Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to Application No. 16/708,630 filed on 12/10/2019.
Claims 1-16 have been examined and are pending in this application.
Claim Objections
Claims 2-4, 8-12, and 16 are objected to because of the following informalities:  
Regarding claim 2, claim 2 limitation “transmitting, by the transmitter of the node, the external identifier and device identifier to an active directory system,” should end with a semicolon instead of a comas.
Appropriate corrections are required.
Regarding claims 3-4, 8-12, and 16, claims 3-4, 8-12, and 16 are rejected under similar rational as claim 2.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claims 9 -16 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. 
Regarding claim 9, claim 9 line 22 recites the limitation “the transmitter of the node”. The claim does not have a previous recitation of “a transmitter of the node”. The claim previously introduces the elements of “a transmitter” in line 15 and as a result, lacks proper antecedent basis. For example, a lack of clarity could arise where a claim refers to "said lever" or “the lever”, where the claim contains no earlier recitation or limitation of a lever and as a result, it would be unclear as to what element the limitation was making reference to (MPEP 2173.05(e) [R-07.2015]). Appropriate corrections to “the transmitter of the node” is required to ensure proper claim interpretation.
Regarding claims 10-16, Claims 10-16 are rejected as being dependent of claim 9. 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claims 1, 6-8, 9, 14-16 are rejected under 35 U.S.C. 103 as being unpatentable over Wang (W.O Patent Application 2019027445 A1) and further in view of Nishijima (W.O Patent Application 2018111295 A1).
Regarding claim 1, Wang teaches the method of claim 1, a method for protection of data transfers for internet of things devices using a blockchain, comprising (Wang: [0073] Embodiments provide a method for securely sharing private data between a group of network-enabled devices.”):
receiving, by a receiver of a node in a blockchain network, a data message from an internet of things (IoT) device, the data message being formatted according to an IoT messaging protocol and including at least a device identifier associated with the IoT device and encrypted data (Wang: Para [0015], [0019] “Network nodes can include devices and servers capable of receiving and/or sending data.” [0020] “domain name servers 120 may further be connected to public blockchain 140, which may be a public database of immutable records that is distributed to several nodes” Para [0029-0034] teaches the IOT messaging protocol and the device identifier (public key) Para [0034] “Once the data message comprising the metadata and encrypted private data has been generated, the data message may be sent to the one or more nodes of the distributed database system”);
generating, by a processor of the node, a new block, where the new block includes a block header and one or more data values, the one or more data values including the received data message and the block header including at least a timestamp, a block reference value, and a data reference value based on the one or more data values (Wang: Para[0032-0033][0039] fig 2A-2B, “During an action performed by an IOT device, a data block may be generated, such as data block 101 N,” Para[0040-0042] “The immutable blocks may further comprise headers, such as header 141 , 142, and 143, which may comprise timestamps and links to previous blocks,”);
receiving, by the receiver of the node, a data request from an external device, the data request including at least an external identifier associated with the external device (Wang: Para[0036], [0045] External device (IOT device 102) “the second IOT device 102 may generate an access request for the private data submitted by first IOT device 101. The access request may comprise an identifier for first IOT device 101 and an identifier for second IOT device 102. In one embodiment, the identifiers may be the public keys and/or network addresses of the devices. Once the access request has been received by the one or more nodes of the distributed database system, the requested data may be located and retrieved.”);
verifying, by the node, permission of the external device to access the encrypted data based on at least the external identifier and the device identifier (Wang: Para [0037] “In an embodiment, the one or more nodes may compare the permissions data to the identifier of second IOT device 102.”);
and transmitting, by the transmitter of the node, the encrypted data to the external device (Para [0037] “the one or more nodes may provide the encrypted private data and metadata thereof to second IOT device 102.”).
Wang does not explicitly teach transmitting, by a transmitter of the node, the generated new block to one or more additional nodes in the blockchain network.
