DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Applicant's arguments filed 4 March 2022 have been fully considered but they are not persuasive. 
Regarding the aspect “at each node that stores…”, applicant claims Simons does not disclose the blocks containing access level information and making a determination regarding the user access level, but the cited portion of Simons [0057] and [0076] specifically state that “the access code is evaluated with the blockchain of block entries”, showing that the blocks are indeed making the determination. As a blockchain, the results of decisions are always decided by consensus, so data platform 410 is merely the central point which the decisions made by the blocks are collected. Since “410 represents any computing system or systems capable of hosting a blockchain application” (Simons [0070]) then really 410 can be any node in the blockchain, or multiple of them.
As noted above, Simons clearly has the blocks doing the work – as applicant notes the miners validate the hash in the block – so by definition the process is using the consensus method which is the cornerstone of distributed ledger systems, such as the one described by Simons, and the one laid out by the claimed invention. The cited 
Regarding the argued distinction between “each node that stores the access level block corresponding to the user” and “all nodes in a blockchain”, examiner points out that the language “each node” is very specifically NOT “only each node”, and as such if Simons generates a consensus using every node then it by extension is including “each node that stores the access level block corresponding to the user”. Additionally, even if one doesn’t take that important distinction into account, Simons does describe using only a subset of nodes (Simons [0071] “In some embodiments, data platform can dynamically select which servers 420-422 are authorized to store the data. For example, companies or governments may have geographical restrictions, encryption standards, network security standards, or other restrictions on the server nodes on which the blockchain is stored. Data platform 410 can therefore manage the logistics of dynamically selected servers based on these restrictions.”).
Regarding claim 3, Simons clearly allows for users to set access levels, if authorized (Simons [0013] “an auditing functionality can be integrated into a user interface that would give a user (e.g., the with the click of a virtual button) the ability to allow all information or some information (e.g., column, format, section, etc.) private, public, and limited access. […] In some embodiments, a password, password with two-party authenticator, three-party authenticator, multiple signature, or the like would be a part of a decentralized application (DApp) powered by the blockchain that would enable a user to submit, add or attach information going into a blockchain.”). Thus, Simons shows setting the classification level of data, and since it can be a “marker” that is used 
Regarding claim 4, Simons clearly stores access level data in blocks (Simons [0053] “When a block entry 140-142 is added, the initial line of the entry that typically includes the hash of previous blocks and a time stamp may be amended to include information regarding the data categories within the entry, access level for each data portion, access restrictions, or the like. For example, some embodiments may create an index and/or access level information that stored within the block entry.”), and Simons also clearly shows where data not stored in all nodes (Simons [0071] “In some embodiments, data platform can dynamically select which servers 420-422 are authorized to store the data.”, Simons [0072] “In this example scenario, each portion of data (Product, Buyer, and Price) have been separately recorded into a different block and in a separate blockchain 430-432.”). The main crux of the applicant’s argument here is whether Simons teaches that these two subsets of the whole set of nodes are different. Simons also teaches that it is (Simons [0043] “In a further example, the blockchain of block entries requested by the plurality of users from the user devices is maintained by maintaining a separate block entry for the one or more data portions associated with each of the access levels.”). This shows that the access levels can be a different subset of nodes than the data being controlled is being stored on.
Applicant also argues that this does not occur on a “permissioned blockchain”, but Simons allows for the entire blockchain to be “a combination of private, public, and hybrid blockchains” (Simons [0007]).
Regarding claim 8, Simons clearly shows using physical location when determining user access (Simons [0111] “For example, the security level of the requests document or location may require additional multiple validations (e.g., password and hardware device, biometrics, location verification, PINs, passwords, etc.).”).
The applicant’s arguments having been addressed but found unpersuasive, the previously given rejection of claims 1-9, and 12-20 under 35 U.S.C. 102 and claims 10-11 under 35 U.S.C. 103 remain.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1-9, 12-20 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Simons US PG Pub 20190281066 A1.
