DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on October 27, 2021 has been entered.
This office action is in response to communication filed on October 27, 2021
Claims 1 – 20 are being considered on the merits

Response to Amendment
Status of claims in the instant application:
Claims 1 – 20 are pending.
Claims 1 – 2, 7 – 8, and 13 – 14 are amended.
Claims 19 – 20 are new.
Applicant’s argument, see page [8 – 12] of Applicant’s remarks on June 15, 2021, with respect claims 1 – 2, 7 – 8, and 13 – 14 that were rejected under 35 U.S.C. 103 as being unpatentable over US 20180183587 A1 to Won et al., (hereafter, "Won") in view of WO 2018100578 A1 to Mishli et al., (hereafter, "Mishli"), have been fully considered in view of the filed claim amendments, but there are not persuasive. Therefore, the application is directed to the response below:
Applicant's arguments regarding the rejection of the independent claims under 35 USC 103 are moot in view of the new grounds of rejection rendered below since they are based on newly added limitations of the claims which are addressed in detail below. The newly added limitations are now rejected under Crossley in view of Mishli. Therefore, the rejection of all claims are now rejected under Crossley in view of Mishli under 35 USC 103. 

Applicant’s argument, see page [12 – 13] of Applicant’s remarks on June 15, 2021, with respect claims 3 – 6, 9 – 12, and 15 – 18 that were rejected under 35 U.S.C. 103 as being unpatentable over US 20180183587 A1 to Won et al., (hereafter, "Won") in view of WO 2018100578 A1 to Mishli et al., (hereafter, "Mishli") in further view of US 20200005296 A1 to Green, have been fully considered in view of the filed claim amendments, but there are not persuasive. Therefore, the application is directed to the response below:
In response, examiner notes that applicant argued that the verifiable hash ID and the OTP from Green does not necessarily confirm that the message has not been changed. Green discloses the verifiable hash ID which would contain the detail of the contents being purchased and the transaction details. This further uses verifiable hash ID to confirm the transfer between IoT devices to make sure that transaction verify on both IoT device. This allows “When the transaction is added to the blockchain, the retail site can confirm the transaction is valid and process the order accordingly. The IoT device may submit the blockchain transaction and sign the transaction with a private key before distributing the transaction to the blockchain. When the transaction is added to the blockchain, the retail site can confirm the transaction is valid and process the order accordingly. The IoT device may then create a blockchain transaction 422, digitally sign the transaction 424, add a verifiable hash 426 to the transaction for further authorization and security purposes and forward the finalized blockchain transaction to a third party for fulfillment of the assets 428. The transaction may then be forwarded 432 to the blockchain 430 for commitment.” because the verifiable hash ID is being used to confirm the transaction. Therefore, verifiable hash is interpreted as MAC.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1 – 2, 7 – 8, and 13 – 14 are rejected under 35 U.S.C. 103 as being unpatentable over US 11138170 B2 to Crossley et al., (hereafter, "Crossley") in view of WO 2018100578 A1 to Mishli et al., (hereafter, "Mishli").
Regarding claim 1, Crossley teaches a system for improved data privacy in Internet of Things (IoT) devices, the system comprising: an IoT device configured to generate various data types; [Crossley, col. 24 lines 7 – 9 discloses these things of the Internet of Things will generate enormous volumes of data, potentially up to terabytes of data or more data every second. Col. 16 lines 36 – 50 discloses it should be noted that the data collected by instrumentation is unstructured. The value of a key/value pair can be an arbitrary symbol string or an array of symbol strings. Multiple values may be later combined to create longer symbol strings. The data collected is specified by the instrumentation code or circuitry. The data processing, query-based filtering and selection of data, and data enhancement generally take place downstream, in a processing center or other system remote from where the instrumentation is executed to collect data. There are many advantages to downstream data processing, including the ability of the processing center to emit many different types of data streams from a common collection of data, separately applying different types of queries, filtering, and enhancement to the collected data to generate separate data streams.], wherein a data type i of the various data types generated by the IoT device is encrypted based on symmetric-key encryption using the one or more blockchain nodes [Crossley, col. 25 lines 60 – 67 to col. 26 lines 1 – 15 discloses The query data is packaged into communications messages 2802-2804 for transmission by the distributor component 2618 of the QAAS system. In a first security step, the distributor component employs a public encryption key furnished by secure communications to the QAAS system by the client system in order to encrypt the data within each query-result-data message to produce an encrypted query-data message 2810. The encrypted query-data message is re-encrypted by the underlying secure communications tunnel 2812 to produce a doubly encrypted query-result-data message 2814 that is transmitted through the secure tunnel to the QAAS remote client within the client system. A first decryption 2816 is carried out by the secure tunnel and the QAAS remote client running within the client system then carries out an additional private-key decryption 2818 using a client private encryption key 2820 to produce a clear-text query-response-data message 2822. A multi-way authentication and authorization protocol is employed within the secure-tunnel