Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION

This action is in response to applicant’s formal filings made on 7/6/2020. Claims 1-20 are pending.
Information Disclosure Statement
The information disclosure statement (IDS) was submitted on 07/06/2020. The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1-4, 9-12, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over DUNLEVY et. al. (US 2017/0372300 A1) hereinafter referred to as Dunlevy, and MAKHIJA et. al. (US 20210201236), hereinafter referred to as Makhija.
Regarding Claim 1: Dunlevy teaches a method for protecting private information in a blockchain network, the method comprising:
wherein the datastore connection object includes information regarding an off-chain datastore (Para 0029, The off-chain host system 104 may then generate a unique token (as shown in FIG. 3, process 2.2—createTokenFor(walletAddress)) and generate a digital signature of the token using the private key of the blockchain account (address of the proxy smart-contract) associated with the off-chain system (as shown in FIG. 3, process 2.3—signToken( ));
associating an identifier to the datastore connection object (Para 0029, The off-chain host system 104 may then store the token with the associated on-chain account address of the requesting smart-contract);
storing the datastore connection object with the identifier in the blockchain network (para 0021, 0029, The proxy smart-contract may then invoke the smart-contract to save the token (as shown in FIG. 3—saveToken(tokenSignature, token) process));
identifying that a request is being sent within the blockchain network, wherein the request includes private information (Fig 10, a request sent in the network, request comprise a correlation id);
determining whether to allow the request access to the off-chain datastore (Fig 12: (decision logic for granting access), Para 0033, the off-chain host system 104 has verified that the request is valid, the off-chain host system 104 may satisfy the data request…).

Dunlevy failed to explicitly teach defining a datastore connection object.
However, Makhija teaches defining a chain connector element to fetch data from an off-chain data structure in par. 35 and 36 as follows: “ [0035] In an embodiment, the linked chain control tower 101 includes a chain connector element 102A that supports connectivity to other blockchain network using standard blockchain protocols. It has an ability to connect and ingest signals from multiple types of ledger. Connect to public and other private blockchain. It will also connect to off-chain data to fetch complete transaction. In few scenario chains will be connected through pegging. [0036] ….Chain connector is responsible to fetch data from external APIs and user”. In this instance the examiner contends that Makhija discloses a chain connector element (i.e., datastore connection object) that connects to a off-chain data structure (i.e., datastore). Additionally, the examiner notes that par. 0036 tell us that the connector element of Makhija fetches data from external API and therefore is required to have specific access information for interfacing with the different APIs. 
Given the teachings as a whole, it would have been obvious to one of ordinary skill in the art before the effective filing date of the of the claimed invention was made to implement the teachings of Dunlevy with the teachings of Makhija by having Dunlevy’s off-chain data storage access process comprise a connector element. One would have been motivated to do so to provide a simple and effective means of securely accessing data, wherein the connection element helps to ensure efficient processing of the accessing of the data and makes it easier to ensure that the data is returned to the user properly.

Regarding Claim 2: The combination of Dunlevy and Makhija teaches the method of claim 1. 
Dunlevy further teaches wherein the off-chain datastore houses the private information, and wherein the private information includes health data associated with one or more users (Fig 7: private healthcare data 702, Para 0039, When the consumer wallet smart contract 700 is implemented, it may use the method described above to retrieve private healthcare data 702 from the off-chain host system 104 as shown in FIG. 7).

Regarding Claim 3: The combination of Dunlevy and Makhija teaches the method of claim 1. 
Dunlevy further teaches wherein the information regarding the off-chain datastore includes an identity of a host of the datastore, an account username and password, and a location of a specific database in the datastore (Fig 12, Para 0046, As shown in FIG. 12, the consumer wallet 700 may determine and authorize access by the provider wallet 800 and may receive a eligibility response as part of the eligibility method shown in FIG. 12. The provider wallet may request access of the consumer wallet and, once granted access, request eligibility fore the user associated with the consumer wallet and may receive the eligibility response as part of the eligibility method shown in FIG. 12.).