Regarding claims 1 and 17, Simons teaches communicating a transaction to each node in a permissioned blockchain that stores an access level block corresponding to a user that is associated with the transaction (Simons [0033] “Additionally, each block contains the data, the hash of the current block, and the hash of the previous block. The blockchain may also store additional details about the transaction in the block, such as the username initiating the transaction, other usernames of parties associated with the transaction, a timestamp, executable code, among other information that relates to the transaction.”); at each node that stores the access level block corresponding to the user that is associated with the transaction, making a real-time determination as to whether the user has requisite security credentials for the transaction (Simons [0057] “In a next operation, the access code is evaluated with the blockchain of block entries to identify one or more data portions associated with the access level (step 203).”, Simons [0076] “Data platform 410 then authorizes the entry (e.g., miners validate the hash in the block) (step 502). If the block is not validated, the transaction (block entry 401) is rejected (step 503).”); in response to generating a consensus among each node that stores the access level block corresponding to the user that is associated with the transaction, providing an approval for the transaction (Simons [0057] “However, if the block is accepted, each of the portions of data is evaluated for an access level and added to a block in each of blockchains 430-432 based on the identified access level (step 504).”); and storing, at each access level block in the permissioned blockchain that is associated with the transaction, cryptographic details of the transaction as a nanoblock in the blockchain (Simons [0057] “In a next operation, the access code is evaluated with the blockchain of block entries to identify one or more data portions associated with the access level (step 203). The access code may be designated to the user based on a user status, such as a government employee, package delivery employee, bank manager, etc. The access code may be determined based on an encrypted code (e.g., a private key or hash) given to user which is associated with an access level or data portion.”).
Regarding the additional aspect of claim 17, Simons teaches a processor-readable storage medium, having stored thereon processor-executable code that, upon execution by at least one processor, enables actions (Simons [0125] “Computer executable instructions and data may be stored in memory (e.g., registers, cache memory, random access memory, flash, etc.) which is accessible by processors. These stored instruction codes (e.g., programs) may engage the processor components, motherboard and/or other system components to perform desired operations.”).
Regarding claims 2, 13, and 18, Simons teaches wherein the transaction is a request as to whether the user has requisite security credentials to view particular information (Simons [0109] “In this example scenario, Sue is authorized to view each of the names of the players and the bet amounts since the names and bet amounts are accessible to the public. Sue is also allowed private access to her own funds amount and rank. However, Sue does not have access to the available funds and rank of the other players. As can be seen in the customized view displayed on mobile device 1430, Sue views authorized data portions 1440 and is blocked from viewing unauthorized data portions 1441.”).
Regarding claim 3, Simons teaches wherein the transaction is a request as to whether the user has requisite security credentials to mark particular information as classified (Simons [0013] “an auditing functionality can be integrated into a user interface that would give a user (e.g., the with the click of a virtual button) the ability to allow all information or some information (e.g., column, format, section, etc.) private, public, and limited access. […] In some embodiments, a password, password with two-party authenticator, three-party authenticator, multiple signature, or the like would be a part of a decentralized application (DApp) powered by the blockchain that would enable a user to submit, add or attach information going into a blockchain.”).
Regarding claim 4, Simons teaches wherein the access level blocks stored in the permissioned blockchain include an access level block for each user, and an access level block for each security clearance level including a first security clearance level, wherein a first subset of the nodes in the permissioned blockchain store the access level block for the user, a second subset of the nodes in the permissioned blockchain store the access level block for the first security clearance level, and wherein the second subset is different from the first subset (Simons [0053] “When a block entry 140-142 is added, the initial line of the entry that typically includes the hash of previous blocks and a time stamp may be amended to include information regarding the data categories within the entry, access level for each data portion, access restrictions, or the like.”, Simons [0007] “Moreover, various encryption schemes and access levels can be associated with individual portions of the data to ensure privacy where needed or wanted while granting access when necessary.”).
