DETAILED ACTION

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office action is responsive to the following communication: Request for Continued Examination filed on 22 March 2022.
Claim(s) 1, 3, 6-10, 13, 14, 16-21, and 23-28 is/are pending and present for examination.  Claim(s) 1 and 8 is/are in independent form.

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 25 February 2022 has been entered.
 
Response to Amendment
Claims 1, 6, 8, and 13 are presently amended.
Claims 2, 4-5, 11-12, 15, and 22 are presently cancelled.
No claims have been newly added.

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 15 December 2021 are being considered by the examiner.

Examiner’s Note
Examiner cites particular columns and/or paragraphs and line numbers in the references as applied to claims below for the convenience of the applicant. Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may be applied as well. It is respectfully requested that, in preparing responses, the applicant fully consider the references in entirely as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the examiner.

Claim Objections
Claim 1 is objected to because of the following informalities:  line 1 of the instant claim seems to erroneously recite “ingredients”.  Appropriate correction is required.
Claim 3 is objected to because of the following informalities:  claim 3 is dependent on claim 2 which has been cancelled.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claim(s) 1, 3, 6, 7, 8-10, 13, 14, 18-21, and 25-28 is/are rejected under 35 U.S.C. 103(a) as being unpatentable over Androulaki et al, USPGPUB No. 2020/03271000, field on 9 April 2019, and published on 15 October 2020, in view of Kursun, USPGPUB No. 2020/0186509, filed on 6 December 2018, and published on 11 June 2020.
As per independent claims 1 and 8, Androulaki, in combination with Kursun, discloses:
A method comprising:

obtaining an array of data entries representing respective member entities of a root of trust consortium {See Androulaki, [0106], wherein this reads over “FIG. 5D shows an embodiment of a method 530 to trigger the creation of a sub blockchain through an identity management infrastructure (or identity manager) of the blockchain network. In an initial operation 531, a user (or client) of the blockchain network generates a request to issue a certificate for a new sub blockchain. The user may be an existing user or a one newly added to the blockchain network. In this embodiment, the request is sent through a corresponding peer node to the blockchain network, where it is received by the identity management infrastructure”}, each data entry of the array being a data structure comprising:

an identifier of the member entity represented by the data entry {See Androulaki, [0111], wherein this reads over “In one embodiment, the chain certificate may a unique identifier, the identities of the validators, and a public key to send encrypted messages to the validators.”};

a public key of the member entity represented by the data entry {See Androulaki, [0111], wherein this reads over “In one embodiment, the chain certificate may a unique identifier, the identities of the validators, and a public key to send encrypted messages to the validators.”}; and

a digital signature of a member entity other than the member entity represented by the data entry, wherein the digital signature is applied to the identifier and the public key {See Androulaki, [0116], wherein this reads over “The identity management infrastructure may also include in the certificate one or more messages to the validating peer nodes of the sub blockchain. An example of the messages includes ciphertexts of the secret keys for respective ones of the validating peer nodes of the sub blockchain. The secret keys may be produced, for example, based on long-term encryption keys of the validating peer nodes of the sub blockchain. Including this type of message in the certificate allows the validating peer nodes to perform decryption for the sub blockchain based on their secret keys”}; and

wherein obtaining the array of data entries comprises initiating a ring signing process where each member entity generates a digital signature for a respective one of the data entries so that each digital signature in the array of data entries is generated by a distinct member entity {See Androulaki, [0117], wherein this reads over “In one embodiment, after receiving a request for a sub blockchain, the identity management infrastructure may provide the key material to validating peer nodes separately, e.g., not in the certificate. In this case, the identity management infrastructure may issue the certificate if and only if all the validating peer nodes assigned to the sub blockchain have acknowledged correct delivery of a corresponding key, e.g., one of the keys of the key pair. Depending on the policy regarding the keys, the identity management infrastructure may or may not provide the secret key to users assigned to the sub blockchain. If the secret key is not provided to users, and the identity management infrastructure is not trusted to have performed its job properly, users may request a proof of correct construction of the certificate for the sub blockchain”};

generating a genesis block of a block chain associated with the root of trust consortium, wherein the genesis block comprises the array of data entries and a digital signature of a manager of the root of trust consortium and generating the genesis block comprises:

generating the digital signature of the manager {See Kursun, [0055], wherein this reads over “The system may then link the device biometric data with the user identifier data to create a hybrid device-user identifier profile which serves as a unique digital signature for the device and user. Accordingly, said unique digital signature may comprise the individual components of both the device biometric profile and the user identifier profile”}; and

