DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is in response to communication filed on January 03, 2022.
Status of claim within the present application:
Claims23 – 52 are pending.
Claims 23 – 24, 28 – 29, 33 – 34, 38 – 39, 43 – 44, and 48 – 49 are amended

Response to Arguments
Applicant’s remarks and amendments submitted on January 03, 2022 for application 16/828,003 have been considered and are persuasive. Therefore, the previous claim rejections have been withdrawn.
Allowable Subject Matter
Claims 23 – 52 are allowed, but they are to be renumbered as claim 1 – 30. The following is an examiner’s statement of reasons for allowance: the following prior arts were yielded during examination of the claims filed on January 03, 2022 in response to office action mailed on August 20, 2021. They do not explicitly teach the applicant’s claimed invention, but they are in general realm of applicant’s field of endeavor:
Antar et al. [US 20200218795 A1]: This is considered closet prior art to the present application that has methodology and technology for authorizing users and/or devices. An example method may comprise receiving, from a user device, a request to access a function associated with a service account. The request may comprise an identifier of the user device. The example method may comprise determining, based on the identifier, a primary authority holder 
Antar does discloses the generation of the new private distributed ledger and/or the storing the record indicating the new device on the distributed ledger associated with the primary authority holder may enable a secondary authority holder to be securely added to the account and authorized for to access settings, features, and/or services associated with the account. The first distributed ledger may comprise a first set of one or more records 408a, b, n (e.g., blocks). The first set of one or more records 408a, b, n may comprise information indicative of administrative rights and/or permissions for users and/or devices associated with the first distributed ledger. Each record of the first set of one or more records 408a, b, n may comprise zero, one, or more records. Each record may comprise information indicative of administrative rights and/or permissions relating to a single user and/or a single device. Records will be discussed in more detail in reference to FIG. 5 below. The first set of one of more records 408a, b, n may be stored and/or created on the first distributed ledger by a node 110 of FIG. 1 performing a proof protocol. The second distributed ledger may comprise a second set of one or more records 418a, b, n. The second set of one or more records 418a, b, n may comprise information indicative of administrative rights and/or permissions for users and/or devices associated with the second distributed ledger. Each record of the second set of one or more records 418a, b, n may comprise 

Mukherjee et al. [US 20160259936 A1]: This prior art discloses methodology for granting a token to authenticate a user requesting access to an application in a domain is disclosed. The method includes receiving a response from an identity (ID) provider in a second domain responsive to a first request from a user to access an application provided by an application server in a first domain, the response indicating the authenticity of the user in the second domain, randomly selecting a first key and a second key from a key store, generating a secret by randomly permuting the first key and the second key, generating a signature by signing user information associated with the user using the secret, generating an authentication token including the signature, determining whether the authentication token is valid, and responsive to determining that the authentication token is valid, granting access to the first application to the user based on the authentication token.
Mukherjee does discloses the login module 203 determines that the received request is a fresh request and sends the fresh request to the ID provider 109. The fresh request is a login request from a user for accessing one of the application servers 105a, 105n in an internal domain 

Kumar [US 20180288031 A1]: This prior art discloses methodology and technology for a secure identity framework has been designed that leverages a host device as a data collection point for four properties of a digital identity profile anchored to the collection point device, and uses the digital identity profile for multi-factor authentication. A public key infrastructure key exchange is conducted for secure identity framework members corresponding to collection and access of data of the digital identity profile. Subsequently, each application participating in the secure identity framework (“participant application”) acts as a certifying authority in additional, distinct PKI key exchanges. Based on the key exchanges, the secure identity framework locally generates application specific token sets based on the digital identity profile for authentication and authorization. The secure identity framework secures exchange of data among hardware and software components of the device with secured application programming interfaces (APIs). 
Kumar does discloses the xToken 225 may evolve as the application 229 grants more permission since the initial permission set 227 will likely be an initial minimum permission set. As additional permissions are added (or based on removal of a permission), the token generator 109 will compute a hash with the new permission set and generate a new version of the xToken 225. In some cases, the token generator 109 can generate additional xTokens to reflect changes to the permission set. The downstream authorization process can determine the appropriate permissions based on the aggregate of permissions indicated across the multiple xTokens. The token generator 109 can also indicate an expiration date in each of the tokens. The token generator 109 can be programmed to define the expiration date with variation across tokens or limited to particular ones of the tokens (e.g., xTokens). As with the token to key mapping/correspondence, an application's digital certificate can indicate an expiration date or time to live for the keys as a group or individually. Tokens may expire as a consequence of the corresponding keys expiring. In other words, a token may not explicitly expire but expiration of a key pair can prevent decrypting of a token.

