DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 have been examined.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 5/5/20, 8/11/21 and 2/17/22 are being considered by the examiner.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Gonzales, Jr. U.S. Pub. No. 20190205563 (hereinafter Gonzales) in view of Soundararajan et al. U.S. Pub. No. 20210203503 (hereinafter Soundararajan).


As per claim 1, Gonzales discloses an access management process orchestration method, comprising: 
receiving a request for accessing a managed resource of an information system (Gonzales: figures 4A-4C; [0077]-[0078]: receive request to access personal information data); 
querying an authorization for accessing the resource from an access manager (Gonzales: [0078]: querying authorized access data blockchain for authorization); and 
wherein receiving the request, querying the authorization, and requesting the access control policy update comprises: 
generating a transaction record (Gonzales: [0080]-[0081]: generating new block indicating changes); and 
adding the transaction record to a distributed ledger, wherein the distributed ledger simultaneously maintains the transaction record at multiple nodes throughout a network (Gonazles: [0080]-[0082]: commit new block indicating the changes to the blockchain and updated by plurality of peer nodes of the blockchain). 
Gonzales discloses determine access is authorized based on authorization data access blockchain regarding policy information related to personal information data (Gonzales: [0078]). Gonzales does not explicitly disclose wherein, in response to the querying of the authorization, requesting an access control policy update to grant the access to the managed resource. However, Soundararajan discloses in response to data access request, querying authorization from owner of data and provide authorization and update to the blockchain in response to owner’s consent (Soundararajan:  [0019]; [0024]: obtain authorization from owner to update authorization and update blockchain transactions). It would have been obvious to one having ordinary skill in the art to request authorization from data owner when initial authorization does not indicate authorized access because they are analogous art involving controlling access to data stored on blockchain using smart contract policies. The motivation to combine would be to allow dynamic and granular control to data access by data owners.

As per claim  2, Gonzales as modified discloses the method of claim 1. Gonzales as modified further discloses wherein the method further comprises exchanging the transaction record between the multiple nodes of the distributed ledger (Gonzales: [0080]-[0082]: update blockchain transactions across multiple nodes). 
As per claim 3, Gonzales as modified discloses the method of claim 2. Gonzales as modified further discloses wherein the multiple nodes are interconnected via cryptographically secured channels (Gonzales: [0146]-[0148]). 
As per claim 4, Gonzales as modified discloses the method of claim 1. Gonzales further discloses wherein the transaction record comprises at least one administrative action selected from the group consisting of a request access action, an access approved action, an access denied action, an access granted action, a revoke access action, and an access revoked action (Gonzales: [0045]; [0078]). 
As per claim 5, Gonzales as modified discloses the method of claim 4. Gonzales further discloses wherein the administrative action associated with the access granted action changes an authorization policy to allow access of a user to the information system (Gonzales: [0080]-[0081]: make changes to rule to authorize access by new platform entities). 
As per claim 6, Gonzales as modified discloses the method of claim 4. Gonzales further discloses wherein the administrative action associated with the revoke access action changes an authorization policy to deny access of a user to the information system (Gonzales: [0063]: add or remove access to data by updating access authorized data/policy). 
As per claim 7, Gonzales as modified discloses the method of claim 4. Gonzales further discloses transmitting the transaction record to the information system; and automatically executing the administrative action on the information system (Gonzales: figure 5: smart contract for regulating access; [0063]: updated access rules will be enforced by smart contract). 
As per claim 8, Gonzales as modified discloses the method of claim 1. Gonzales further discloses wherein requesting the access control policy update comprises executing a smart contract that processes transactions in the distributed ledger (Gonzales: [0082]: all transactions are maintained on blockchain including changes to the rules/policy). 
As per claim 9, Gonzales as modified discloses the method of claim 1. Gonzales further discloses the managed resource of the information system is one of a plurality of managed resources of a plurality of information systems; each of the plurality of information systems includes a local access control system; and the method further comprises calling one of the local access control systems to request a change to a local authorization policy (Gonzales: figure 1: plurality of nodes that can process change request to add new blocks to blockchain; [0069]; [0080]-[0082]). 
As per claim 10, Gonzales as modified discloses the method of claim 1. Gonzales further discloses recording the approval in the distributed ledger; transmitting the request to an administrator of the information system; executing an action responsive to the request on the information system; and recording the action in the distributed ledger (Gonzales: [0043]-[0044]; [0062]-[0063]: perform transaction to modify blockchain data by adding new blocks). Gonzales does not explicitly disclose transmitting the received request to an owner of the information system; receiving an approval responsive to the request from the owner of the information system. However, Soundararajan discloses that limitation (Soundararajan:  [0019]; [0024]: send request and obtain authorization from owner to update authorization and update blockchain transactions). Same rationale applies here as above in rejecting claim 1.
As per claim 11, Gonzales discloses an access management governance orchestrator, comprising: 
a peer node associated with a blockchain network, the blockchain network comprising a plurality of nodes associated with at least one of an asset owner function, an administrator function, and an auditor function (Gonzales: figure 1; [0053]: owner of data can create and modify data stored on blockchain), the peer node adapted to: 
record a request access record from a user of an information system in a distributed ledger (Gonzales: Gonzales: figures 4A-4C; [0077]-[0078]: receive request to access personal information data);
execute a smart contract responsive to the request access record and the owner approval record granting access on the information system, wherein the smart contract changes an authorization policy to allow access of the user to the information system (Gonzales: [0078]: querying authorized access data blockchain for authorization by smart contract; [0080]-[0081]: generating new block indicating changes); and 
record an execution record of the smart contract in the distributed ledger (Gonazles: [0080]-[0082]: commit new block indicating the changes to the blockchain and updated by plurality of peer nodes of the blockchain). 
Gonzales does not explicitly disclose record an owner approval record from the asset owner function, the owner approval record responsive to the request access record in the distributed ledger. However, Soundararajan discloses in response to data access request, querying authorization from owner of data and provide authorization and update to the blockchain in response to owner’s consent (Soundararajan:  [0019]; [0024]: obtain authorization from owner to update authorization and update blockchain transactions). It would have been obvious to one having ordinary skill in the art to request authorization from data owner when initial authorization does not indicate authorized access because they are analogous art involving controlling access to data stored on blockchain using smart contract policies. The motivation to combine would be to allow dynamic and granular control to data access by data owners.

