DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is in response to application filed 07/04/2020. Claims 1 – 8 have been filed.
Priority
	This application is a continuation of 15/963,711 filed 04/26/2018, now patent No. 10742397.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp .

Claims 1 - 8 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1 – 8 of U.S. Patent No. 10742397 (Reference Patent). Although the claims at issue are not identical, they are not patentably distinct from each other because claims 1 – 8 of the Reference Patent anticipate the instant claims 1 – 8 as shown below for the first claim set.

Claim #
Instant Application
Reference Patent (10742397)
Claim #
1-8
1.A method for enabling a decryption of a data package encrypted with a symmetric key, comprising: 

transmitting a data record comprising the data package encrypted with the symmetric key to a blockchain, by a data generator; 

transmitting an assignment record to the blockchain, by an authorizer, said assignment record asserting ownership of the data package produced by the data generator to a data owner; 


transmitting a plurality of permission records to the blockchain, by the data owner, each permission record of the plurality of permission records granting permission to one of each of a plurality of data receivers to access the data package produced by the data generator; 

verifying, by the data generator, that the assignment record is digitally signed by the authorizer and that each permission record of the plurality of permission records is digitally signed by the data owner; 





on successful verification, releasing the symmetric key, 72 by the data generator, to the plurality of data receivers; 

retrieving from the blockchain, by one or more of the plurality of data receivers, the data record comprising the data package; and decrypting the data package using the symmetric key, by one or more of the plurality of data receivers.

2. The method of claim 1, wherein the data record comprises a pointer to a location of a further data, said further data encrypted with the symmetric key, and stored on one or more of: a computer server, a database, a file system, and a removable computer data storage medium.  


3. The method of claim 1, wherein the symmetric key is used by the data generator to encrypt a plurality of data packages, transmitted to the blockchain as a plurality of data records over a period of time.  

4. The method of claim 1, further comprising a plurality of authorizers and a plurality of assignment records, wherein each of the plurality of authorizers transmits a corresponding assignment record from the plurality of assignment records to the blockchain, each corresponding assignment record asserts ownership of the data record by the data owner, and further73 comprising: 

verifying, by the data generator, that a number of the plurality of assignment records totals above a predetermined number; and 


verifying, by the data generator, that each of the number of the plurality of assignment records is digitally signed by a corresponding one of the plurality of authorizers.  

5. A plurality of network connected devices, each comprising: one or more processors, and storage media comprising computer instructions, said plurality of network connected devices being connectible via a network to each other, arranged such that when computer instructions are executed on the one or more processors of one or more of the plurality of network connected devices, operations are caused for enabling a decryption of a data package encrypted with a symmetric key, comprising: 



transmitting to a blockchain by a first of the plurality of network connected devices a data record comprising the data package encrypted with a symmetric key; 




transmitting to the blockchain by a second of the plurality of network connected devices an assignment 74 record, said assignment record asserting ownership of the data package to a third of the plurality of network connected devices; 



transmitting to the blockchain by the third of the plurality of network connected devices a plurality of permission records, each permission record of the plurality of permission records granting permission to one of each of a second plurality of network connected devices to access the data package; 


verifying, by the first of the plurality of network connected devices, that the assignment record is digitally signed by the second of the plurality of network connected devices and that each permission record of the plurality of permission records is digitally signed by the third of the plurality of network connected devices; 





on successful verification, releasing the symmetric key, by the first of the plurality of network connected devices, to the second plurality of network connected devices; 

retrieving from the blockchain, by one or more of the second plurality of network connected devices, the data 75 record comprising the data package; and 


decrypting the data package using the symmetric key by one or more of the second plurality of network connected devices.  



6. The plurality of network connected devices of claim 5, wherein the data package produced by the first of the plurality of network connected devices comprises a pointer to a location of further data, said further data encrypted with the symmetric key by the first of the plurality of network connected devices, and stored on one or more of: a computer server, a database, a file system, and a removable computer data storage medium.  

7. The plurality of network connected devices of claim 5, wherein the symmetric key is used by the first of the plurality of network connected devices to encrypt a plurality of data packages, said plurality of data packages transmitted to the blockchain over a period of time.  



8. The plurality of network connected devices of claim 5, further comprising a third plurality of network connected devices and a plurality of assignment records, wherein each one of the third plurality of network connected devices transmits a corresponding assignment record from the plurality76 of assignment records to the blockchain, each corresponding assignment record asserts ownership of the data package by the third of the plurality of network connected devices, and further comprising: 




verifying, by the first of the plurality of network connected devices, that a number of the plurality of permission records totals above a predetermined number; and

 verifying, by the first of the plurality of network connected devices, that each of the number of the plurality of assignment records is digitally signed by a corresponding one of the third plurality of network connected devices.
 