system to authenticate both the QAAS system and the QAAS remote client prior to data transmission using authentication certificates provided by a third-party certification organization], and wherein the data recipient having the symmetric key is granted access to only the data type i of the various data types generated by the IoT device [Crossley, col. 26 lines 6 – 21 discloses a first decryption 2816 is carried out by the secure tunnel and the QAAS remote client running within the client system then carries out an additional private-key decryption 2818 using a client private encryption key 2820 to produce a clear-text query-response-data message 2822. The client private key 2820 is generated by the client computer and stored securely within the QAAS remote client. It is not transmitted either to the QAAS system or, in most cases, any other remote system by the client. Thus, query-result data is fully secured within the QAAS system prior to transmission over the Internet or other communications systems. Col. 11 lines 38 – 51 discloses the encoding of key/value pairs generated by instrumentation within a URL. The URL 802 includes a path name to a resource stored on a data-collection server 804 followed by a question mark 805 and then a series of semi-colon-delimited key/value pairs 806. In FIG. 8A, and in subsequent figures, the symbol strings “k1,” “k2,” . . . are used to indicate different keys and the corresponding values are generally indicated by a series of “x” symbols between pairs of single quotes or double quotes, such as “x” symbol strings 808 and 810 in FIG. 8A indicating the values corresponding to keys “k1” and “k2.” Col. 12 lines 5 – 24 discloses an enriched event message includes a “meta” object 840, a “data” object 842, and an “ext” object 844. The “ext” object includes three lower-level objects “geo” 846, “device” 848, and “browser” 850. The geo object contains key/value pairs that describe the geographical location of a user/processor-controlled user appliance. The device object 848 includes key/value pairs that characterize the user/processor-controlled appliance. The browser object 850 includes key/value pairs that characterize the type of browser used by the user. The data values included in the “ext” object 844 are derived from the data values included in the “meta” and “data” objects as well as additional calculated values and data sources accessible to the processing center and used for event-message enrichment. Many types of enrichments are possible. For example, an enriched event message may include indications of the current weather at a user's location, the size of the town or city in which the user is located, public data related to the user, and many other types of information.], but Crossley does not teach one or more blockchain nodes in communication with the IoT device; one or more multi-party computation (MPC) nodes in communication with the one or more blockchain nodes and the IoT device, and wherein a symmetric key for the encrypted data is securely distributed via a MPC process to a data recipient.
However, Mishli does teach one or more blockchain nodes in communication with the IoT device; [Mishli, page 2 lines 10 – 13 discloses The physical device may also comprises a communication module configured to receive the message, either from a security server having access to the internet, or from an intermediate entity located closer to the physical device, for example via Bluetooth communication] one or more multi-party computation (MPC) nodes in communication with both the one or more blockchain nodes and the IoT device; [Mishli, page 4 lines 7 – 12 discloses a secret associated with a physical device, for example an encryption key or a password, can be generated, used etc. without ever being unified, even during the provisioning process. Specifically, as part of the provisioning process, the key is generated in a distributed manner using Multi-Party Computation (MPC), in which one share is stored on the security server and another share is stored on the physical device. Page 5 lines 6 - 11 discloses the security server runs an MPC process using MPC module. The MPC module of the physical device cooperates with the MPC module of the security server to output two shares of the credential. The two shares are never stored in a single device during or after the credential creation process. At the end of the MPC process, one share is stored at the memory module of the physical device and the other share is stored in the credential database of the security server] and a data recipient, [Mishli, page 6 lines 4 – 7 discloses the physical device 210 comprises a security agent 212 embedded therein, configured to perform security-related operations. For example, the security agent 212 processes a message received via communication module 215, said message comprises a share of a credential to be used by the physical device 210 or by a user of the physical device] wherein a symmetric key for the encrypted data is securely distributed via a MPC process to the data recipient. [Mishli, page 2 lines 12 – 17 discloses the system also comprises a multi-party computation (MPC) module configured to compute two or more shares of the credential, send one share to the physical device and store another share associated with the device identifier in a credential database. This way, the physical device receives only a portion of the credential and the manufacturer or personnel associated with manufacturing the physical device cannot compromise the credential. Such credential may be an encryption key.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Mishli’s system with Crossley’s system, with a motivation to divide a credential into shares that are stored in different entities, for example one share is stored in the physical device and the other share is stored in a security server, while no entity has access to a share not stored therein. [Mishli, page 4 lines 4 - 7]

