DETAILED ACTION
This office action is in reply to applicant communication filed on December 08, 2021.
 
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claims 1-20 have been presented.
Claims 1-20 are pending. 

Response to Argument
Applicant’s arguments filed on December 08, 2021 with respect to the 35 USC 102/103 rejections of independent claims have been fully considered but they are not persuasive.

Applicant’s arguments filed on October 06, 2021 with respect to the double patenting rejection have been fully considered and maintained until the proper terminal disclaimer filed by the applicant.

Applicant’s argues that the prior arts on record, Brehmer (US Pub. No. 2019/0229890) in view of Altenhofen (US Pub. No. 2018/0322489), fails to teach the limitation of independent claims, “… publishing, by the first node, one or more first blocks to a ledger associated with the plurality of nodes of the distributed ledger system, the one or more first blocks including identity data indicating an identity of user of first node…”. Examiner respectfully disagrees.

A review of the prior arts of the record (Brehmer and Ballesteros), corresponding to the above argued claim limitation reveals that part of the argued claim limitation (i.e., publishing, by the first node, one or more first blocks to a ledger associated with the plurality of nodes of the distributed ledger system) is disclosed by Brehmer’s reference as, (paragraph 89 of Brehmer, the method 900 continues with operation 904 sending, to the other node, the request for the access right by storing the request for the access right on a blockchain) and (paragraph 22 of Brehmer, a plurality of nodes can access a common blockchain when performing data object functions described herein. Though the blockchain may be accessible by two or more nodes of an embodiment, one or more data objects stored on the blockchain may be encrypted before being stored on the blockchain as one or more data blocks. This can ensure that only those nodes associated with authorized users (e.g., those nodes having appropriate access rights or public keys) can access the encrypted data objects stored on the blockchain). The second part of the argued claim limitation (i.e., the one or more first blocks including identity data indicating an identity of user of first node) is disclosed by Altenhofen’s reference as, (paragraph 81 of Altenhofen, the message routing engine 415 may further route the authorization request message 428 to the blockchain recordal engine 425 to post a decrement to the blockchain associated with the credential and the primary authorizing entity computer). 

Applicant also argued (in page 8 of the remark) that the credential in Altenhofen’s reference does not equate to the claimed identity data indicating an identity of a user of the first node. However, in paragraph 27 of Altenhofen’s reference the word “credential” disclosed to include a user name as a credential and a user name is a well know credential that indicate an identity of a user. Paragraph 27 of Altenhofen define credential as, (paragraph 27, a “credential” may comprise any evidence of authority, rights, or entitlement to privileges. For example, access credentials may comprise permissions to access certain tangible or intangible assets, such as a building or a file. In another example, payment credentials may include any suitable information associated with and/or identifying an account (e.g., a payment account and/or a payment device associated with the account). Such information may be directly related to the account or may be derived from information related to the account. Examples of account information may include an “account identifier” such as a PAN (primary account number or “account number”), an eID, a token, a subtoken, a gift card number or code, a prepaid card number or code, a user name, an expiration date ….). 

Applicant also argued that the credential disclosed in Altenhofen’s reference is not actually posted to the blockchain of Altenhofen. Examiner would point out that Altenhofen’s reference discloses the transaction processing computer 150 may access the multi-access blockchain 370 to obtain a second value associated with the first authorizing entity computer 365 and the user, the portable device 120, the credential, and/or an account identifier associated with the user. The multi-access blockchain 370 may store data representing a plurality of interactions between a plurality of authorizing entity computers and a plurality of users).

Applicant’s argues that the prior arts on record, Brehmer in view of Altenhofen, fails to teach the limitation of independent claims, “… an authorization request indicating a request to perform an operation associated with a managed service…”. Examiner respectfully disagrees.

A review of the prior arts of the record (Brehmer), corresponding to the above argued claim limitation reveals that the argued claim limitation is disclosed by Brehmer’s reference as, (paragraph 89 of Brehmer, the method 900 continues with operation 904 sending, to the other node, the request for the access right by storing the request for the access right on a blockchain).