Regarding claim 5, Simons teaches wherein each of the access level blocks is a database (Simons [0003] “Unlike previous database structures, the blockchain database is maintained by a multitude of independent nodes spread across a large distributed network.”, Simons [0007] “Moreover, various encryption schemes and access levels can be associated with individual portions of the data to ensure privacy where needed or wanted while granting access when necessary.”), and wherein the access level blocks stored in the permissioned blockchain include an access level block for at least one of a defined group, a defined object, a defined trigraph security marking, a defined codeword, a defined physical location, a defined labeling control requirement, or a defined access control requirement (Simons [0110] “FIG. 15 illustrates an alternative operational architecture in an implementation of a data access system capable of providing a customized view of restricted or sensitive data recorded into a blockchain. As illustrated in FIG. 15, users 1510A-1510N can use various electronic devices to request access to a document, electronic record, physical location (e.g., safe, room, building, area, etc.), or information.”).
Regarding claim 6, Simons teaches wherein the cryptographic details of the transactions stored on the nanoblock are undeletable except by a role-based administrator account that has just-in-time access (Simons [0114] “When the system identifies confidential information, the system would next evaluate the access and clearance. If for example, the person requesting the data had a higher access/clearance than an administrator, then the information would be automatically sent.”) that requires simultaneous verification by at least two designated people to use (Simons [0013] “In some embodiments, a password, password with two-party authenticator, three-party authenticator, multiple signature, or the like would be a part of a decentralized application (DApp) powered by the blockchain that would enable a user to submit, add or attach information going into a blockchain.”).
Regarding claims 7 and 15, Simons teaches wherein the requisite security credentials include at least a requisite clearance level for the transaction (Simons [0077] “If the access code associated with the requesting user is determined to be permissive, a customized view will be generated for the requesting user indicating Product and Price from block entry 401 (step 508). If the access code associated with the requesting user is determined to be private, a customized view will be generated for the requesting user indicating all portions of the data from block entry 401 (i.e., Product, Buyer, and Price) (step 509).”).
Regarding claims 8, 16, and 20, Simons teaches wherein the requisite security credentials further include a requisite physical location of the user for the transaction (Simons [0110] “FIG. 15 illustrates an alternative operational architecture in an implementation of a data access system capable of providing a customized view of restricted or sensitive data recorded into a blockchain. As illustrated in FIG. 15, users 1510A-1510N can use various electronic devices to request access to a document, electronic record, physical location (e.g., safe, room, building, area, etc.), or information.”).
Regarding claim 9, Simons teaches wherein the permissioned blockchain has, for each access level block in the permissioned blockchain, at least two nodes that each store a copy of the access level block (Simons [0053] “When a block entry 140-142 is added, the initial line of the entry that typically includes the hash of previous blocks and a time stamp may be amended to include information regarding the data categories within the entry, access level for each data portion, access restrictions, or the like. For example, some embodiments may create an index and/or access level information that stored within the block entry.”).
Regarding claim 12, Simons teaches at each node in a permissioned blockchain that stores the access level block corresponding to the user that is associated with a transaction, verifying, in real time, whether the user has requisite security credentials for the transaction (Simons [0049] “In operation, blockchain network 101 maintains blockchain 120 of block entries requested by a plurality of users from user devices, wherein the block entries each comprise a plurality of portions that are each associated with an access level (step 201).”, Simons [0053] “When a block entry 140-142 is added, the initial line of the entry that typically includes the hash of previous blocks and a time stamp may be amended to include information regarding the data categories within the entry, access level for each data portion, access restrictions, or the like.”); upon achieving a consensus among a determined number of nodes that store the access level block corresponding to the user that is associated with the transaction, generating an approval for the transaction (Simons Fig 5, Simons [0076] “Block entry 401 is requested by a user from a user device in the distributed network of nodes and contains the data portions. Data platform 410 then authorizes the entry (e.g., miners validate the hash in the block) (step 502).”); and storing, at each access level block in the permissioned blockchain that is associated with the transaction, cryptographic details of the transaction as a nanoblock in the access level block (Simons [0057] “In a next operation, the access code is evaluated with the blockchain of block entries to identify one or more data portions associated with the access level (step 203). The access code may be designated to the user based on a user status, such as a government employee, package delivery employee, bank manager, etc. The access code may be determined based on an encrypted code (e.g., a private key or hash) given to user which is associated with an access level or data portion.”).