Regarding claim 2, modified Crossley teaches the system as set forth in Claim 1, wherein the one or more blockchain nodes generates the symmetric key for the data type i for a time t [Crossley, col. 26 lines 6 – 21 discloses a first decryption 2816 is carried out by the secure tunnel and the QAAS remote client running within the client system then carries out an additional private-key decryption 2818 using a client private encryption key 2820 to produce a clear-text query-response-data message 2822. A multi-way authentication and authorization protocol is employed within the secure-tunnel system to authenticate both the QAAS system and the QAAS remote client prior to data transmission using authentication certificates provided by a third-party certification organization. The client private key 2820 is generated by the client computer and stored securely within the QAAS remote client. It is not transmitted either to the QAAS system or, in most cases, any other remote system by the client. Thus, query-result data is fully secured within the QAAS system prior to transmission over the Internet or other communications systems.], but Crossley does not teach shares the symmetric key with the one or more MPC nodes and the IoT device. 
	However, Mishli does teach shares the symmetric key with the one or more MPC nodes and the IoT device. [Mishli, page 4 lines 2 – 7 discloses securely distributing credentials and encryption keys for physical devices, for example IoT devices. The credentials may be distributed during the manufacture process of the physical device or after, for example by a person using the device or a person who purchased the device. The credential is divided into shares that are stored in different entities, for example one share is stored in the physical device and the other share is stored in a security server, while no entity has access to a share not stored therein.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Mishli’s system with Crossley’s system, with a motivation to associate a secret with a physical device can be generated, used, etc. without ever being unified, even during the provisioning process. Specifically, as part of the provisioning process, the key is generated in a distributed manner using Multi-Party Computation (MPC), in which one share is stored on the security server and another share is stored on the physical device. This way, the entire key never exists in a single entity. [Mishli, page 4 lines 7 - 12]

Regarding claims 7 - 8, they recite features similar to features in claims 1 – 2, respectively, and therefore are rejected in a similar manner. 

Regarding claim 13, Crossley teaches a computer program product for improved data privacy in Internet of Things (IoT) devices, the computer program product comprising: computer-readable instructions stored on a non-transitory computer-readable medium that are executable by a computer having one or more processors for causing the processor to perform operations of [Crossley, col. 23 lines 59 – 67 to col. 24 lines 1 – 7 discloses the QAAS system essentially serves as a global data-collection-and-query-processing system for the things referenced in the phrase “Internet of Things.” These things may be processor-controlled appliances and computer systems, including laptops, tablets, PCs, smartphones, personal computers, and other relatively high-end devices, but may also include any of a myriad of different types of machines, systems, appliances, and objects that include network-connected sensors, electronics, and/or processors that allow the objects to generate and transmit event messages. The objects may vary from clothes, furniture, and other consumer items labeled with RFID tags to automobiles, trains, airplanes, machine tools, home appliances, and many other types of objects that, as computing evolves, either already are, or soon will be, Internet-connected as a matter of course] claim 13 recites features similar to features in claims 1 and therefore are rejected in a similar manner.

Regarding claim 14, they recite features similar to features in claim 2, respectively, and therefore are rejected in a similar manner.

