based on the identity of the request node, whether the request node has a right to read the first encrypted ciphertext comprises (i.e. …teaches in col. 8 lines 20-25 the following: “consent recorded on blockchain 330 identifies the third party using the transactional identity proven earlier”.):
reading, on the blockchain, authorization information of the request node based on the identity of the request node (i.e. …teaches in col. 8 lines 20-25 the following: “consent recorded on blockchain 330 identifies the third party using the transactional identity proven earlier”.),
wherein the authorization information is closest to an end of a chained storage structure of the blockchain identity of the request node (i.e. …teaches in col. 8 lines 20-25 the following: “consent recorded on blockchain 330 identifies the third party using the transactional identity proven earlier”.), 
and the authorization information indicates that the request node is allowed or disallowed (i.e.,. …teaches in col. 6 lines 40-50 the following: “In all likelihood, the request may be denied without prior access privileges being granted).

As to claims 3 and 13, the system of Jayachandran and Shah as applied to claims 1 and 11 above teaches adding encrypted data to a blockchain, specifically Jayachandran teaches a method according to claim 1 and/or network node according to claim 11, wherein the initiating a right verification request for the request node to at least one second proxy node comprises: 
determining, by the first proxy node, m second proxy nodes, wherein m is a positive integer greater than or equal to 1 (see figure 1A); 
and sending the right verification request to each of the m second proxy nodes (i.e., illustrates in figure 1A, figure element(s) 126, 134, 136 and 138 a request being sent to a node), 
wherein the right verification request comprises the identity of the request node and the first encrypted ciphertext (i.e., illustrates in figure 1A, figure element 134 a request being sent to a node with identity and profile indication data), 
and the first encrypted ciphertext is generated by encrypting the to-be-accessed data (i.e.… teaches that the profile data is encrypted in figure 1A, figure element 126).

As to claims 5 and 15, the system of Jayachandran and Shah as applied to claims 1 and 11 above teaches adding encrypted data to a blockchain, specifically Jayachandran teaches a method according to claim 3 and/or network node according to claim 13, wherein the determining, based on a feedback result of the at least one second proxy node, provisioning of the first encrypted ciphertext comprises: if the first proxy node receives partial keys sent by less than k second proxy nodes, or receives a denial message fed back by at least one second proxy node, sending an access denial message to the request node (i.e., …the examiner notes that applicant’s usage of the “or” places the above limitation in alternative form. As such with regards to applicant’s alternative limitation of, “receives a denial message fed back by at least one second proxy node, sending an access denial message to the request node”, 

As to claims 6 and 16, the system of Jayachandran and Shah as applied to claims 1 and 11 above teaches adding encrypted data to a blockchain, specifically Jayachandran teaches a method according to claim 1 and/or network node according to claim 11, wherein the receiving, by a first proxy node, a first request message from a request node comprises: receiving, by the first proxy node, the first request message forwarded by any blockchain node on the blockchain network (i.e., …illustrates in fig. 3 the message communication).

As to claims 7 and 17, the system of Jayachandran and Shah as applied to claims 1 and 11 above teaches adding encrypted data to a blockchain, specifically Jayachandran teaches a method according to claim 1 and/or network node according to claim 11, wherein the method further comprises: determining, by the first proxy node based on the identity of the request node, that the request node has no right to read the first encrypted ciphertext, denying the first request message of the request node (i.e.,. …teaches in col. 6 lines 40-50 the following: “In all likelihood, the request may be denied without prior access privileges being granted. A request for the customer consent may be sent for access to the customer's KYC data. The customer may provide consent to B's requests for blockchain access. The provider `B` may then attempt again to access the KYC information again, however, this time with the signed consent. The chaincode may authorize the request and the blockchain may notify provider `A` of the authorization event and `A` may perform targeted release of the corresponding profile encryption key.”. …teaches in col. 9 lines 10-21 the following: “The consent may include read and write access to the user profile, and a key for decrypting the user profile is provided via the blockchain to the 

