DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Drawings
The drawings were received on 01/19/2021.  These drawings are accepted.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


Claim 17 recites the limitation "obtaining an on-chain transaction identifier of the user's operation behavior" in line 3.  There is insufficient antecedent basis for this limitation in the claim. Therefore, claim 17 is rejected under 35 U.S.C. 112(b). The applicant could amend the claim to state “…of operation behavior of the user…”.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 7, 19 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Underwood (US 7100195 B1) in view of  Minakawa et al. (US 20010054007 A1 hereinafter “Minakawa”).
Regarding claim 1, Underwood discloses a private data processing method, executable by a client, comprising (Fig. 1C): 
obtaining business result data fed back by the business server based on the target business processing request from the intermediate server (col. 19 line 28-32, In operation 154, selection criteria from the first server [“intermediate server”] is transmitted to the second server [“business server”]. In response to the selection criteria, the first server receives a first recordset and a second recordset from the second server in operation 155. Business data is included in the first recordset and result codes are included in the second recordset. The first and second recordsets are mapped to the business object in operation 156 and, in operation 157, the business object [“business result data”] is sent to the application on the first server), wherein the business result data is encrypted by using an account key of the use; and decrypting the business result data by using the account key (col. 119 line 60-col. 120 line 12, Encryption services encrypt data prior to network transfer to prevent unauthorized interception. Encryption has two main components: the encryption algorithm, which is the series of steps that is performed to transform the original data; and the key, which is used by the algorithm in some way to encrypt the message. Typically, the algorithm is widely known, while the key is kept secret. There are several types of encryption in use today, including: Secret key cryptography—uses one key (the secret key) both to encrypt the message on one side and to decrypt the message on the other side. Public key cryptography—uses two keys, the public key and the private key. The public key and private key are mathematically related so that a message encrypted with the recipient's public key may be decrypted with the recipient's private key. Therefore, the public key can be widely published, while the private key is kept secret).
Although Underwood teaches, col. 19 line 21-27, “a request for a business object is identified by an application on the first server; The first server is connected to the second server” through operation 152-153, it does not teach, “initiating a user request to an intermediate server according to an input of a user to request the intermediate server to perform intermediate business processing according to the user request and to initiate a target business processing request to a business server”.
In a same field of endeavor, Minakawa discloses the method, wherein initiating a user request to an intermediate server according to an input of a user to request the intermediate server to perform intermediate business processing according to the user request and to initiate a target business processing request to a business server ([Fig. 9-10, S1-S4; 0085-0089] A user enters data into the personal data entry screen 110 (FIG. 3) and the estimate request data entry screen 120 (FIG. 4) by means of the user terminal 10 a. The information-transmitting means 11 a transmits request information comprised of the personal data 111 and the estimate request data 121 to the intermediation control apparatus 30 a. The storage means 31 a receives the request information and stores the same therein. The disclosure information-extracting means 33 a extracts disclosure information from the request information stored therein by using the disclosure information extraction table T1 (FIG. 5). The disclosure information-transmitting means 34 a transmits the disclosure information including the estimate request data to the service providing apparatus 20 a, which receives the disclosure information including the estimate request data).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Underwood with the teachings of Minakawa to initiate a user request to an intermediate server according to an input of a user to request the intermediate server to perform intermediate business processing according to the user request and to initiate a target business processing request to a business server. One of ordinary skill in the art would have been motivated to make this modification because an extraction section may determine a range of personal information of a user, for disclosure, based on a kind of request information sent from the user, and extracts the range of personal information from the personal information (Abs.).

Regarding claim 7, Underwood discloses a private data processing method, executable by an intermediate server, comprising (Fig. 1C):
performing intermediate business processing according to the [[user request]], and initiating a target business processing request to a business server (col. 19 line 28-32, Initially, in operation 152, a request for a business object is identified by an application on the first server. The first server is connected to the second server in operation 153. In operation 154, selection criteria from the first server is transmitted to the second server); and 
wherein the business result data is data encrypted by using an account key of the user (col. 119 line 60-col. 120 line 12, Encryption services encrypt data prior to network transfer to prevent unauthorized interception. Encryption has two main components: the encryption algorithm, which is the series of steps that is performed to transform the original data; and the key, which is used by the algorithm in some way to encrypt the message).  
Although Underwood teaches, col. 19 line 21-32 , “a request for a business object is identified by an application on the first server; The first server is connected to the second server … ”  through operation 152-157, it does not teach, “obtaining a user request initiated by a user through a client; obtaining business result data fed back by the business server based on the target business processing request and returning the business result data to the client”.
In a same field of endeavor, Minakawa discloses the method, wherein obtaining a user request initiated by a user through a client ([Fig. 9-10, S1-S2; 0085-0089] A user enters data into the personal data entry screen 110 (FIG. 3) and the estimate request data entry screen 120 (FIG. 4) by means of the user terminal 10 a. The information-transmitting means 11 a transmits request information comprised of the personal data 111 and the estimate request data 121 to the intermediation control apparatus 30 a).
obtaining business result data fed back by the business server based on the target business processing request and returning the business result data to the client ([Fig. 11, S7-S10;0092-0094] The response information-transmitting means 21 [“business result data”] transmits the insurance product information as the response information created by the service provider [“business server”] to the intermediation control apparatus 30 a. The storage means 31 a receives the response information and stores the same therein. The response information intermediary transmission means 32 a sends the response information to the user terminal 10 a [“business result data to the client”], and the user terminal 10 a receives the response information. The user terminal 10 a displays the product proposal retrieval screen 130 (FIG. 7), and the insurance product advice screen 140 (FIG. 8))
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Underwood with the teachings of Minakawa to obtain a user request initiated by a user through a client; obtain business result data fed back by the business server based on the target business processing request and returning the business result data to the client. One of ordinary skill in the art would have been motivated to make this modification because an extraction section may determine a range of personal information of a user, for disclosure, based on a kind of request information sent from the user, and extracts the range of personal information from the personal information (Abs.).