Regarding claims 14, and 19, Simons teaches wherein the permissioned blockchain has, for each access level block in the permissioned blockchain, at least two nodes that each store a copy of the access level block (Simons [0077] “Data platform 410 then evaluates the access code in the request with each of blockchains 430-432 maintaining each of the separate block records for each of the data portions (step 506).”).  

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Simons US PG Pub 20190281066 A1 as applied to claim 1 above, and further in view of Cecchet, et al. (Emmanuel Cecchet, George Candea, and Anastasia Ailamaki. 2008. Middleware-based database replication: the gaps between theory and practice. In Proceedings of the 2008 ACM SIGMOD international conference on Management of data (SIGMOD '08). Association for Computing Machinery, New York, NY, USA, 739-752.
Regarding claim 10, Simons does not teach the actions further including, keeping each access level block in the permissioned blockchain the same as each other copy of access level block in the permissioned blockchain based on secure asynchronous replication of each access level block. Cecchet, et al. teach the actions further including, keeping each access level block in the permissioned blockchain the same as each other copy of access level block in the permissioned blockchain based on secure asynchronous replication of each access level block (Cecchet, et al. pg. 3 (labeled pg. 741), col 2, lines 28-31 "Replicating data asynchronously between sites, possibly by interconnecting middleware replication solutions, usually involves both data partitioning and multi-way master/slave replication").
Before the effective filing date, it would have been obvious to one of ordinary skill in the art combining Simons with Cecchet, et al., that in order to asynchronously maintain matching node data, they would combine the asynchronous data replication from Cecchet, et al. with the distributed ledger from Simons.

Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over Simons US PG Pub 20190281066 A1 as applied to claim 1 above, and further in view of Han, et al. (Y. S. Han, R. Zheng and Wai Ho Mow, "Exact regenerating codes for Byzantine fault tolerance in distributed storage," 2012 Proceedings IEEE INFOCOM, Orlando, FL, 2012, pp. 2498-2506, doi:
Regarding claim 11, Simons does not teach the actions further including, in response to a failed node, replacing the failed node with a replacement node, and, for each access level block in the failed node, creating a copy of the access level block on the replacement node based on a copy of the access level block in the permissioned blockchain. Han, et al. teaches the actions further including, in response to a failed node, replacing the failed node with a replacement node, and, for each access level block in the failed node, creating a copy of the access level block on the replacement node based on a copy of the access level block in the permissioned blockchain (Han, et al., pg. 7, col 2, paragraph 2, lines 15-18, "Data regeneration will fail if the helper cannot obtain the correct CRC checksum even when the number of failed nodes is less than the maximum number of faults the RS [Reed-Solomon] code can handle."). Node correction has been a staple of distributed ledgers since their inception, including regeneration of node data upon detecting a Byzantine fault (the kind most applicable to permissioned blockchains).
Before the effective filing date, it would have been obvious to one of ordinary skill in the art combining Simons with Han, et al., that in order to repair failed nodes, they would combine the data regeneration from Han, et al. with the distributed ledger from Simons.

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ERICH ALEXANDER FISCHER whose telephone number is (571)272-2891. The examiner can normally be reached Mon-Thu 8:00-5:00, Fri 10:00-2:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, TONY MAHMOUDI can be reached on (571) 272-4078. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ERICH ALEXANDER FISCHER/Examiner, Art Unit 2163                                                                                                                                                                                                        


/TONY MAHMOUDI/Supervisory Patent Examiner, Art Unit 2163