appending the digital signature of the manager to the array of data entries {See Kursun, [0076], wherein this reads over “The genesis block 300, like all other blocks within the blockchain 150, comprise a block header 301 and block data 309. The genesis block data 309, or any other instances of block data any blocks in the blockchain 150 may contain various data records. For instance, block data may comprise reference data (e.g., user account data, historical data, trust/reputation data, or the like), device biometric data, user biometric data, unique identifiers and/or signatures, combined device and user biometric profiles, third party information, regulatory and/or legal data, or the like”}; and

providing the block chain comprising the genesis block for use, by one or more end entities, as a root of trust in a cryptography system, wherein using the block chain as a root of trust comprises issuing and validating a digital certificate based on the block chain {See Androulaki, [0058], wherein this reads over “The result 228 of this processing may include the generation of messages in response to the request to create a new sub blockchain. The messages may be sent to validating peer nodes to be assigned to the new sub blockchain requesting authorization. Information 228 may also include key material (e.g., one or more public or private keys to be used for transmitting messages and submitting transactions in the new sub blockchain). The key material may be included within a certificate to be sent to the validating peer nodes or may be send separate from a certificate. Information 228 may include results from the execution of a smart contract associated with the root blockchain or one or more sub blockchains, including access to ledgers or data of these blockchains”}.

	Androulaki is directed to the invention of creating blockchains wherein one or more peer nodes validate said blockchain.  Androulaki fails to expressly disclose the claimed features directed to “generating a genesis block of a block chain associated with the root of trust consortium, wherein the genesis block comprises the array of data entries and a digital signature of a manager of the root of trust consortium and generating the genesis block comprises:
generating the digital signature of the manager; and appending the digital signature of the manager to the array of data entries.”
	Kursun is directed to the invention of a hybrid blockchain system.  As per the claimed feature of “generating the digital signature of the manager,” Kursun discloses “[t]he system may then link the device biometric data with the user identifier data to create a hybrid device-user identifier profile which serves as a unique digital signature for the device and user” wherein “said unique digital signature may comprise the individual components of both the device biometric profile and the user identifier profile.”  See Kursun, [0055].  
As per the claimed feature of “appending the digital signature of the manager to the array of data entries,” Kursun discloses that “[t]he genesis block 300, like all other blocks within the blockchain 150, comprise a block header 301 and block data 309” wherein “[t]he genesis block data 309, or any other instances of block data any blocks in the blockchain 150 may contain various data records.”  See Kursun, [0076].  Additionally, Kursun discloses that “block data may comprise reference data (e.g., user account data, historical data, trust/reputation data, or the like), device biometric data, user biometric data, unique identifiers and/or signatures, combined device and user biometric profiles, third party information, regulatory and/or legal data, or the like.”  That is, Kursun discloses that “user biometric profiles” which serve as a unique digital signature may be included within the block data.  Accordingly, wherein Kursun allows for the addition of “user biometric profiles” (i.e. a digital signature of a manger) to the data block of a block chain and/or genesis block (i.e. the array of data entries), it would have been obvious to one of ordinary skill in the art to improve the prior art of Androulaki with that of Kursun for the predictable result of a system wherein the blockchain of Androulaki may further include the “user biometric profiles” as disclosed by Kursun.
As per dependent claims 3, 10, 21, and 28, Androulaki, in combination with Kursun, discloses:
The method of claim 2, further comprising:

sending the new data block to a subset of the member entities {See Androulaki, [0063], wherein this reads over Referring to FIG. 2B, the transaction flow may include a transaction proposal 291 sent by an application client node 260 to an endorsing peer node 281. The endorsing peer 281 may verify the client signature and execute a chaincode function to initiate the transaction. The output may include the chaincode results, a set of key/value versions that were read in the chaincode (read set), and the set of keys/values that were written in chaincode (write set). The proposal response 292 is sent back to the client 260 along with an endorsement signature, if approved.”};

receiving digital signatures from the subset of the member entities, wherein each of the digital signatures is generated by a respective one of the member entities based on the data block {See Androulaki, [0065], wherein this reads over “In response, the endorsing peer node 281 may verify (a) that the transaction proposal is well formed, (b) the transaction has not been submitted already in the past (replay-attack protection), (c) the signature is valid, and (d) that the submitter (client 260, in the example) is properly authorized to perform the proposed operation on that channel. The endorsing peer node 281 may take the transaction proposal inputs as arguments to the invoked chaincode function”}; and

wherein generating the new block comprises combining the received digital signatures, the digital signature of the manager and the data block {See Androulaki, [0067], wherein this reads over “After successful inspection, in step 293 the client 260 assembles endorsements into a transaction and broadcasts the transaction proposal and response within a transaction message to the ordering node 284. The transaction may contain the read/write sets, the endorsing peers signatures and a channel ID. The ordering node 284 does not need to inspect the entire content of a transaction in order to perform its operation, instead the ordering node 284 may simply receive transactions from all channels in the network, order them chronologically by channel, and create blocks of transactions per channel”}.