Regarding claim 19, the combination of Underwood and Minakawa discloses an electronic device, comprising: 
at least one processor; and a memory connected in communication with the at least one processor; wherein, the memory stores instructions executable by the at least one processor, wherein when the instructions are executed by the at least one processor, the at least one processor are caused to implement the private data processing method according to claim 1 ([Underwood: col. 10 line 65-col. 11 line 5] A representative hardware environment of a preferred embodiment of the present invention is depicted in FIG. 1, which illustrates a typical hardware configuration of a workstation having a central processing unit 110, such as a microprocessor, and a number of other units interconnected via a system bus 112. The workstation shown in FIG. 1 includes Random Access Memory (RAM) 114, Read Only Memory (ROM) 116). 

Regarding claim 20, the combination of Underwood and Minakawa a non-transitory computer-readable storage medium storing computer instructions, wherein when the computer instructions are executed, the computer is caused to implement the private data processing method according to claim 1 ([Underwood: col. 10 line 65-col. 11 line 5] A representative hardware environment of a preferred embodiment of the present invention is depicted in FIG. 1, which illustrates a typical hardware configuration of a workstation having a central processing unit 110, such as a microprocessor, and a number of other units interconnected via a system bus 112. The workstation shown in FIG. 1 includes Random Access Memory (RAM) 114, Read Only Memory (ROM) 116).


Claim 2 is rejected under 35 U.S.C. 103 as being unpatentable over Underwood (US 7100195 B1) in view of  Minakawa et al. (US 20010054007 A1 hereinafter “Minakawa”) as applied to claim 1 above, and further in view of Chen et al. (US 20210073177 A1 hereinafter “Chen”).
Regarding claim 2, the combination of Underwood and Minakawa discloses the method according to claim 1, wherein the account key for encryption is a public key in an asymmetric key pair, and the account key for decryption is a private key in the asymmetric key pair ([Underwood: col. 119 line 60-col. 120 line 12] Encryption services encrypt data prior to network transfer to prevent unauthorized interception. Encryption has two main components: the encryption algorithm, which is the series of steps that is performed to transform the original data; and the key, which is used by the algorithm in some way to encrypt the message. Typically, the algorithm is widely known, while the key is kept secret. There are several types of encryption in use today, including: Secret key cryptography—uses one key (the secret key) both to encrypt the message on one side and to decrypt the message on the other side. Public key cryptography—uses two keys, the public key and the private key. The public key and private key are mathematically related so that a message encrypted with the recipient's public key may be decrypted with the recipient's private key. Therefore, the public key can be widely published, while the private key is kept secret).
However, the combination of Underwood and Minakawa may not disclose, but Chen, which is a same field of endeavor, discloses the method, wherein the asymmetric key pair is a blockchain account key pair registered by the user in a blockchain network ([0039] any user can register itself on the blockchain with a private key and public key pair (similar to bitcoin)).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Underwood and Minakawa with the teachings of Chen to include a asymmetric key pair that is a blockchain account key pair registered by the user in a blockchain network. One of ordinary skill in the art would have been motivated to make this modification because it is critical to know that data in the blockchain has not been tampered with by any of the compute nodes in the computer network (or any other node or party) (para. 0034).