Claims 3 – 6, 9 – 12, and 15 – 18 are rejected under 35 U.S.C. 103 as being unpatentable over US 11138170 B2 to Crossley et al., (hereafter, "Crossley")  in view of WO 2018100578 A1 to Mishli et al., (hereafter, "Mishli") in further view of US 20200005296 A1 to Green.
Regarding claim 3, modified Crossley teaches the system as set forth in Claim 2, but modified Crossley does not teach wherein the IoT device generates a data block of data type i at time t and encrypts the data block along with a message authentication code using the symmetric key, and wherein the IoT forwards encrypted data blocks of various data types to the one or more blockchain nodes. 
However, Green does teach wherein the IoT device generates a data block of data type i at time t and encrypts the data block along with a message authentication code using the symmetric key, and wherein the IoT forwards encrypted data blocks of various data types to the one or more blockchain nodes. [Green, para. 32 discloses in order to create a blockchain transaction based on the communication between the user device and the IoT device, the IoT device may create a virtual shopping cart of all the groceries to order via an online merchant site, such as ABC store, and request a verifiable hash ID to confirm the order information. A verifiable hash ID could be created by hashing the time, the IDs associated with the parties, and the contents of the purchase order. The details of the order and the various contents may be included in the transaction details. ... The IoT device may submit the blockchain transaction and sign the transaction with a private key before distributing the transaction to the blockchain. When the transaction is added to the blockchain, the retail site can confirm the transaction is valid and process the order accordingly. Para. 53 discloses The IoT device may then create a blockchain transaction 422, digitally sign the transaction 424, add a verifiable hash 426 to the transaction for further authorization and security purposes and forward the finalized blockchain transaction to a third party for fulfillment of the assets 428. The transaction may then be forwarded 432 to the blockchain 430 for commitment.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Green’s system with Crossley’s system, with a motivation to have an approach of the IoT device receive OTP confirmation and conduct transactions reduces the overall risk when private keys are lost. [Green, para. 32]

Regarding claim 4, modified Crossley teaches the system as set forth in Claim 3, but Crossley does not teach wherein the one or more blockchain nodes ensures that all received encrypted data blocks are generated by the IoT device by verifying the message authentication code.
 However, Green does teach wherein the one or more blockchain nodes ensures that all received encrypted data blocks are generated by the IoT device by verifying the message authentication code. [Green, para. 32 discloses the IoT device may submit the blockchain transaction and sign the transaction with a private key before distributing the transaction to the blockchain. When the transaction is added to the blockchain, the retail site can confirm the transaction is valid and process the order accordingly. Para. 53 discloses The IoT device may then create a blockchain transaction 422, digitally sign the transaction 424, add a verifiable hash 426 to the transaction for further authorization and security purposes and forward the finalized blockchain transaction to a third party for fulfillment of the assets 428. The transaction may then be forwarded 432 to the blockchain 430 for commitment.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Green’s system with Crossley’s system, with a motivation to ensure, by the blockchain, that all transactions are immutable and cryptographically secure, which insures the transactions are not susceptible to a replay attack or a double play attack, where a malicious 3.sup.rd party attempts to reuses the OTP to authorize a malicious transaction. [Green, para. 51]

Regarding claim 5, modified Crossley teaches the system as set forth in Claim 4, but Crossley does not teach wherein upon verifying that the data recipient is allowed to access the encrypted data block of data type i from the IoT from time t, the one or more MPC nodes distributes the symmetric key to the data recipient. 
However, Green does teach wherein upon verifying that the data recipient is allowed to access the encrypted data block of data type i from the IoT from time t, the one or more MPC nodes distributes the symmetric key to the data recipient. [Green, para. 28 discloses the device may transmit inquiries to a user device and/or user via a voice recognition interface that inquires to the user/user device if he or she would like to order some groceries via online grocery services. The refrigerator device is authorized to place orders from the online grocery store but may not have authorization to make a purchase or confirm an order without additional permissions. The authorization for the order is received from the user device by one of many different approaches. In one example, the user may wave a one-time password (OTP) token device against the refrigerator device, and via near-field communication (NFC), Bluetooth, radio frequency identification (RFID), etc., the authentication may be authorized. The refrigerator device receives the OTP and is now able to place the order on the blockchain network as a blockchain transaction by listing the user's OTP in the transaction as data that will be encrypted but is otherwise susceptible to audits. The one-time password (OTP) data is written to the transaction and maintained in the immutable ledger. The OTP may be a symmetric OTP which requires users of the blockchain to have the shared private key to verity the OTP when used. However, asymmetric OTPs may also be used since the peers may use a public key to verity the asymmetric OTP. Para. 29 discloses a multiparty blockchain transaction may use a one-time password for secondary parties as well. An example of multiparty transactions is an IoT refrigerator that attempts to order groceries via an online service market. The refrigerator is authorized to create a shopping cart for a specific grocery store, but authorization of the notification requires the purchaser to provide their OTP.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Green’s system with Crossley’s system, with a motivation to ensure, by the blockchain, that all transactions are immutable and cryptographically secure, which insures the transactions are not susceptible to a replay attack or a double play attack, where a malicious 3.sup.rd party attempts to reuses the OTP to authorize a malicious transaction. [Green, para. 51]