As per dependent claims 6 and 13, Russinovich, in combination with Falk and Diehl, discloses:

The method of claim 1, further comprising validating the array of data entries before providing the genesis block for use as a root of trust {See Androulaki, [0058], wherein this reads over “The result 228 of this processing may include the generation of messages in response to the request to create a new sub blockchain. The messages may be sent to validating peer nodes to be assigned to the new sub blockchain requesting authorization. Information 228 may also include key material (e.g., one or more public or private keys to be used for transmitting messages and submitting transactions in the new sub blockchain). The key material may be included within a certificate to be sent to the validating peer nodes or may be send separate from a certificate. Information 228 may include results from the execution of a smart contract associated with the root blockchain or one or more sub blockchains, including access to ledgers or data of these blockchains”}.

As per dependent claims 7 and 14, Androulaki, in combination with Kursun, discloses:
The method of claim 1, further comprising:

obtaining a hash of an existing block of the block chain {See Androulaki, [0171], wherein this reads over “The blockchain 732 is a transaction log, structured as hash-linked blocks where each block contains a sequence of N transactions. Blocks may include various components such as shown in FIG. 7B. The linking of the blocks (shown by arrows in FIG. 7A) may be generated by adding a hash of a prior block's header within a block header of a current block. In this way, all transactions on the blockchain 732 are sequenced and cryptographically linked together preventing tampering with blockchain data without breaking the hash links.”};

generating a new data block comprising a new data entry, the new data entry identifying an action by one or more member entities of the root of trust consortium {See Androulaki, [0171], wherein this reads over “The blockchain 732 is a transaction log, structured as hash-linked blocks where each block contains a sequence of N transactions. Blocks may include various components such as shown in FIG. 7B. The linking of the blocks (shown by arrows in FIG. 7A) may be generated by adding a hash of a prior block's header within a block header of a current block. In this way, all transactions on the blockchain 732 are sequenced and cryptographically linked together preventing tampering with blockchain data without breaking the hash links.”};

generating a new block of the block chain for the root of trust consortium, wherein generating the new block comprises digitally signing a combination of the new data block and the hash of the existing block, wherein generating the new block comprises digitally signing a combination of the data block and the hash of the existing block {See Androulaki, [0173], wherein this reads over “Endorsing nodes receive transactions from clients and endorse the transaction based on simulated results. Endorsing nodes hold smart contracts which simulate the transaction proposals. When an endorsing node endorses a transaction, the endorsing nodes creates a transaction endorsement which is a signed response from the endorsing node to the client application indicating the endorsement of the simulated transaction. The method of endorsing a transaction depends on an endorsement policy which may be specified within chaincode. An example of an endorsement policy is “the majority of endorsing peers must endorse the transaction”; and [0174], wherein this reads over “The ordering service 710 accepts endorsed transactions, orders them into a block, and delivers the blocks to the committing peers. For example, the ordering service 710 may initiate a new block when a threshold of transactions has been reached, a timer times out, or another condition. In the example of FIG. 7A, blockchain node 722 is a committing peer that has received a new data block 750 for storage on blockchain 730”}; and

providing the new block to update the block chain for use, by the one or more end entities, as the root of trust in the cryptography system {See Androulaki, [0172], wherein this reads over “The current state of the blockchain 732 and the distributed ledger 732 may be stored in the state database 734. Here, the current state data represents the latest values for all keys ever included in the chain transaction log of the blockchain 732. Chaincode invocations execute transactions against the current state in the state database 734.”}.

As per dependent claims 9, 20, and 27, Androulaki, in combination with Kursun, discloses:
The computer system of claim 8, wherein digitally signing the genesis data block comprises:

generating a digital signature of a manager of the root of trust consortium {See Kursun, [0055], wherein this reads over “The system may then link the device biometric data with the user identifier data to create a hybrid device-user identifier profile which serves as a unique digital signature for the device and user. Accordingly, said unique digital signature may comprise the individual components of both the device biometric profile and the user identifier profile”}; and

appending the digital signature of the manager to the genesis data block {See Kursun, [0076], wherein this reads over “The genesis block 300, like all other blocks within the blockchain 150, comprise a block header 301 and block data 309. The genesis block data 309, or any other instances of block data any blocks in the blockchain 150 may contain various data records. For instance, block data may comprise reference data (e.g., user account data, historical data, trust/reputation data, or the like), device biometric data, user biometric data, unique identifiers and/or signatures, combined device and user biometric profiles, third party information, regulatory and/or legal data, or the like”}.