	Applicant also argued, in page 9 of the remark, that there is no description at all in Brehmer’s reference about the claimed term “request to perform an operation associated with a managed service”. Examiner would point out that the broad but reasonable interpretation of the claim term, “request to perform an operation associated with a managed service” could be requesting any access (i.e., read, write or read and write) to the managed/protected data. This interpretation supported by Brehmer’s reference as, (paragraph 58 of Brehmer, an access right (e.g., with respect to a data object) can include, without limitation, write access, read access, deletion access, share access, or copy access).

Therefore, Brehmer in view of Altenhofen teaches the limitations of independent claims as disclosed in the previous office action.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.  A nonstatutory double patenting rejection is appropriate where the claims at issue are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO internet Web site contains terminal disclaimer forms which may be used.  Please visit http://www.uspto.gov/forms/.  The filing date of the application will determine what form should be used.  A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission.  For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.  

Claims 1-20 are rejected on the ground of non-statutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 10,681,049. Although the claims at issue are not identical, they are not patentable distinct from each other because the instant application and ‘049 are directed to a methods and systems for receiving a request to perform an operation of a managed service. 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 1-5, 7, 9-13, 15 and 17-20 are rejected under 35 U.S.C. 103 as being unpatentable over Brehmer (US Pub. No. 2019/0229890) in view of Altenhofen (US Pub. No. 2018/0322489).

	As per claim 1 Brehmer discloses:
A method performed at least partly by a first node of a plurality of nodes of a distributed ledger system, the method comprising: publishing, by the first node, one or more first blocks to a ledger associated with the plurality of nodes of the distributed ledger system, (paragraph 89 of Brehmer, the the request for the access right by storing the request for the access right on a blockchain).
The one or more first blocks including: an authorization request indicating a request to perform an operation associated with a managed service; (paragraph 89 of Brehmer, the method 900 continues with operation 904 sending, to the other node, the request for the access right by storing the request for the access right on a blockchain).
Identifying, by the first node, one or more second blocks published to the ledger by a second node of the plurality of nodes, the one or more second blocks including acknowledgment information indicating at least one of an acknowledgement of the identity of the user or an acknowledgement of the authorization request. (Paragraph 89 of Brehmer, the second node may respond by providing the first node with access rights data for the stored data object on the second node. This may be performed by the second node in a manner similar to operation 606 of the method 600 described with respect to FIG. 6) and (paragraph 74 of Brehmer, at operation 610, responsive to the authenticating being successfully, access rights data for the stored data object are provided to the other node (e.g., the second node) by storing the access rights data on the blockchain).
Brehmer teaches the method of requesting access right by storing the request for the access right on a blockchain (paragraph 89 of Brehmer) but fails to disclose:
The one or more first blocks includes an identity data indicating an identity of a user of the first node.
 However, in the same field of endeavor, Altenhofen teaches this limitation as, (paragraph 81 of Altenhofen, the message routing engine 415 may further route the authorization request message 428 to the blockchain recordal engine 425 to post a decrement to the blockchain associated with the credential and the primary authorizing entity computer).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Brehmer and include the above limitation using the teaching of Altenhofen in order to secure the communication by verifying the identifier/credential of the entity requesting to access the computer resource.



As per claim 2 Brehmer in view of Altenhofen discloses:
The method of claim 1, further comprising, in response to identifying the one or more second blocks including the acknowledgement information, performing the operation associated with the managed service. (Paragraph 92 of Brehmer, the first node may retrieve the data object from the other node based on the access rights data by the data management module 204 of the first node. The data management module 204 may receive the access rights data from the blockchain module 206, and send a request to the second node to send a copy of the data object to the first node). 