Regarding Claim 4: The combination of Dunlevy and Makhija teaches the method of claim 1. 
Dunlevy further teaches wherein determining whether to allow the request access to the off- chain datastore comprises:
identifying that the request does not include the identifier (Fig 4, Para 0028, In the invocation process, the smart contract 106 may publish a transaction targeted to the off-chain host system (as shown in FIG. 4 process 1—createRequestEvent (Requestdata) and FIG. 6—OffChainRequest(requestData)) with a request for data or a side-effect, where the request data (an example of which is shown in FIG. 10) includes the request method itself (must include: requestData.request_uri, and may include: requestData.request_method, and/or requestData.request_data), the contract's token (requestData.contract_auth_token), a timestamp (unixtime, number of seconds since Jan. 1, 1970 UTC, with some number of least significant digits zeroed out, requestData.request_time), and a correlation identifier (a unique identifier, may be a UUID as defined by IETF RFC 4122, requestData.correlation_id). In one embodiment, the request method may be the URI of an idempotent system specific request/response);

and P202001013US01Page 38 of 44declining the request access to the off-chain datastore (Fig 12).

System claim 9 is drawn to the system of using the corresponding method claimed in claim 1. The system comprising a memory and a processor (Dunlevy, para 0060). Therefore, system claim 9 correspond to method claim 1 and is rejected for the same reasons of obviousness as used above.

System claim 10 is drawn to the system of using the corresponding method claimed in claim 2. Therefore, system claim 10 correspond to method claim 2 and is rejected for the same reasons of obviousness as used above.

System claim 11 is drawn to the system of using the corresponding method claimed in claim 3. Therefore, system claim 11 correspond to method claim 3 and is rejected for the same reasons of obviousness as used above.

System claim 12 is drawn to the system of using the corresponding method claimed in claim 4. Therefore, system claim 12 correspond to method claim 4 and is rejected for the same reasons of obviousness as used above.

A computer program product claim 17 is drawn to the product of using the corresponding method claimed in claim 1. The product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions executable by a processor to cause the processors to perform a function. Therefore, computer program product claim 17 correspond to method claim 1 and is rejected for the same reasons of obviousness as used above.

Claims 5-6, 13-14, and 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over DUNLEVY  in view of MAKHIJA  as applied to claims 1, 9 and 17 above and further in view of MOU et. al. (CN 109905474 A), hereinafter referred to as Mou.

Regarding Claim 5: The combination of Dunlevy and Makhija teaches the method of claim 1. 
Dunlevy and Makhija fail to teach further comprising: encrypting the datastore connection object with a symmetric key.
However, Mou teaches further comprising: encrypting the datastore connection object with a symmetric key (Page 6, Para 7 , the data user terminal and data provider the terminal chain or chain on agreed symmetric key, shared data to data returned by the Proxy party terminal before use, using the symmetric key to encrypt the shared data plaintext. data user terminal when receiving the data of the encrypted format at the second SDK with symmetric key and decrypts it to obtain the plaintext of the shared data).
Given the teachings as a whole, it would have been obvious to one of ordinary skills in the art before the effective filing date of the claimed invention to specify a key as suggested by Mou with the inventions of Dunlevy and Makhija in order to encrypt the shared data for added privacy (See Mou, Page 6, para 7). 