As per dependent claims 18 and 25, Androulaki, in combination with Kursun, discloses:
The method of claim 7, wherein the new data block comprises multiple data entries identifying multiple actions by one or more of the member entities {See Androulaki, [0171], wherein this reads over “The blockchain 732 is a transaction log, structured as hash-linked blocks where each block contains a sequence of N transactions. Blocks may include various components such as shown in FIG. 7B. The linking of the blocks (shown by arrows in FIG. 7A) may be generated by adding a hash of a prior block's header within a block header of a current block. In this way, all transactions on the blockchain 732 are sequenced and cryptographically linked together preventing tampering with blockchain data without breaking the hash links.”}.

As per dependent claims 19 and 26, Androulaki, in combination with Kursun, discloses:
The method of claim 7, wherein the action comprises at least one of:

adding a new member to the root of trust consortium;

removing a member from the root of trust consortium;

updating a public key of a member of the root of trust consortium;

revoking a public key of a member of the root of trust consortium;

replacing a public key of a member of the root of trust consortium;

adding an additional public key of a member of the root of trust consortium {See Androulaki, [0116], wherein this reads over “For example, the key material information for the sub blockchain may not be included in the creation request. In this case, the identity management infrastructure may generate a public key-private key pair for the new sub blockchain and add the corresponding public key to the certificate for the sub blockchain.”};

canceling a public key of a member of the root of trust consortium;

timestamping a valid state of the block chain;

recording a summary of all currently valid identity information;

freezing the block chain; or

unfreezing the block chain.

Claims 16, 17, 23, and 24 is/are rejected under 35 U.S.C. 103 as being unpatentable over Androulaki, in view of Kursun, and in further view of Ford et al, U.S. Patent No. 9,882,918, filed on 29 September 2017, and issued on 30 January 2018.
As per dependent claims 16 and 23, Androulaki, in combination with Kursun and Ford, discloses:
The method of claim 7, wherein the new data entry comprises an identifier of an action type, an identity of a member entity, a public key of the member entity, and a digital signature {See Ford, column 12, lines 25-41, wherein this reads over “each user behavior block 502 may include either or both data and metadata, such as a block reference identifier (ID) 504, a hash value of the prior user behavior block's header 506 information, the public key of the recipient 508 of the user behavior blockchain 408 transaction, and the digital signature of the originator 510 of the user behavior blockchain 408 transaction”}.

	The prior art combination of Androulaki and Kursun fails to disclose the claimed feature of “wherein the data entry comprises an identifier of an action type, an identity of a member entity, a public key of the member entity, and a digital signature.”  Ford is directed to the invention of a user behavior profile in a blockchain.  Specifically, Ford discloses that “each user behavior block 502 may include either or both data and metadata, such as a block reference identifier (ID) 504, a hash value of the prior user behavior block's header 506 information, the public key of the recipient 508 of the user behavior blockchain 408 transaction, and the digital signature of the originator 510 of the user behavior blockchain 408 transaction.”  See Ford, column 12, lines 25-41.  Wherein Ford discloses a block reference identifier, a hash value of a user, a public of a recipient, and a digital signature of the originator, it would have been obvious to one of ordinary skill in the art to improve the prior art combination of Androulaki and Kursun for the predictable result of a system wherein the blockchain data entries may further contain information specifically related to that of a block reference identifier, a hash value of a user, a public of a recipient, and a digital signature of the originator as disclosed by Ford.
As per dependent claims 17 and 24, Androulaki, in combination with Kursun and Ford, discloses:
The method of claim 16, further comprising validating the digital signature in the new data entry before providing the new block for use as a root of trust {See Androulaki, [0058], wherein this reads over “The result 228 of this processing may include the generation of messages in response to the request to create a new sub blockchain. The messages may be sent to validating peer nodes to be assigned to the new sub blockchain requesting authorization. Information 228 may also include key material (e.g., one or more public or private keys to be used for transmitting messages and submitting transactions in the new sub blockchain). The key material may be included within a certificate to be sent to the validating peer nodes or may be send separate from a certificate. Information 228 may include results from the execution of a smart contract associated with the root blockchain or one or more sub blockchains, including access to ledgers or data of these blockchains”}.


Response to Arguments
Applicant’s arguments with respect to the claim rejections under 35 U.S.C. 103 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Horvath, USPGPUB No. 2019/0205547	
Any inquiry concerning this communication or earlier communications from the examiner should be directed to PAUL KIM whose telephone number is (571)272-2737. The examiner can normally be reached Monday-Friday, 9AM-5PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neveen Abel-Jalil can be reached on (571) 270-0474. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/Paul Kim/
Examiner
Art Unit 2152



/PK/