DETAILED ACTION
Claims 1, 4-14, 17-18, and 21-26 are allowed.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Joseph Schmidt (Reg. No. 36920) on December 20, 2021.
The application has been amended as follows: 

IN THE SPECIFICATION:
	Please amend the paragraph beginning on page 1, line 10 as follows: 
Surveys claim that about 55 percent of online adults are multi-device users and about 35 percent of these users own 3-4 devices.  When the credentials (e.g., account username and/or account password) for an application are updated from one of the devices owned by the user, the access to the application from their other devices would fail until they manually authenticate their access with the new credentials.  Also, if the credentials are modified from an unknown source, the user’s information can be misused or the user may completely loose access to their own information.


Turning now to FIG. 6, a scenario 600 is depicted where a device in a private blockchain network for multiple user devices has no active user, according to an illustrative embodiment.  As shown, assume user 602 uses device 604, user 606 uses device 608, user 610 uses device 612, but device 614 has no active user or is otherwise not accessible.  Then, the initiator for the new block, e.g., user 610 on device 612, can approve on behalf of device 614 by, e.g., remotely entering (615) the login credentials of device 614.  The remote login only validates the credentials entered for device 614 and does not allow application access from device 614.  Other methods of approving on behalf of device 614 include using a link provided in an email notification sent by the rule engine module 620, and entering [[a]] an OTP sent by the rule engine module 620.  The rule engine module 620 identifies the device (614) that does not have an active user and prompts the initiator (610/612) or any other configured device to approve the request by entering the device credentials.


IN THE CLAIMS:
	1. (Currently amended) A method comprising:
	obtaining an indication of a proposed modification of an access credential, the proposed modification being generated at a device of a set of two or more devices that are part of a secure private network, wherein the access credential is commonly used by the set of two or more devices; 
	causing notification of the proposed modification of the access credential to be presented to other devices of the set of two or more devices;
	obtaining an acceptance or a rejection of the proposed modification from at least a subset of the other devices of the set of two or more devices; and
	causing the access credential to be modified for each device of the set of two or more devices when the proposed modification of the access credential is accepted by at least [[a]] the subset of the other devices of the set of two or more devices;
	wherein the steps are performed by a processing device comprising a processor operatively coupled to a memory.  

	2. (Canceled) 

3. (Canceled) 

4. (Currently amended) The method of claim [[3]] 1, wherein the secure private network comprises a blockchain network such that each device of the set of two or more devices correspond to a node of the blockchain network.   

5. (Original) The method of claim 4, wherein one or more of indications, proposed modifications, acceptances, rejections and modifications are securely stored and accessible as blocks via the blockchain network.

6. (Original) The method of claim 1, wherein acceptance and rejection of the proposed modification of the access credential is based on a rule set.  


a rule specifying [[the]] a maximum number of devices permitted in the secure private network;
a rule specifying a priority with respect to the set of two or more devices in the secure private network;
a rule specifying one or more acceptance criteria for when the proposed modification of the access credential is accepted; and
a rule specifying a frequency limit associated with modification of the access credential.  

8. (Currently amended) The method of claim 7, wherein the one or more acceptance criteria comprises assigning an acceptance weightage value to each device in the set of two or more devices.  

9.  The method of claim 8, wherein the acceptance weightage of at least one of the devices is different than the acceptance weightage of at least another of the devices.  

10. (Currently amended) The method of claim 6, wherein the rule set is configurable to allow limited acceptance by a first device in the set of two or more devices that has an active user on behalf of a second device in the set of two or more devices that has no active user by one or more of: entering a login credential of the second device; using a link provided in an email notification; and entering a one-time password.

11. (Original) The method of claim 6, wherein the rule set is configured to be modifiable based on approval of at least a subset of the set of two or more devices.  

12. (Original) The method of claim 1, wherein the access credential is commonly used by the set of two or more devices to gain access to one of an application, a service and a system.  



14. (Currently amended) An apparatus comprising:
a processing device having a processor operatively coupled to a memory and configured to:
obtain an indication of a proposed modification of an access credential, the proposed modification being generated at a device of a set of two or more devices that are part of a secure private network, wherein the access credential is commonly used by the set of two or more devices; 
	cause notification of the proposed modification of the access credential to be presented to other devices of the set of two or more devices;
	obtain an acceptance or a rejection of the proposed modification from at least a subset of the other devices of the set of two or more devices; and
	cause the access credential to be modified for each device of the set of two or more devices when the proposed modification of the access credential is accepted by at least [[a]] the subset of the other devices of the set of two or more devices.  
	
	15. (Canceled) 

16. (Canceled) 

17. (Currently amended) The apparatus of claim [[16]] 14, wherein the secure private network comprises a blockchain network such that each device of the set of two or more devices correspond to a node of the blockchain network.   