Regarding Claim 6:  The combination of Dunlevy, Makhija and Mou as applied to claim 1 above teaches a data connection however neither reference expressly teaches the method of claim 5, wherein determining whether to allow the request access to the off- chain datastore comprises: identifying that the request includes the identifier and the symmetric key; directing the request to the datastore connection object in the blockchain network; allowing the request to access the off-chain datastore; and storing the private information in the off-chain datastore.
In this instance the examiner notes the teachings of Mou.
With regards to applicant’s claim limitation element of: further teaches wherein determining whether to allow the request access to the off- chain datastore comprises: identifying that the request includes the identifier and the symmetric key (Page 6, para 8, 11, in the URI before the step chain, the method further comprising: a URI receiving step: part or all of the stored data in the storage system is set as the shared data, receiving the URI of the shared data sent by the proxy server via the proxy server… data provider terminal receives the second information after the generating the secret information, and using the public key of the data user party terminal after encrypting data to be transmitted to user terminal. after data using party terminal by using its own private key to decrypt the session key negotiation is successful, the two parties can communicate using the same session key);
	With regards to applicant’s claim limitation element of: directing the request to the datastore connection object in the blockchain network (Page 7, para 10, data access request sending step: the data access request via a proxy server, the data provider terminal to de-center application so that the de-centralized application for verification to said data access request, obtaining the verification result, wherein the data access request comprises identity identifying the URI and the data the user party terminal);
	With regards to applicant’s claim limitation element of: allowing the request to access the off-chain datastore (Page 8, para 11, the access result receiving module 240, which is configured to be used for the verification is passed, the receiving result of accessing the shared data sent by the proxy server);
	With regards to applicant’s claim limitation element of: and storing the private information in the off-chain datastore (Page 8, para 6, the setting request indicates that part or all of the data in the storage system is set to shared data, receives the storage system through the storage adaptation layer, the URI of the shared data returned by the proxy server).
Given the teachings as a whole, it would have been obvious to one of ordinary skills in the art before the effective filing date of the claimed invention to specify the request suggested by Mou with the inventions of Dunlevy and Makhija in order to determine whether the request is allowable and save the data in the off-chain (See Mou, Page 6, para 8, 11, Page 7, para 10, Page 8, para 6, 11). 

System claim 13 is drawn to the system of using the corresponding method claimed in claim 5. Therefore, system claim 13 correspond to method claim 5 and is rejected for the same reasons of obviousness as used above.

System claim 14 is drawn to the system of using the corresponding method claimed in claim 6. Therefore, system claim 14 correspond to method claim 6 and is rejected for the same reasons of obviousness as used above.  

A computer program product claim 18 is drawn to the product of using the corresponding method claimed in claim 5. Therefore, computer program product claim 18 correspond to method claim 5 and is rejected for the same reasons of obviousness as used above.

A computer program product claim 19 is drawn to the product of using the corresponding method claimed in claim 6. Therefore, computer program product claim 19 correspond to method claim 6 and is rejected for the same reasons of obviousness as used above.

Claims 7-8, 15-16, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Dunlevy and Makhija in view of Mou as applied to claims 1, 9 and 16 above and further in view of LEE et. al. (US 20200301944 A1), hereinafter referred to as Lee.

Regarding Claim 7: The combination of Dunlevy, Makhija and Mou teaches the method of claim 6. 
Dunlevy, Makhija and Mou fail to teach wherein storing the private information in the off-chain datastore comprises:
computing a hash of the private information;
and identifying that the hash does not exist in the off-chain datastore.
However, Lee teaches wherein storing the private information in the off-chain datastore comprises:
computing a hash of the private information (Para 0025, the computing device 110 stores a data object received from a user in the off-chain storage 120 and calculates a hash value of data stored in the data object);
and identifying that the hash does not exist in the off-chain datastore (i.e., …teaches in par. 55-58 the following: “[0055] Subsequently, if necessary, the computing device 110 verifies the integrity of a plurality of data objects stored in an off-chain storage 120 in operation 510 and operation 520. [0056] In operation 510, the computing device 110 creates a verification tree on the basis of current hash values of the data objects.[0057] In operation 510, the computing device 110 accesses all of the data objects contained in the Merkle tree to be verified in the off-chain storage 120 and calculates the current hash values of the data objects. In the process that has been described with reference to FIGS. 2 and 3, the computing device 110 creates a new Merkle tree, i.e., a verification tree, on the basis of the current hash values and calculates a Merkle root value for the purpose of verification.[0058] In operation 520, the computing device 110 compares the Merkle root value, which is stored in the root transaction, to the root value of the verification tree created in operation 510.”). The examiner notes that par. 0055-0058 discloses a verification process to determine if a hash of the object is in the off-chain storage. 
Given the teachings as a whole, it would have been obvious to one of ordinary skills in the art before the effective filing date of the claimed invention to specify a hash as suggested by Lee with the inventions of Dunlevy, Makhija and Mou in order to calculate a hash and verify the newly added information (See Lee, Para 0025-0026, 0055-0058). 