Regarding claim 6, modified Crossley teaches the system as set forth in Claim 5, but modified Crossley does not teach wherein the data recipient accesses encrypted data block of data type i generated by the IoT device from the blockchain and decrypts the encrypted data block of data type i. 
However, Green does teach wherein the data recipient accesses encrypted data block of data type i generated by the IoT device from the blockchain and decrypts the encrypted data block of data type i. [Green, para. 22 discloses to ensure security, IoT transactions should not require a user device to forgo private keys simply just to conduct a transaction. A one-time password may be used to authorize transactions on a blockchain. For example, considering IoT devices are communicating via wireless communication protocols, a one-time password that uses RFID/NFC communication protocol technology may be a secure way to securely access resources outside the network. Para. 36 discloses the blockchain base or platform may include various layers of blockchain data, services (e.g., cryptographic trust services, virtual execution environment, etc.), and underpinning physical computer infrastructure that may be used to receive and store new transactions and provide access to auditors which are seeking to access data entries. The blockchain layer may expose an interface that provides access to the virtual execution environment necessary to process the program code and engage the physical infrastructure. Cryptographic trust services may be used to verify transactions such as asset exchange transactions and keep information private. Para. 53 discloses The IoT device may then create a blockchain transaction 422, digitally sign the transaction 424, add a verifiable hash 426 to the transaction for further authorization and security purposes and forward the finalized blockchain transaction to a third party for fulfillment of the assets 428. The transaction may then be forwarded 432 to the blockchain 430 for commitment. Para 28 discloses The OTP may be a symmetric OTP which requires users of the blockchain to have the shared private key to verify the OTP when used. However, asymmetric OTPs may also be used since the peers may use a public key to verity the asymmetric OTP. (Examiner notes that the verifying of the OTP would allow access into the blockchain which would allow access to the encrypted data.)]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Green’s system with Crossley’s system, with a motivation to ensures, by the blockchain, that all transactions are immutable and cryptographically secure, which insures the transactions are not susceptible to a replay attack or a double play attack, where a malicious 3.sup.rd party attempts to reuses the OTP to authorize a malicious transaction. [Green, para. 51]

	Regarding claims 9 - 12, they recite features similar to features in claims 3 – 6, respectively, and therefore are rejected in a similar manner. 

Regarding claims 15 - 18, they recite features similar to features in claims 3 – 6, respectively, and therefore are rejected in a similar manner.

Claims 19 – 20 are rejected under 35 U.S.C. 103 as being unpatentable over US 11138170 B2 to Crossley et al., (hereafter, "Crossley") in view of WO 2018100578 A1 to Mishli et al., (hereafter, "Mishli") in further view of US 20170318360 A 1 to Tran et al., (hereinafter, “Tran”).
Regarding claim 19, modified Crossley teaches the system as set forth in Claim 1, wherein the IoT device is in a vehicle [Crossley, col. 23 lines 59 – 67 to col. 24 lines 1 – 7 discloses the QAAS system essentially serves as a global data-collection-and-query-processing system for the things referenced in the phrase “Internet of Things.” These things may be processor-controlled appliances and computer systems, including laptops, tablets, PCs, smartphones, personal computers, and other relatively high-end devices, but may also include any of a myriad of different types of machines, systems, appliances, and objects that include network-connected sensors, electronics, and/or processors that allow the objects to generate and transmit event messages. The objects may vary from clothes, furniture, and other consumer items labeled with RFID tags to automobiles, trains, airplanes, machine tools, home appliances, and many other types of objects that, as computing evolves, either already are, or soon will be, Internet-connected as a matter of course], but modified Crossley does not teach wherein data type i is odometer data.
However, Tran does teach data type i is odometer data. [Tran, para. 299 discloses the crowdsourcing data includes vehicle performance information and GPS locations of a vehicle; and wherein the vehicle data includes odometer information, speedometer information, fuel consumption information, steering information.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling date to combine Tran’s system with Crossley’s system, with a motivation to closing of a lane using the crowdsourcing data; predicting an avoidance maneuver using the crowdsourcing data; predicting a congestion with respect to a segment of the route of the at least one vehicle using the crowdsourcing data; and predicting traffic light patterns using the crowdsourcing data. [Tran, para. 51]

Regarding claim 20, it recites features similar to features in claim 19, respectively, and therefore are rejected in a similar manner

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Phuc Pham whose telephone number is (571)272-8893.  The examiner can normally be reached on Monday - Thursday 7:30 AM - 4:30 PM; Friday 8:00 AM - 12:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571)272-3811.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/P.P./Patent Examiner, Art Unit 2434   

/NOURA ZOUBAIR/Primary Examiner, Art Unit 2434