DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is in response to communication filed 11/15/2021. Claims 1-20 remain pending.

Response to Amendment
In response to amendments, objections with respect to claims 2-3, 5, 7, 9-10, 12-13, 15, 17 and 19-20 are withdrawn.
In response to amendments, the 35 U.S.C. 112(b) rejection per claims 1 and 11 is withdrawn.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 10/22/2021 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Response to Arguments
Applicant’s arguments, see Remarks: pages 12-15, filed 11/15/2021, with respect to newly amended claims 1 and 11 have been fully considered and are persuasive.  The 35 U.S.C. 103 rejection of claims 1-20 has been withdrawn. 

Terminal Disclaimer
Approval of the Terminal Disclaimer filed 12/02/2021 is acknowledged. The filed TD avoids a DP rejection over the co-pending non-provisional Application No. 17/396,404.

Examiner’s Note
Per claims 1 and 11, the recited limitation “prohibits … the protocol from substantively accessing tokenized data information…” is equivalent to “prohibits … the protocol from accessing substance of tokenized data information…”.

EXAMINER’S AMENDMENT
An Examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to Applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this Examiner’s Amendment was given in a telephone interview with Mr. Steven G. Parmelee (Registration No. 28,790) on 11/30/2021. 

Amendments to the Claims:
This listing of claims will replace all prior versions and listing of the claims in the application.
Listing of Claims:


by a coordinating network element that manages a protocol: 
receiving, via the network and from a requesting network element comprising one of: 
- 	a network element that is acting within an attestor role; and 
- 	at least one secondary network element that is acting within a requestor role, a protocol-compliant request regarding data information comprising at least one of: 
- 	at least one reference[[d]] to a data content, as representative of a content of the data information; 
- 	at least one reference to a data type; 
- 	a reference to an entity; and 
- 	data information associated with an entity; 
wherein the protocol prohibits the coordinating network element that manages the protocol from substantively accessing tokenized data information corresponding to a tokenization of at least part of the data information that, at least in part, underlies the protocol-compliant request; 
wherein when the requesting network element is the network element that is acting within the attestor role, the method further comprises: 
facilitating, at least in part via the protocol, as an attestor authorization operation, authorizing the requesting network element to make at least part of the tokenized data information asynchronously available for data-based processing wherein the tokenized data information is sourced via the requesting network element and wherein when, as a sourcing operation, the tokenized data information is sourced as indirect data, the sourcing operation entails derivation of the data information associated with[[-]] an entity from data received by the 
wherein when the requesting network element is a secondary network element of the at least one secondary network element that is acting within the requestor role, the method further comprises: 
facilitating, at least in part via the protocol, as a requestor authorization operation, authorization of the secondary network element to process the tokenized data information previously sourced from [[an]] another requesting network element, wherein an identity of the another requesting network element is blinded from the secondary network element.
	
3. (Currently amended) The method of claim 2 wherein the corroboration of the data content against the data content that was previously attested to comprises, at least in part, as the sourcing operation, sourcing the tokenized data information from the requesting network element, as [[a]] the secondary network element of the at least one secondary network element that is acting within the requestor role, wherein when the tokenized data information is sourced as indirect data the sourcing operation entails derivation of the data information associated with the entity from data received by the requesting network element from the entity as the initial data source.

7. (Currently amended) The method of claim 5 wherein the content comprises stored values that are configured to serve as at least one of: 
which is used to transfer the data content, that represent at least one of ciphertext and cryptographic parameters generated by the requesting network element acting within the attestor role; and 
at least one of cryptographic parameters and metadata that are applied together with data to configure comparison tokens, which is used to corroborate the data content, such that a determination is made regarding whether there is a match of comparison tokens representing candidate data processed by the requesting network element, as [[a]] the secondary network element of the at least one secondary network element that is acting within the requestor role, using the stored values against comparison tokens representing a result of processing data contributed by the requesting network element acting within the attestor role.

9. (Currently amended) The method of claim 2 wherein the requestor authorization operation comprises, at least in part, generation of verifiable permissions that advise at least one relayer that the requesting network element, as [[a]] the secondary network element of the at least one secondary network element that is acting within the requestor role, is authorized to retrieve from relayer-accessible storage, in plaintext or encrypted form, content comprising at least one of cryptographic parameters, data, and metadata.