However, in an analogous art, Nishijima teaches transmitting, by a transmitter of the node, the generated new block to one or more additional nodes in the blockchain network (Nishijima: Para [0041], [0051-0054, fig.3 “the master node forwards the information from the node configuration information data structure 216 for the first consensus node 102(1) to the other consensus nodes 102(2), 102(3) and 102(4).” Para [0057] “as indicated at 314, with each added block including the node information for a different one of the consensus nodes 102(1)- 102(4) participating in the consensus system.”);
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Nishijima into the method of Wang to include transmitting, by a transmitter of the node, the generated new block to one or more additional nodes in the blockchain network because the decentralized peer-to-peer nature will help prevent any single user or group of users from controlling the underlying infrastructure or undermining the integrity of the system (Nishijima: Para. [0035]). 
Regarding claim 6, Wang in view of Nishijima teaches wherein the data message further includes a digital signature (Nishijima Para [0028] [0072] [0085] “the data structure 900 may include a public key of a contract participant, which may serve as identification information of the contract participant, and which may further serve as a digital signature for the contract participant in some examples”).
Regarding claim 7, Wang in view of Nishijima teaches validating, by the processor of the node, the digital signature prior to generating the new block (Nishijima Para [0039], [0086] “the consensus nodes 102 may verify that the smart contract is signed before executing the smart contract. In some examples, the digital signature 124 may be included in the auditing information for a transaction executed using the smart contract 120.”).
Regarding claim 8, Wang in view of Nishijima teaches storing, in a memory of the node, a public key of a cryptographic key pair associated with the device identifier ( Nishijima Para[0068] “the block body 408 for the block 324 includes smart contract information 412, such as the smart contract code 414 (or at least a hash of the smart contract source code), and smart contract participant IDs 416, such as names, contact information, etc., of the smart contract participants, public keys, or other identifying information.”), wherein the digital signature is validated using the public key (Para [0086] “The public key 906 may be used by the consensus node to decrypt the source code hash.”).
Regarding claim 9, Wang teaches the system of claim 9, a system of protection of data transfers for internet of things devices using a blockchain, comprising (Wang: [0027] FIG. 1 “shows a system for exchanging private data between devices”):
A blockchain network (Wang: [0027] FIG. 1 “In addition, domain name servers 120 may further be connected to public blockchain 140, which may be a public database of immutable records that is distributed to several nodes.”):
An internet of thing (IOT) device (fig.1, para [0027] IOT Device 101):
An external device (fig. 1, IOT Device 102):
And a node in the blockchain network, where the node includes (fig.1, para [0027] “System 100 may comprise domain name servers 120 connected to one or more nodes of a distributed database system, such as first node 131 , second node 132, and nth node 133. The one or more nodes may be capable of communicating over a network”):
a receiver of a node configured to receive a data message from the IoT device, the data message being formatted according to an IoT messaging protocol and including at least a device identifier associated with the IoT device and encrypted data (Wang: Para [0015], [0019] “Network nodes can include devices and servers capable of receiving and/or sending data.” [0020] “domain name servers 120 may further be connected to public blockchain 140, which may be a public database of immutable records that is distributed to several nodes” Para [0029-0034] teaches the IOT messaging protocol and the device identifier (public key) Para [0034] “Once the data message comprising the metadata and encrypted private data has been generated, the data message may be sent to the one or more nodes of the distributed database system”);
a processor configured to generate a new block, where the new block includes a block header and one or more data values, the one or more data values including the received data message and the block header including at least a timestamp, a block reference value, and a data reference value based on the one or more data values (Wang: Para[0039] fig 2A-2B, “During an action performed by an IOT device, a data block may be generated, such as data block 101 N,” Para[0040-0042] “The immutable blocks may further comprise headers, such as header 141 , 142, and 143, which may comprise timestamps and links to previous blocks,”);
wherein the receiver of the node is further configured to receive a data request from an external device, the data request including at least an external identifier associated with the external device (Wang: Para [0036], [0045] External device (IOT device 102) “the second IOT device 102 may generate an access request for the private data submitted by first IOT device 101. The access request may comprise an identifier for first IOT device 101 and an identifier for second IOT device 102. In one embodiment, the identifiers may be the public keys and/or network addresses of the devices. Once the access request has been received by the one or more nodes of the distributed database system, the requested data may be located and retrieved.”);
the node is configured to verify permission of the external device to access the encrypted data based on at least the external identifier and the device identifier (Wang: Para [0037] “In an embodiment, the one or more nodes may compare the permissions data to the identifier of second IOT device 102.”);
and the transmitter of the node is further configured to transmit the encrypted data to the external device (Para [0037] “the one or more nodes may provide the encrypted private data and metadata thereof to second IOT device 102.”).