Claim 10 is rejected under the same reason set forth in rejections of claim 2:

As per claim 3 Brehmer in view of Altenhofen discloses:
The method of claim 2, further comprising publishing, by the first node, one or more third blocks to the ledger, the one or more third blocks indicating an operation history of the first node with respect to the managed service, the operation history including an indication of the operation. (Paragraph 94 of Brehmer, the information may be collected from a first user associated with the first node. At operation 1008, the updated form resulting by operation 1006 is stored on the blockchain as the electronic form. As a result, operation 1006 may replace the existing version of the electronic form on the blockchain, or alternatively add a new version of the electronic form on the blockchain). 

Claim 11 is rejected under the same reason set forth in rejections of claim 3:

As per claim 4 Brehmer in view of Altenhofen discloses:
The method of claim 1, further comprising, prior to publishing the one or more first blocks, receiving, at the first node, a request to perform the operation associated with the managed service. (Paragraph 87 of Brehmer, where an advisor user of the first node initiated collection of information from a client user of a second node, a subject matter expert (SME) admin of the first node may subsequently retrieve the electronic form as stored on the blockchain and review the client user's one or more response to the electronic form). 

Claim 12 is rejected under the same reason set forth in rejections of claim 4:

As per claim 5 Brehmer in view of Altenhofen discloses:
The method of claim 4, wherein: the managed service comprises a cloud service provider; and the request to perform the operation comprises a request for the first node perform a cloud services operation associated with the cloud service provider. (Paragraph 34 of Brehmer, a client user's node may be supported by a data collection system 124 that is on-premise with respect to the client user, and a subject matter expert (WE) user's node may be supported by a data collection system 124 that is hosted on a cloud-based computer platform). 

Claim 13 is rejected under the same reason set forth in rejections of claim 5:

As per claim 7 Brehmer in view of Altenhofen discloses:
The method of claim 1, wherein the distributed ledger system comprises a permissioned distributed ledger accessible by an authorized entity associated with the managed service. (Paragraph 22 of Brehmer, as an electronic ledger, the blockchain may comprise a distributed ledger that may be accessed by two or more nodes). 

Claim 15 is rejected under the same reason set forth in rejections of claim 7:

As per claim 17 Brehmer discloses:
A method performed at least partly by a first node of a plurality of nodes of a distributed ledger system, the method comprising: identifying, by the first node, one or more first blocks published by a second node to a ledger associated with the plurality of nodes of the distributed ledger system, the request for the access right by storing the request for the access right on a blockchain).
The one or more first blocks including: an authorization request indicating a request by the second node to perform an operation associated with a managed service; (paragraph 89 of Brehmer, the method 900 continues with operation 904 sending, to the other node, the request for the access right by storing the request for the access right on a blockchain).
Publishing, by the first node, one or more second blocks to the ledger, the one or more second blocks including acknowledgment information indicating at least one of an acknowledgement of the identity of the user or an acknowledgement of the authorization request. . (Paragraph 89 of Brehmer, the second node may respond by providing the first node with access rights data for the stored data object on the second node. This may be performed by the second node in a manner similar to operation 606 of the method 600 described with respect to FIG. 6) and (paragraph 74 of Brehmer, at operation 610, responsive to the authenticating being successfully, access rights data for the stored data object are provided to the other node (e.g., the second node) by storing the access rights data on the blockchain).
Brehmer teaches the method of requesting access right by storing the request for the access right on a blockchain (paragraph 89 of Brehmer) but fails to disclose:
The one or more first blocks includes an identity data indicating an identity of a user of the second node.
However, in the same field of endeavor, Altenhofen teaches this limitation as, (paragraph 81 of Altenhofen, the message routing engine 415 may further route the authorization request message 428 to the blockchain recordal engine 425 to post a decrement to the blockchain associated with the credential and the primary authorizing entity computer).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Brehmer and include the above limitation using the teaching of Altenhofen in order to secure the communication by verifying the identifier/credential of the entity requesting to access the computer resource.