Regarding Claim 8: The system of Dunlevy, Makhjja and Mou teaches off-chain data storage, specifically, Dunlevy teaches a method of claim 6, further comprising:
identifying that a second request is being sent within the blockchain network, wherein the second request includes the private information (Fig 10, a request sent in the network, request comprise a correlation id);
declining to store the private information in the off-chain datastore (i.e., …Dunlevy illustrates in figure 12, figure element 906 …access control to the off-chain…The examiner notes that by having access control will prevent data reading and writing (i.e., storage)).
The system of Dunlevy, Makhija and Mou does not expressly teach:
computing a hash of the private information;
identifying that the hash already exists in the off-chain datastore.
In this instance the examiner notes the teachings of prior art reference Lee. 
With regards to applicant’s claim limitation element(s) of, “computing a hash of the private information”, Lee teaches in Para 0025, the computing device 110 stores a data object received from a user in the off-chain storage 120 and calculates a hash value of data stored in the data object.
With regards to applicant’s claim limitation element(s) of, “identifying that the hash already exists in the off-chain datastore”, Lee teaches in par. 55-58 the following: “[0055] Subsequently, if necessary, the computing device 110 verifies the integrity of a plurality of data objects stored in an off-chain storage 120 in operation 510 and operation 520. [0056] In operation 510, the computing device 110 creates a verification tree on the basis of current hash values of the data objects.[0057] In operation 510, the computing device 110 accesses all of the data objects contained in the Merkle tree to be verified in the off-chain storage 120 and calculates the current hash values of the data objects. In the process that has been described with reference to FIGS. 2 and 3, the computing device 110 creates a new Merkle tree, i.e., a verification tree, on the basis of the current hash values and calculates a Merkle root value for the purpose of verification.[0058] In operation 520, the computing device 110 compares the Merkle root value, which is stored in the root transaction, to the root value of the verification tree created in operation 510.”). The examiner notes that par. 0055-0058 discloses a verification process to determine if a hash of the object is in the off-chain storage.
Given the teachings as a whole, it would have been obvious to one of ordinary skills in the art before the effective filing date of the claimed invention to specify a hash as suggested by Lee with the inventions of Dunlevy, Makhija and Mou in order to calculate the hash and verify the newly added information is not repeated to protect the integrity of the information (See Lee Fig 5-7, Para 0025-0026, 0055-0058). 

System claim 15 is drawn to the system of using the corresponding method claimed in claim 7. Therefore, system claim 15 correspond to method claim 7 and is rejected for the same reasons of obviousness as used above.

System claim 16 is drawn to the system of using the corresponding method claimed in claim 8. Therefore, system claim 16 correspond to method claim 8 and is rejected for the same reasons of obviousness as used above.

A computer program product claim 20 is drawn to the product of using the corresponding method claimed in claim 8. Therefore, computer program product claim 20 correspond to method claim 8 and is rejected for the same reasons of obviousness as used above.


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MUHAMMED JAMIL RAHMAN whose telephone number is (571)272-2272. The examiner can normally be reached M-F 7:30am-5:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge L Ortiz-Criado, can be reached on (571) 272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/MUHAMMED JAMIL RAHMAN/Examiner, Art Unit 2497




/JORGE L ORTIZ CRIADO/Supervisory Patent Examiner, Art Unit 2496