Wang does not explicitly teach a transmitter configured to transmit the generated new block to one or more additional nodes in the blockchain network.
However, in an analogous art, Nishijima teaches a transmitter configured to transmit the generated new block to one or more additional nodes in the blockchain network (Nishijima: Para [0041], [0051-0054] fig.3 “the consensus system is started and a genesis block 306 is generated to start generation of the blockchain 112. The genesis block 306 is the first block in the blockchain 112 and has a block height (i.e., sequential block number) of "0". All of the consensus nodes 102(1)- 102(4) share the genesis block 306”);
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Nishijima into the system of Wang to include a transmitter configured to transmit the generated new block to one or more additional nodes in the blockchain network because the decentralized peer-to-peer nature will help prevent any single user or group of users from controlling the underlying infrastructure or undermining the integrity of the system (Nishijima: Para. [0035]). 
Regarding claim 14, claim 14 is rejected under the same rational as claim 6.
Regarding claim 15, claim 15 is rejected under the same rational as claim 7.
Regarding claim 16, claim 16 is rejected under the same rational as claim 8.
Claims 2 -3 and 10 -11 are rejected under 35 U.S.C. 103 as being unpatentable over Wang (W.O Patent Application 2019027445 A1), in view of Nishijima (W.O Patent Application 2018111295 A1), and further in view of Georgiadis et al. (U.S Patent Application 20180137512 A1).
Regarding claim 2, Wang in view of Nishijima teaches the independent claim 1.
Wang in view of Nishijima does not explicitly teach wherein verifying permission of the external device includes transmitting, by the transmitter of the node, the external identifier and device identifier to an active directory system, and receiving, by the receiver of the node, a verification result from the active directory system, where the verification result indicates successful verification of the permission of the external device.
However, in an analogous art, Georgiadis et al. teaches wherein verifying permission of the external device includes transmitting, by the transmitter of the node, the external identifier and device identifier to an active directory system (Para [0149-150] [0164] “the user device sends 404 the collected information, including one or more of the recipient identifier, information identifier, user credentials, and user answers and one or more of an electronic address or other identifier of the user device and an identifier of an application, to the verification system over a secure channel using a cryptographic system.”),
and receiving, by the receiver of the node, a verification result from the active directory system, where the verification result indicates successful verification of the permission of the external device (Para [0164] [0270]“The verification system forwards the consent or permission to the target device to enable execution of the software or access of the media. Alternatively, the information provider system sends the consent or permission directly to the target device and a notification of same to the verification system and optionally the user device.”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teaching of Gorgiadis et al. into the modified method of Wang to include transmitting, by the transmitter of the node, the external identifier and device identifier to an active directory system, and receiving, by the receiver of the node, a verification result from the active directory system, where the verification result indicates successful verification of the permission of the external device because it can enable secure, low-risk, and low-cost transaction mechanisms to exchange restricted information between first and second persons or devices. (Gorgiadis et al.: Para. [0049]).
Regarding claim 3, Wang in view of Nishijima teaches the independent claim 1.
Wang in view of Nishijima does not explicitly teach wherein verifying permission of the external device includes transmitting, by the transmitter of the node, the device identifier to an active directory system, receiving, by the receiver of the node, a list of identifiers associated with the device identifier from the active directory system, and verifying, by the processor of the node, that the external identifier is included in the received list of identifier.