The method of claim 17, further comprising verifying the identity data as being a verified managing entity associated with the managed service. (Paragraph 149 of Brehmer, at operation 2174, the user requesting verification of a transaction (hereafter, the verifying user) authenticates herself or himself by the authentication module 212. At operation 2176, the authentication module 212 informs the API module 228 that the user authentication was successful. In response, at operation 2184, the API module 228 provides the authentication module 2.12 with audit data to be verified by the authentication module 212).

As per claim 19 Brehmer in view of Altenhofen discloses:
The method of claim 17, further comprising publishing, by the first node, one or more third blocks to the ledger, the one or more third blocks indicating an operation history of the first node with respect to the managed service, the operation history including an indication of the operation. (Paragraph 94 of Brehmer, the information may be collected from a first user associated with the first node. At operation 1008, the updated form resulting by operation 1006 is stored on the blockchain as the electronic form. As a result, operation 1006 may replace the existing version of the electronic form on the blockchain, or alternatively add a new version of the electronic form on the blockchain).

As per claim 20 Brehmer in view of Altenhofen discloses:
The method of claim 17, wherein: the managed service comprises a cloud service provider; and the request to perform the operation comprises a request for the second node perform a cloud services operation associated with the cloud service provider. (Paragraph 34 of Brehmer, a client user's node may be supported by a data collection system 124 that is on-premise with respect to the client user, and a subject matter expert (WE) user's node may be supported by a data collection system 124 that is hosted on a cloud-based computer platform).

Claims 6, 8, 14 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Brehmer (US Pub. No. 2019/0229890) in view of Altenhofen (US Pub. No. 2018/0322489) and further in view of Sanders (US Pub. No. 2018/0365691).

As per claim 6:
The combination of Brehmer and Altenhofen teaches the method of requesting access right by storing the request for the access right on a blockchain (paragraph 89 of Brehmer) but fails to disclose:
The method of claim 1, wherein each block of the distributed ledger system is accessible for a period of time specified in each respective block.
However, in the same field of endeavor, Sanders teaches this limitation as, (paragraph 35 of Sanders, the fact that transactions on the identity ledger can expire, reduces the amount of transactions that the identity ledger node has to check, thus speeding up the verification process, as opposed to the computational intensive block chain verification process).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Brehmer and Altenhofen to include the above limitation using the teaching of Sanders in order to reduce the amount of transactions that the identity ledger nod has to check and speed up the verification process.

Claim 14 is rejected under the same reason set forth in rejections of claim 6:

As per claim 8:
The combination of Brehmer and Altenhofen teaches the method of requesting access right by storing the request for the access right on a blockchain (paragraph 89 of Brehmer) but fails to disclose:
The method of claim 1, wherein the one or more first blocks and the one or more second blocks of the distributed ledger system are accessible for a period of time specified in each respective block.
However, in the same field of endeavor, Sanders teaches this limitation as, (paragraph 35 of Sanders, the fact that transactions on the identity ledger can expire, reduces the amount of transactions that the identity ledger node has to check, thus speeding up the verification process, as opposed to the computational intensive block chain verification process) and (paragraph 51 of Sanders, all identity ledger entries except the identity creation entry 500 can expire after a predetermined amount of time, such as 6 months. The expiration of identity ledger entries increases the accuracy of identity verification by avoiding using an expired identity verification).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Brehmer and Altenhofen to include the above limitation using the teaching of Sanders in order to reduce the amount of transactions that the identity ledger nod has to check and speed up the verification process.

Claim 16 is rejected under the same reason set forth in rejections of claim 8: 

Conclusion
The prior art made or record and not relied upon is considered pertinent to applicant’s disclosure is Lemay (US Pub. No. 2018/0248885). Lemay discloses the methods and systems for receiving a request from an subject to perform an operation between a first object and second object where the first object belongs to a first set of domains and the second object belongs to a second set of domain.

THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to TESHOME HAILU whose telephone number is (571)270-3159. The examiner can normally be reached M-F 8 a.m. - 5 p.m..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571) 272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/TESHOME HAILU/Primary Examiner, Art Unit 2434