As per claim 12, Gonzales as modified discloses the access management governance orchestrator of claim 11. Gonzales further discloses wherein the peer node is further adapted to: storing one or more of the request access record, the owner approval record, and the execution record in a transaction block; selecting one of the plurality nodes as a signature node to sign the transaction block according to a consensus protocol; and signing, by the selected signature node, the transaction block (Gonzales: [0080]-[0082]). 
As per claim 13, Gonzales as modified discloses the access management governance orchestrator of claim 11. Gonzales further discloses wherein the peer node is further adapted to: receive a new peer request to add a new node to the blockchain network; and transmitting the new peer request to the plurality of nodes in the blockchain network for approval according to a consensus protocol (Gonzales: [0102]-[0104]). 
As per claim 14, Gonzales as modified discloses the access management governance orchestrator of claim 11. Gonzales further discloses wherein changing the authorization policy comprises calling a local access control system associated with the information system to request a change to a local authorization policy (Gonzales: figure 1: plurality of nodes that can process change request to add new blocks to blockchain; [0069]; [0080]-[0082]). 
As per claim 15, Gonzales as modified discloses the access management governance orchestrator of claim 11. Gonzales further discloses wherein the peer node is further adapted to review the distributed ledger for execution records that are not associated with owner approval records (Gonzales: [0095]-[0097]). 

As per claim 16-20, claims 16-20 encompass same or similar scope as claims 1-10. Therefore, claims 16-20 are rejected based on the reasons set forth above in rejecting claims 1-10.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Schiffman et al. U.S. Pub. No. 20210391992 discloses managing client authorization.
Padmanabhan U.S. Pub. No. 20210243193 discloses method for implementing consensus on read via a consensus on write smart contract trigger for a distributed ledger technology platform.
Robison et al. U.S. Pub. No. 20210037060 discloses method for distributed network access control involving blockchain and smart contract.
Magerkurth et al. U.S. Pat. No. 10824747 discloses method for controlled access to policy data on blockchain.
Obaidi U.S. Pub. No. 20200245128 discloses remote SIM unlock implementation using blockchain.
Vaughn et al. U.S. Pub. No. 20190356471 discloses ad-hoc smart contract generation in a blockchain.
Beck U.S. Pub. No. 20190173854 discloses decentralized information sharing network.
Androulaki et al. U.S. Pub. No. 20190147106 discloses providing accountability of blockchain queries.
Anderson et al. U.S. Pub. No. 20180123882 discloses changing an existing blockchain trust configuration.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHIN HON (ERIC) CHEN whose telephone number is (571)272-3789. The examiner can normally be reached Monday to Thursday 9am- 7pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SHIN-HON (ERIC) CHEN/Primary Examiner, Art Unit 2431