Winklevoss et al. [US 10325257 B1]: This prior art discloses methodology for securely storing digital assets using a secure portal are disclosed. Using an isolated computer within an electronic isolation chamber, a plurality of digital asset accounts may be generated, and one or more private keys and a digital asset account identifier corresponding to each of the digital asset accounts may be obtained. A respective reference identifier may be associated with each digital asset account. At least one of the one or more private keys corresponding to each digital asset 
Winklevoss does discloses associating, using the computer system, each of the plurality of private key segments with a respective reference identifier; (vi) creating, using the computer system, one or more cards for each of the encrypted plurality of private key segments wherein each of the one or more cards has fixed thereon one of the encrypted plurality of private key segments along with the respective associated reference identifier; and (vii) tracking, using the computer system, storage of each of the one or more cards in one or more vaults. Administrator and/or custodian using the trust computer system may use the retrieved private key segments to reassemble the private keys. In embodiments, this may be performed by decrypting the private key segments and reassembling the segments into a complete private key. The retrieved private key segments may be scanned using key reader 40, and decrypted (as necessary) using decryption software on the isolated computer 30 as part of the trust computer system, and combined and associated with the corresponding public key to regenerate a trust wallet. The trustee, administrator, and/or custodian using the trust computer system may decrypt the private key segments, reassemble the key segments into full keys, and/or reverse any cipher that was previously applied. In embodiments, these sub-steps of step S208′ may be performed in any order which will result in a properly reassembled private key. In embodiments, they are performed in the reverse order of the steps used to secure and store the keys. In embodiments, the key segments are decrypted first, then reassembled into a complete key, then deciphered. The complete deciphered key may then be used to access and/or transact using a digital wallet. The trust computer system may identify and/or correlate the one or more private keys with the 

Conley et al. [US 20210073212 A1]: This prior art discloses methodology and technology for a scalable and computationally light approach to validating blockchains called the Catastrophic Dissent Mechanism (CDM). CDM uses anonymous actors who are free to join and leave the system as they please. The mechanism gives all actors strong incentives to behave honestly, both as individuals, and as members of coalitions who might benefit in compromising the integrity of the blockchain. As a result, CDM offers users Strategically Provable Security (SPS). CDM provides a foundation to create an ecosystem of federated chains which can share heterogeneous tokens using different business logic. As a result, new instances of chains can be created to serve as inexpensive, scalable platforms for a wide variety of blockchain applications and to provide a path for existing instances to be upgraded or altered without the use of hard forks or breaking the rule that code is law.
Conley does discloses the first node receives an initial block of the blockchain (e.g. a genesis block). The initial block defines a plurality of rules (e.g. in the smart contracts as described herein) including: rules to establish and maintain an identification of the validating nodes; rules to communicate between the validating nodes; rules to process transactions by the validating nodes. Rules to process transactions by the validating nodes; and rules responsive to results of processing the transactions to: update respective instances of the current ledger 
However, none of the prior arts of record independently or in-combination discloses all the limitation of the independent claims 23, 33, and 43 as recited in the amended set of claims being examined.
Therefore, the independent claims are allowable over the prior arts of record. The dependent claims being definite, further limiting, and fully enabled by the specification are also allowed by virtue of their dependence on the independent claims.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Phuc Pham whose telephone number is (571)272-8893. The examiner can normally be reached Monday - Thursday 7:30 AM - 4:30 PM; Friday 8:00 AM - 12:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/P.P./Patent Examiner, Art Unit 2434                                                                                                                                                                                                        /KAMBIZ ZAND/Supervisory Patent Examiner, Art Unit 2434