18.(Currently amended)  An article of manufacture comprising a non-transitory processor-readable storage medium having stored therein program code of one or more software programs, wherein the program code when executed by at least one processing device causes the at least one processing device to perform steps of:

	causing notification of the proposed modification of the access credential to be presented to other devices of the set of two or more devices;
	obtaining an acceptance or a rejection of the proposed modification from at least a subset of the other devices of the set of two or more devices; and
	causing the access credential to be modified for each device of the set of two or more devices when the proposed modification of the access credential is accepted by at least [[a]] the subset of the other devices of the set of two or more devices;

	19. (Canceled) 

20. (Canceled) 

21. (New) The apparatus of claim 14, wherein the processing device is further configured to accept and reject the proposed modification of the access credential based on a rule set.  

22. (New) The apparatus of claim 21, wherein the rule set comprises one or more of: 
a rule specifying a maximum number of devices permitted in the secure private network;
a rule specifying a priority with respect to the set of two or more devices in the secure private network;
a rule specifying one or more acceptance criteria for when the proposed modification of the access credential is accepted; and
a rule specifying a frequency limit associated with modification of the access credential.  

23. (New) The apparatus of claim 21, wherein the rule set is configurable to allow limited acceptance by a first device in the set of two or more devices that has an active user on behalf of a second device in the set of two or more devices that has no active user by one or more of: entering 

24. (New) The article of claim 18, wherein the at least one processing device is further configured to perform the step of:
accepting and rejecting the proposed modification of the access credential based on a rule set.  

25. (New) The article of claim 24, wherein the rule set comprises one or more of: 
a rule specifying a maximum number of devices permitted in the secure private network;
a rule specifying a priority with respect to the set of two or more devices in the secure private network;
a rule specifying one or more acceptance criteria for when the proposed modification of the access credential is accepted; and
a rule specifying a frequency limit associated with modification of the access credential.  

26. (New) The article of claim 24, wherein the rule set is configurable to allow limited acceptance by a first device in the set of two or more devices that has an active user on behalf of a second device in the set of two or more devices that has no active user by one or more of: entering a login credential of the second device; using a link provided in an email notification; and entering a one-time password.

	 
REASONS FOR ALLOWANCE
The following is an examiner’s statement of reasons for allowance: The primary reason for the allowance of the claims is the inclusion of the limitation, inter alia, “obtaining an indication of a proposed modification of an access credential, the proposed modification being generated at a device of a set of two or more devices that are part of a secure private network, wherein the access credential is commonly used 
The following is considered to be the closest prior art of record:
Google (NPL “Sync Passwords across Your Devices”) – teaches synchronizing passwords across multiple devices using a cloud password save. However, this does not require an acceptance on multiple devices to modify a credential.
Han (US 2010/0095356) – teaches credential synchronization between devices. However, this does not require an acceptance on multiple devices to modify a credential.
Reimer (US 2020/0187004) – teaches synchronizing encrypted credentials between devices. However, this does not require an acceptance on multiple devices to modify a credential.
Perez Lafuente (US 2017/0148009) – teaches notifying the user that the time settings of the user’s device is incorrect and suggesting the settings to be synchronized with the time settings of the mobile telephone network in order to perform authentication based on the timestamp authentication credential.
Wilson (US 2018/0083826) – teaches notifying the user through an email that the user’s password has been changed.
Law (US 2007/0130463) – teaches synchronizing one time passwords between users.
Melliere (US 2018/0006883) – teaches notifying the user of credential updates.
However, the concept of requiring an acceptance on multiple devices to modify a credential as claimed cannot be found in the prior art of record.
None of the prior art of record, either taken by itself or in any combination, would have reasonably anticipated or made obvious the invention of the present application at or before the time it was effectively filed. The concepts and features, as claimed, are considered to be a non-obvious combination of limitations not taught in the prior art. Therefore, claims 1, 4-14, 17-18, and 21-26 are considered to be allowable.
According to MPEP 1302.14 (I): “In most cases, the examiner’s actions and the applicant’s replies make evident the reasons for allowance, satisfying the “record as a whole” proviso of the rule. This is particularly true when applicant fully complies with 37 CFR 1.111 (b) and (c) and 37 CFR 1.133(b). Thus, where the examiner’s actions clearly point out the reasons for rejection and the applicant’s reply explicitly presents reasons why claims are patentable over the reference, the reasons for allowance are in all probability evident from the record and no statement should be necessary.”
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOHN B KING whose telephone number is (571)270-7310.  The examiner can normally be reached on Monday-Friday 10AM-6PM EST.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 5712728878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/John B King/
Primary Examiner, Art Unit 2498