As to claim 18, Jayachandran teaches a network node, applied to a second proxy node and comprising: 
a memory (i.e., …see figure 5 of Jayachandran); 
a transceiver configured to receive a right verification request from a first proxy node (i.e., … Jayachandran teaches in col. 3 lines 60-67 the following: “a signed message that includes an encryption key or other information necessary to identify the customer profile and access the information.”), 
wherein the right verification request comprises an identity of a request node and a first encrypted ciphertext (i.e., … Jayachandran teaches in col. 9 lines 10-21 the following: “The consent may include read and write access to the user profile, and a key for decrypting the user profile is provided via the blockchain to the requesting authorized member of the blockchain without exposing the key to other blockchain members”.), 
and the first encrypted ciphertext is generated by encrypting to-be- accessed data  (Jayachandran teaches as part of his claim 1 the following: “sending, via a device associated with a first authorized user of a blockchain, a request to a second authorized member of the blockchain to access an encrypted user profile stored on the blockchain”); 
a processor configured to execute code stored in the memory to: determine, based on the identity of the request node (i.e., … Jayachandran teaches in col. 3 lines 60-67 the following: “a signed message that includes an encryption key or other information necessary to identify the customer profile and access the information.”), 
whether the request node has a right to read the first encrypted ciphertext (i.e.,. … Jayachandran teaches in col. 6 lines 40-50 the following: “In all likelihood, the request may be denied without prior access 
and if the request node has the right to read the first encrypted ciphertext, generate a partial key  (i.e., . .. Jayachandran teaches in col. 4 lines 35-50 the following: “anonymous key-sharing, to avoid peer-to-peer key exchange that may violate the privacy of providers, the key is exchanged through the blockchain itself. Relying on a trusted PKI, the profile decryption key is itself encrypted in such a way that only other authorized providers on the blockchain network will be able to decrypt the key.”); 
wherein the transceiver is configured to send the partial key to the first proxy node (i.e.,  ...t Jayachandran eaches in col. 4 lines 35-50 the following: “anonymous key-sharing, to avoid peer-to-peer key exchange that may violate the privacy of providers, the key is exchanged through the blockchain itself. Relying on a trusted PKI, the profile decryption key is itself encrypted in such a way that only other authorized providers on the blockchain network will be able to decrypt the key.”).

Jayachandran does not expressly teach: proxies.
In this instance the examiner notes the teachings of prior art reference Shah.
Shah is noted to teach proxies in combination with Blockchain environment(s) in paragraph 0031. 

 
As to claim 19, the system of Jayachandran and Shah as applied to claim 18 above teaches adding encrypted data to a blockchain, specifically Jayachandran teaches a network node according to to claim 18, wherein the processor configured to generate a partial key comprises: the processor configured to: obtain an encrypted partial key on a blockchain network (i.e., . ..teaches in col. 4 lines 35-50 the following: “anonymous key-sharing, to avoid peer-to-peer key exchange that may violate the privacy of providers, the key is exchanged through the blockchain itself. Relying on a trusted PKI, the profile decryption key is itself encrypted in such a way that only other authorized providers on the blockchain network will be able to decrypt the key.”), 
where the encrypted partial key is generated after encryption is performed by using a public key of the second proxy node (i.e., . ..teaches in col. 4 lines 35-50 the following: “anonymous key-sharing, to avoid peer-to-peer key exchange that may violate the privacy of providers, the key is exchanged through the blockchain itself. Relying on a trusted PKI, the profile decryption key is itself encrypted in such a way that only other authorized providers on the blockchain network will be able to decrypt the key.”); 
and decrypt the encrypted partial key by using a private key of the second proxy node, to generate the partial key (i.e., . ..teaches in col. 4 lines 35-50 the following: “anonymous key-sharing, to avoid peer-to-peer key exchange that may violate the privacy of providers, the key is exchanged through 

As to claim 20, the system of Jayachandran and Shah as applied to claim 18 above teaches adding encrypted data to a blockchain, specifically Jayachandran teaches a network node according to claim 19, wherein the processor is further configured to: determine, based on the identity of the request node, the request node has no right to read the first encrypted ciphertext, and deny the right verification request of the first proxy node by using the transceiver (i.e.,. …teaches in col. 6 lines 40-50 the following: “In all likelihood, the request may be denied without prior access privileges being granted. A request for the customer consent may be sent for access to the customer's KYC data. The customer may provide consent to B's requests for blockchain access. The provider `B` may then attempt again to access the KYC information again, however, this time with the signed consent. The chaincode may authorize the request and the blockchain may notify provider `A` of the authorization event and `A` may perform targeted release of the corresponding profile encryption key.”. …teaches in col. 9 lines 10-21 the following: “The consent may include read and write access to the user profile, and a key for decrypting the user profile is provided via the blockchain to the requesting authorized member of the blockchain without exposing the key to other blockchain members”.).
Allowable Subject Matter
Claims 4 and 14 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. The following is a statement of reasons for the indication of allowable subject matter:  "receiving, by the first proxy node, partial keys sent by at least k second proxy nodes, wherein the partial keys are generated and sent by the second proxy nodes after the second proxy nodes verify, based on the identity of the request node, that the request node has the right to read the first 
Claim 8 is allowed by way of its dependency on dependent claim 4. Claim 9 is allowed by way of its dependency on dependent claim 8, for which depends on dependent claim 4. Dependent 10 is allowed by way its dependency on dependent claim 8, for which depends on dependent claim 4.
Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRYAN F WRIGHT whose telephone number is (571)270-3826.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on (571)272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/BRYAN F WRIGHT/Examiner, Art Unit 2497