1.A method for enabling a decryption of a data package
encrypted with a symmetric key, comprising:

transmitting a data record comprising the data package
encrypted with the symmetric key to a blockchain, by a data generator;

transmitting a plurality of assignment records to the blockchain, by a plurality of authorizers, said assignment
records asserting ownership of the data package produced by the data generator to a data owner;

transmitting a permission record to the blockchain, by the data owner, said permission record granting permission to a data receiver to access the data package produced by the data generator;




verifying, by the data generator, that a number of the plurality of assignment records totals above a predetermined number, that each of the number of the plurality of assignment records is digitally signed by a corresponding one of the plurality of authorizers, and that the permission record is digitally signed by the data owner;


on successful verification, releasing the symmetric key, by
the data generator, to the data receiver;

retrieving from the blockchain, by the data receiver, the data record comprising the data package; and decrypting, the data package using the symmetric key, by
the data receiver.


2. The method of claim 1, wherein the data record comprises a pointer to a location of a further data, said
further data encrypted with the symmetric key, and stored on
one or more of: a computer server, a database, a file system, and a removable computer data storage medium.


3. The method of claim 1, wherein the symmetric key is
used by the data generator to encrypt a plurality of data
packages, transmitted to the blockchain as a plurality of data
records over a period of time.

4. The method of claim 1, further comprising a plurality of data owners and a plurality of permission records, wherein each of the plurality of data owners transmits a corresponding permission record from the plurality of permission
records to the blockchain, each corresponding per-mission record asserts permission to access a content of the data record by the data receiver, and further comprising:

verifying, by the data generator, that a number of the
plurality of permission records totals above a predetermined
number; and

verifying, by the data generator, that each of the number
of the plurality of permission records is digitally signed
by a corresponding one of the plurality of data owners. 

5. A plurality of network connected devices, each comprising:
one or more processors, and storage media comprising
computer instructions, said plurality of network
connected devices being connectible via a network to each
other, arranged such that when computer instructions are
executed on the one or more processors of a one or more of
the plurality of network connected devices, operations are caused for enabling a decryption of a data package
encrypted with a symmetric key, comprising:

transmitting to a blockchain, by a first of the plurality of network connected devices, a data record comprising the data package produced by the first of the plurality of network connected devices and encrypted with a
symmetric key;

transmitting to the blockchain, by a second plurality of network connected devices, a plurality of assignment records assigning ownership of the data package produced by the first of the plurality of network connected
devices to a third of the plurality of network connected devices;

transmitting to the blockchain, by a second of the plurality
of network connected devices, a permission record
granting permission to a third of the plurality of network
connected devices to access the data package
produced by the first of the plurality of network connected
devices;

verifying, by the first of the plurality of network connected
devices, that a number of the plurality of assignment records totals above a predetermined number, that each of the number of the plurality of assignment records is digitally signed by a corresponding one of the second plurality of network connected devices, that and the permission record is digitally signed by the
second of the plurality of network connected devices; 

on successful verification, releasing the symmetric key, by the first of the plurality of network connected devices, to the third of the plurality of network connected devices;

retrieving from the blockchain, by the third of the plurality of network connected devices, the data record comprising the data package produced by the first of
the plurality of network connected devices; 

decrypting using the symmetric key, by the third of the plurality of network connected devices, the data package produced by the first of the plurality of network connected devices. 

6. The plurality of network connected devices of claim 5,
wherein the data package produced by the first of the
plurality of network connected devices comprises a pointer
to a location of further data, said further data encrypted with
the symmetric key by the first of the plurality of network connected devices, and stored on a one or more of: a computer server, a database, a file system, and a removable computer data storage medium.

7. The plurality of network connected devices of claim 5,
 wherein the symmetric key is used by the first of the plurality of network connected devices to encrypt a plurality of data packages produced by the first of the plurality of network connected devices, said plurality of data packages transmitted to the blockchain over a period of time.