10. (Currently amended) The method of claim 1 wherein the tokenized data information comprises tokens that are generated using at least one secret 


a network interface; 
a control circuit configured as a coordinating network element that manages a protocol by: 
receiving via the network interface and from a requesting network element comprising one of: 
- 	a network element that is acting within an attestor role; and 
-	at least one secondary network element that is acting within a requestor role
- 	at least one reference to a data content, as representative of a content of the data information; 
- 	reference[[d]] data type; 
- 	at least one reference to an entity; and 
- 	data information associated with an entity; 
wherein the protocol prohibits the coordinating network element that manages the protocol from substantively accessing tokenized data information corresponding to a tokenization of at least part of the data information that, at least in part, underlies the protocol-compliant request; 
wherein when the requesting network element is the network element that is acting within the attestor role, the apparatus is further configured to facilitate, at least in part via the protocol, as an attestor authorization operation, authorizing the requesting network element to make at least part of the tokenized data information asynchronously available for data-based processing wherein the tokenized data information is sourced via the requesting network element and wherein when, as a sourcing operation, the tokenized data information is sourced as indirect data, the sourcing operation entails derivation of the data information associated with an entity from data received by the requesting network element from the entity as an initial data source, and wherein an identity of each of the at least one secondary network element that is acting within the requestor role is blinded from the requesting network element; and 
wherein when the requesting network element is a secondary network element of the at least one secondary network element that is acting within the requestor role, the apparatus is further configured to facilitate, at least in part via the protocol, as a requestor authorization operation, authorization of the secondary network element to process the tokenized data information previously sourced from [[an]] another requesting network element, wherein an identity of the another requesting network element is blinded from the secondary network element.

13. (Currently amended) The apparatus of claim 12 wherein the corroboration of the data content against the data content that was previously attested to comprises, at least in part, as the sourcing operation, sourcing the tokenized data information from the requesting network element, as [[a]] the secondary network element of the at least one secondary network element that is acting within the requestor role, wherein when the tokenized data information is sourced as indirect data the sourcing operation entails derivation of the data information associated with the entity from data received by the requesting network element from the entity as the initial data source.

17. (Currently amended) The apparatus of claim 15 wherein the content comprises stored values that are configured to serve as at least one of: 
decryption tokens, which is used to transfer the data content, that represent at least one of ciphertext and cryptographic parameters generated by the requesting network element acting within the attestor role; and 
at least one of cryptographic parameters and metadata that are applied together with data to configure comparison tokens, which is used to corroborate the data content, such that a determination is made regarding whether there is a match of comparison tokens representing candidate data processed by the requesting network element, as [[a]] the secondary network element of the at least one secondary network element that is acting within the requestor role, using the stored values against comparison tokens representing a result of processing data contributed by the requesting network element acting within the attestor role.

19. (Currently amended) The apparatus of claim 12 wherein the requestor authorization operation comprises, at least in part, generation of verifiable permissions that advise at least one relayer that the requesting network element, as [[a]] the secondary network element of the at least one secondary network element that is acting within the requestor role is authorized to retrieve from relayer-accessible storage, in plaintext or encrypted form, content comprising at least one of cryptographic parameters, data, and metadata.

20. (Currently amended) The apparatus of claim 11 wherein the tokenized data information comprises tokens that are generated using at least one secret 

Allowable Subject Matter
The following is Examiner's statement of reasons for allowance: 
An updated search of the claimed invention after all amendments indicates the following as closest prior arts reviewed:

“Preserving Smart Objects Privacy through Anonymous and Accountable Access Control for a M2M-Enabled Internet of Things” by Department of Information and Communications Engineering, Computer Science Faculty, University of Murcia (Murcia hereinafter): Murcia discloses Anonymous Credential Systems, such as Idemix which is based on the Camenisch-Lysyanskaya (CL) signature scheme and allows to prove the possession of a signature while avoiding the disclosure of underlying messages, or even the signature itself, by using zero-knowledge proofs. Idemix operates with two main protocols: First, the issuance protocol is used by the recipient to obtain a credential from the issuer. During this process, the recipient selects a master secret key that will be encoded into every credential. The recipient computes a cryptographic message with the set of attributes, which are signed by the issuer and included in the credential. Second, the proving protocol is initiated by the prover in order to prove the possession of a certain credential to the verifier entity, without revealing the credential itself. For this purpose, the prover creates a cryptographic proof by defining a proof specification (following a XML-based language), which is sent to the verifier. It contains a proof of the CL-signature possession, which ensures that the prover holds a credential that was signed by the issuer. Furthermore, Idemix allows an entity to generate pseudonyms that demonstrate the possession of its master secret. During the proving protocol, the proof generated by the subject proves to the target the knowledge of the secret associated to a pseudonym, as well as the fact that such a pseudonym is based on the user’s master secret key. Then, the prover computes a challenge using a hash function, by considering the context and the computed proofs, i.e., the CL proof and the pseudonym proof, as an input. The prover computes random t-values, it get a challenge c, and finally it computes a response s-values to prove knowledge of α. Then, the target entity (verifier) computes the s-values that are hashed and compared against c.

Resch (US2020/0067707A1) discloses that the requester seeking to access a key sends an Oblivious Key Access Request (OKAR) to a KMS unit, the request can include any one or more of: a. a requester identifier; b. a root key identifier (e.g., additional information to reference a specific OPRF key, e.g., a specific OPRF secret); c. a blinded input B (e.g., B=BlindingFunction(sub-key identifier)); d. authenticating information (e.g., credentials such as a password, a token, a response to a challenge, a signature, a digital certificate, etc.); e. A challenge to the KMS unit (for the KMS unit to prove its identity or correctness of operation) 3.  The KMS unit performs validation of the request…If a challenge was provided by the requester to the KMS unit, the KMS unit generates a response to the challenge. The KMS unit returns a response to the requester including the blinded sub-key and a challenge if one was generated.  The requester validates the response to the challenge (if provided), and if it is valid, proceeds to unblind the sub-key using the appropriate function to unobscure the blinded sub-key and recover the OPRF output. The requester uses the OPRF output as the key or to derive a key and then may perform encryption or decryption operations with that key. In this manner, the KMS unit no longer sees the keys, and if the KMS unit cannot determine, predict, or guess the original unblinded sub-key identifiers, it has no capacity to determine any of the keys the requester receives.

The closest prior arts reviewed and of record, alone or in combination, fail to disclose the claimed invention as a whole recited in claim 1, similarly stated in each of claim 11, because, among other features, claim 1 recites:

“…a coordinating network element that manages a protocol: 
receiving, via the network and from a requesting network element comprising one of: 
	a network element that is acting within an attestor role; and 
	at least one secondary network element that is acting within a requestor role, a protocol-compliant request regarding data information … wherein the protocol prohibits the coordinating network element that manages the protocol from substantively accessing tokenized data information corresponding to a tokenization of at least part of the data information that, at least in part, underlies the protocol-compliant request; 
wherein when the requesting network element is the network element that is acting within the attestor role, the method further comprises: 
facilitating, at least in part via the protocol, as an attestor authorization operation, authorizing the requesting network element to make at least part of the tokenized data information asynchronously available for data-based processing wherein the tokenized data information is sourced via the requesting network element and wherein when, as a sourcing operation, the tokenized data information is sourced as indirect data the sourcing operation entails derivation of the data information associated with an entity from data received by the requesting network element from the entity as an initial data source, and wherein an identity of each of the at least one secondary network element that is acting within the requestor role is blinded from the requesting network element; and 
wherein when the requesting network element is a secondary network element of the at least one secondary network element that is acting within the requestor role, the method further comprises: 
facilitating, at least in part via the protocol, as a requestor authorization operation, authorization of the secondary network element to process the tokenized data information previously sourced from another requesting network element, wherein an identity of the another requesting network element is blinded from the secondary network element”. 

As such, claims 1-20 are allowed.

Conclusion
Any comments considered necessary by Applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.” 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to AREZOO SHERKAT whose telephone number is (571)272-8533. The examiner can normally be reached Monday - Friday 8:30-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on 571 - 272 - 3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/AREZOO SHERKAT/Examiner, Art Unit 2434