However, in an analogous art, Georgiadis et al. teaches wherein verifying permission of the external device includes transmitting, by the transmitter of the node, the device identifier to an active directory system (Para [0135] [272] fig. 10B “sends an attribute request and a blockchain address verification request from verifier 1020 (or information provider 636 or target device 102) to principal 1002 (or one of user or user device 102). The attribute request and blockchain address verification request typically includes a token and list of keys, each corresponding to a part of the principal's identity.”), 
receiving, by the receiver of the node, a list of identifiers associated with the device identifier from the active directory system (Para[0272] “the principal (or the user or user device) sends, by a public or private channel, her public electronic address, a signature of the token using the public electronic address and the private key, a list of attribute values corresponding to the received keys, and a list of secret salts used for hashing the keys and the values in a blockchain address verification reply from principal 1002”), 
and verifying, by the processor of the node, that the external identifier is included in the received list of identifier (Para [0272] “wherein verifier 1020 (or information provider 636 or target device 102) verifies the hashes of the secret salts and attributes.”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teaching of Gorgiadis et al. into the modified method of Wang to include wherein verifying permission of the external device includes transmitting, by the transmitter of the node, the device identifier to an active directory system, receiving, by the receiver of the node, a list of identifiers associated with the device identifier from the active directory system, and verifying, by the processor of the node, that the external identifier is included in the received list of identifier because it can enable secure, low-risk, and low-cost transaction mechanisms to exchange restricted information between first and second persons or devices. (Gorgiadis et al.: Para. [0049]).
Regarding claim 10, claim 10 is rejected under the same rational as claim 2.
Regarding claim 11, claim 11 is rejected under the same rational as claim 3.
Claims 4-5 and 12-13 are rejected under 35 U.S.C. 103 as being unpatentable over Wang (W.O Patent Application 2019027445 A1), in view of Nishijima (W.O Patent Application 2018111295 A1), and further in view of Padmanabhan (U.S Patent Application 20200374106 A1).
Regarding claim 4, Wang in view of Nishijima teaches the independent claim 1.
Wang in view of Nishijima does not explicitly teach wherein verifying permission of the external device includes storing, in a memory of the node, a list of identifiers associated with the device identifier, and verifying, by the processor of the node, that the external identifier is included in the received list of identifiers.
However, in an analogous art, Padmanabhan teaches wherein verifying permission of the external device includes storing, in a memory of the node, a list of identifiers associated with the device identifier (Para [0531] fig. 11 A-C “store the data on the blockchain where the object and metadata will include the owning entity UUID or similar identifier and a set of indicators to identify the object, record, field or similar component of the data that is designated as private (Block 1103).”), 
and verifying, by the processor of the node, that the external identifier is included in the received list of identifiers (Para [0535] fig. 11C “after the private data is stored in the blockchain, then any node that seeks to service a request to access the protected data (Block 1131) makes an initial check of the UUID of the requestor and/or identification information of the requested data against the forgotten UUID/data list”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teaching of Padmanabhan into the modified method of Wang to include wherein verifying permission of the external device includes storing, in a memory of the node, a list of identifiers associated with the device identifier, and verifying, by the processor of the node, that the external identifier is included in the received list of identifiers  because it will provide a layer of encryption and data security for the stored data (Padmanabhan: Para. [0340]).
Regarding claim 5,  the modified Wang teaches wherein the list of identifiers is stored in an earlier block in a blockchain that includes the generated new block (Padmanabhan para [00533] “These encrypted shared secrets are stored as metadata for the associated transaction data upon consensus for committing the transaction to the blockchain”).
Regarding claim 12, claim 12 is rejected under the same rational as claim 4.
Regarding claim 13, claim 13 is rejected under the same rational as claim 5.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
 US-20200112555-A1: Apparatus, methods, and computer products for secure access credentials management.
US-20200042971-A1: System and method for transaction account based micro-payments
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LYDIA L NOEL whose telephone number is (571)272-1628. The examiner can normally be reached Monday - Friday 9:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on (571) 272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/L.L.N./Examiner, Art Unit 2437  
                                                                                                                                                                                                      /KRISTINE L KINCAID/Supervisory Patent Examiner, Art Unit 2437