8. The plurality of network connected devices of claim 5,
further comprising a third plurality of network connected devices forming a subset of the plurality of network connected devices and a plurality of permission records, wherein each one of the third plurality of network connected devices transmits a corresponding permission record from the plurality of permission records to the blockchain, each
corresponding permission record asserts permission to access a content of the data record produced by the first of the plurality of network connected devices by the third of the
 plurality of network connected devices, and further comprising: 

verifying, by the first of the plurality of network connected
devices, that a number of the plurality of permission records totals above a predetermined number; and 

verifying, by the first of the plurality of network connected
devices, that each of the number of the plurality of permission records is digitally signed by a corresponding one of the third plurality of network connected
devices.
1-8


Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 5-8 are rejected under 35 U.S.C. 101 as being directed to no more than software per se or combination of software per se and signals per se. The claim 5 does not fall within at least one of the four categories of patent eligible subject matter because the claimed invention does not direct to any concrete thing consisting of parts or devices. The specification as originally filed fails to set forth the metes and bounds of what is meant to be encompassed by the terms “processor” and “storage media”. As such, it is reasonable to interpret the term “processor” as software per se (see Computer Desktop Encyclopedia), and the term “storage media” as signals per se. Therefore, claim 5 is not patent-eligible subject matter.
The dependent claims 6 – 8 are depended on the rejected base claims, and are rejected for the same rationales.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1, 2, 4, 5, 6, and 8 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claims 1, 5 recite the limitation ‘permission records ‘. There is insufficient antecedent basis for this limitation in the claims. For examination, this limitation is read as ‘control messages’ (Para. [0010]).
Claims 4, 8 recite the limitation ‘assignment records ‘. There is insufficient antecedent basis for this limitation in the claims. For examination, this limitation is read as ‘control messages’ (Para. [0010]).
Claims 1, 4 recite the limitation ‘authorizer(s) ‘. There is insufficient antecedent basis for this limitation in the claims. For examination, this limitation is read as ‘a device or entity that assigns ownership of the data’ (Para. [0009]).
Claims 2, 6 recite the limitation ‘further data ‘. There is insufficient antecedent basis for this limitation in the claim. For examination, this limitation is read as ‘further data produced by said data generator’ (Para. [0052]).

Allowable Subject Matter
Claims 1 – 8 are indicated as allowable upon overcoming the Double Patenting, 101, and 112(b) rejections of record, unless new grounds of rejection are raised upon filing a response.
The following is a statement of reasons for the indication of allowable subject matter.
The present invention is directed to a data management blockchain and protocol for controlling access to data, in which no central trusted authority is required. The data management blockchain and protocol comprises an initial announcement of public keys by a plurality of blockchain participants, through which each blockchain participant establishes an identity. Subsequently a first of the plurality of blockchain participants publishes data encrypted with a cryptographic key on the blockchain. A second of the plurality of blockchain participants is assigned as an owner of the data by an authority. Access to the data is granted or revoked to further participants by the second of the plurality of blockchain participants through signed permission messages published on the blockchain, and a corresponding hand-over of the cryptographic key by the first of the plurality of blockchain participants, allowing access to the data. Access to further data may be revoked by changing the cryptographic key used.
Jayachandran et al (US 2019/0197532) (hereafter Jayachandran) relates to blockchain access, and more particularly, to private resource discovery and subgroup formation on a blockchain. An example operation may include one or more of identifying a registered interest associated with a requestor on a blockchain, accessing a smart contract stored on the blockchain, determining a match between the registered interest and blockchain transaction information, determining the requestor associated with the registered interest has access permissions to access the blockchain transaction information based on access control rules, and creating a temporary bilateral smart contract including the requestor, and an owner of the blockchain transaction information, and the temporary bilateral smart contract provides permission for the requester to access the blockchain transaction information.
	The closes prior art Biernat et al (US 2019/0340269) (hereafter Biernat) relates generally to industrial automation systems, and, more particularly, to storage, management, and distribution of manufacturing and supply chain data. Blockchain-enabled industrial devices and associated systems are configured to support the use of industrial blockchains in connection with product and machine tracking, subscription-based industrial services, device lifecycle management, and other functions. Collections of industrial devices can collectively serve as an industrial blockchain system, with multiple such systems within a supply chain yielding an industrial blockchain ecosystem. This architecture can create distributed, decentralized, tamper-proof records of manufacturing statistics for a product, a product's history within the larger supply chain, industrial asset usage histories that can be leveraged in connection with lifecycle management, machine usage history for use in connection with subscription-based machine operation, and other such information. The blockchain-enabled industrial devices can be configured to generate multiple versions of a product or machine's blockchain having respective different access permissions, allowing public and private industrial data to be segregated between public and private industrial blockchains
	Lerner al (US 10,536,445) (hereafter Lerner) discloses devices and a system that is specifically suited for data transmission applications that require a need for discrete communications, preserving privacy of information, electronic commerce transactions, electronic mail communications all required for solving security issues associated with and needed to secure the blockchain. An access control system with devices that securitize one or more blockchains using three sets of rules including authentication, validation, and access is provided. The system also can include protection of signals between one or more secure DASA databases and/or one or more blockchains for various user devices. The DASA databases may exist external to, along with, or within the blockchains. Specific methods and devices for securing (primarily digital and normally two-way) communications using applications offering the combination of securing communications from user devices with reader devices, are also provided. This disclosure also provides for the securitization and/or encryption of blockchain(s) for ensuring communication signals transmitted from and data residing within databases and/or the blockchain itself are not corruptible or compromised. In addition, communication processors for monitoring statistics regarding data at rest and data on the move associated with creating these securitized blockchains are included.
Gayton et al (US 10,467,551) (hereafter Gayton) relates to a portable privacy management for the collection and providing of user data, as well as for the providing of information encouraging the user to share greater amounts of user data. When a new user is created, a new identity is created and is added to the blockchain data store along with the user settings. User data for the user may then be encrypted using one or more shared encryption keys and added to the blockchain. The key and also a pointer to the stored data (e.g., a SHA-256 hash of the data block) may then be stored by the user data server 116 outside of the blockchain. In other examples, the off-blockchain data store may be implemented as a distributed hash table, thereby providing for decentralization of the off-blockchain data as well. Once stored, both the services and the user can query for the data using a data query transaction to the blockchain with the pointer (key) of the data to retrieve. The blockchain then verifies that the digital signature belongs to either the user or the service. For the service, its permissions to access the data are checked against the user settings. Additionally, the user can change the permissions granted to a service at any time by updating the user settings with a new set of permissions, including revoking access to previously stored data. Accordingly, using permissions defined by user settings incorporating keys used by the blockchain database, secured access by the services of the system to the user data may be assured via the blockchain protocol.
Ford et al. (US 2021/0089676) (hereafter Ford) discloses a computer-implemented method for secure data exchange between a sender (A) and a recipient (B), wherein the method is performed by the sender (A) and comprises encrypting data using a symmetric key k, creating a write transaction T w, wherein the write transaction T w comprises information usable to derive the symmetric key k and an access policy identifying the recipient (B) as being allowed to decrypt the encrypted data, providing the recipient (B) access to the encrypted data, and sending the write transaction T w to a first group of servers (AC) for being stored in a blockchain data structure maintained by the first group of servers (AC).
Griffin et al. (US 2021/0211468) (hereafter Griffin) discloses a method that includes defining a service policy. The service policy is stored in a policy blockchain, which includes a plurality of blocks. A first of the blocks includes a first version of the service policy and a second of the blocks includes an update to the first version. A plurality of compliance event logs are captured over a first time period for a plurality of subscribers of the blockchain facilitator. Each of the logs includes a plurality of field-level components. Each of the components are time stamped via a trusted time stamp token. The components are selectively encrypted based on permissions associated with each of the subscribers, and are stored in an event blockchain. The policy blockchain and the components related to a first of the subscribers are accessible by the first subscriber to evaluate compliance of the blockchain facilitator to the service policy regarding the first subscriber.
However, none of Jayachandran, Biernat, Lerner, Gayton, Ford, and Griffin teaches or suggests, alone or in combination, the particular combination of steps or elements as recited in the independent claims 1 and 8.  For example, none of the cited prior art, alone or in combination, teaches or suggest the steps of transmitting a data record comprising the data package encrypted with the symmetric key to a blockchain, by a data generator; transmitting an assignment record to the blockchain, by an authorizer, said assignment record asserting ownership of the data package produced by the data generator to a data owner; transmitting a plurality of permission records to the blockchain, by the data owner, each permission record of the plurality of permission records granting permission to one of each of a plurality of data receivers to access the data package produced by the data generator; verifying, by the data generator, that the assignment record is digitally signed by the authorizer and that each permission record of the plurality of permission records is digitally signed by the data owner; on successful verification, releasing the symmetric key, 72 by the data generator, to the plurality of data receivers; retrieving from the blockchain, by one or more of the plurality of data receivers, the data record comprising the data package; and decrypting the data package using the symmetric key, by one or more of the plurality of data receivers in view of other limitations of independent claims 1 and 5. 
Prior arts reviewed and made of record fail to individually disclose the claimed invention as a whole recited in claim 1 and similarly stated in claim 5. Also, the reviewed prior arts in combination together fail to render the claimed invention as a whole obvious. Claims 2 – 4 and 6 – 8 each depend on respective base claim.  Accordingly, as indicated above claims 1 – 8 are allowed upon overcoming the Double Patenting, 101, and 112(b) rejections of record, unless new grounds of rejection are raised upon filing a response.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to VLADIMIR IVANOVICH GAVRILENKO whose telephone number is (313) 446-6530. The examiner can normally be reached on Monday to Thursday 8am- 5pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786- 9199 (IN USA OR CANADA) or 571-272-1000.

/Vladimir I. Gavrilenko/
Examiner, Art Unit 2431

/TRANG T DOAN/Primary Examiner, Art Unit 2431