Claims 3, 4, 8 and 9 are rejected under 35 U.S.C. 103 as being unpatentable over Underwood (US 7100195 B1) in view of  Minakawa et al. (US 20010054007 A1 hereinafter “Minakawa”) as applied to claim 1 and 7 above, and further in view of KAMALSKY et al. (US 20190205870 A1 hereinafter “Kamalsky”).
Regarding claim 3, the combination of Underwood and Minakawa discloses the method according to claim 1, before initiating the user request to the intermediate server according to the input of the user, further comprising: 
according to operation behavior and associated data when initiating the user request ([Underwood col. 19 line 28-32] In operation 154, selection criteria from the first server is transmitted to the second server. In response to the selection criteria, the first server receives a first recordset and a second recordset [“operation behavior and associated data”] from the second server in operation 155. Business data is included in the first recordset and result codes are included in the second recordset. The first and second recordsets are mapped to the business object in operation 156 and, in operation 157, the business object is sent to the application on the first server).
The combination may not discloses, but Kamalsky, which is a same field of endeavor discloses the method, wherein generating an operation transaction request through a blockchain deployment protocol deployed in a blockchain node, and transmitting the operation transaction request to a blockchain network for on-chain storage ([0051-0053] intermediary server 112 are required to release funds committed to the blockchain 140. intermediary server 112 can control the blocks 142 on stored value blockchain 140. A payment transaction block that pays funds to a seller entity can require a signature from the intermediary server 112. The intermediary server 112 maintains control over release of funds committed to the transaction data blockchain 140).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Underwood and Minakawa with the teachings of Kamalsky to generate an operation transaction request through a blockchain deployment protocol deployed in a blockchain node, and transmit the operation transaction request to a blockchain network for on-chain storage. One of ordinary skill in the art would have been motivated to make this modification because blockchain, e.g. the ETHERIUM blockchain, may provide a traceable, recallable, and non-volatile system for managing stored value and stored value smart contract code on a secure blockchain. Smart contracts are programs with code that can be executed on a blockchain platform and allow logic to be introduced on top of a transaction (para. 0005).

Regarding claim 4, the combination of Underwood, Minakawa and Kamalsky discloses the method according to claim 3, wherein according to the operation behavior and the associated data when initiating the user request ([Underwood col. 19 line 28-32] In operation 154, selection criteria from the first server is transmitted to the second server. In response to the selection criteria, the first server receives a first recordset and a second recordset [“operation behavior and associated data”] from the second server in operation 155. Business data is included in the first recordset and result codes are included in the second recordset. The first and second recordsets are mapped to the business object in operation 156 and, in operation 157, the business object is sent to the application on the first server), generating the operation transaction request through the blockchain deployment protocol deployed in the blockchain node comprises ([Kamalsky: 0051-0053] intermediary server 112 are required to release funds committed to the blockchain 140. intermediary server 112 can control the blocks 142 on stored value blockchain 140. A payment transaction block that pays funds to a seller entity can require a signature from the intermediary server 112. The intermediary server 112 maintains control over release of funds committed to the transaction data blockchain 140): 
calculating a hash value of the operation behavior and the associated data; and generating the operation transaction request through the blockchain deployment protocol deployed in the blockchain node ([Kamalsky: 0092-0094] FIG. 6A is a data architecture diagram illustrating a simplified example of a blockchain ledger 600 based on the blocks 142A-E of the stored value blockchain 140 of FIG. 1. A Merkle tree 620 is used to cryptographically secure the transaction data. For example, Transaction Tx1 node 634A of data tree 620A of block 610A can be hashed to Hash1 node 632A, Transaction Tx2 node 638A may be hashed to Hash2 node 636A. Hash1 node 632A and Hash2 node 636A may be hashed to Hash12 node 630A. A similar subtree may be formed to generate Hash34 node 640A. Hash12 node 630A and Hash34 node 640A may be hashed to Transaction Root 614A hash sorted in the data block 610A), and adding the hash value to the operation transaction request ([Kamalsky: 0053]  intermediary server 112 can control the blocks 142 [“adding the hash”] on stored value blockchain 140; [0092-0094] FIG. 6A is a data architecture diagram illustrating a simplified example of a blockchain ledger 600 based on the blocks 142A-E of the stored value blockchain 140 of FIG. 1. For example, Transaction Tx1 node 634A of data tree 620A of block 610A can be hashed to Hash1 node 632A, Transaction Tx2 node 638A may be hashed to Hash2 node 636A. Hash1 node 632A and Hash2 node 636A may be hashed to Hash12 node 630A).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Underwood and Minakawa with the teachings of Kamalsky to calculate a hash value of the operation behavior and the associated data; and generating the operation transaction request through the blockchain deployment protocol deployed in the blockchain node, and adding the hash value to the operation transaction request. One of ordinary skill in the art would have been motivated to make this modification because the integrity of the transactions may be checked by verifying the hash is correct by using a Merkle tree, or any similar data structure (para. 0005).

Regarding claim 8, the combination of Underwood and Minakawa discloses the method according to claim 7, wherein performing the intermediate business processing according to the user request comprises: 
according to operation behavior and associated data during the intermediate business processing ([Underwood col. 19 line 28-32] In operation 154, selection criteria from the first server is transmitted to the second server. In response to the selection criteria, the first server receives a first recordset and a second recordset [“operation behavior and associated data”] from the second server in operation 155. Business data is included in the first recordset and result codes are included in the second recordset. The first and second recordsets are mapped to the business object in operation 156 and, in operation 157, the business object is sent to the application on the first server).
The combination of Underwood and Minakawa may not discloses, but Kamalsky, which is a same field of endeavor discloses the method, wherein generating an operation transaction request through a blockchain deployment protocol deployed in a blockchain node and transmitting the operation transaction request to a blockchain network for on-chain storage ([0051-0053] intermediary server 112 are required to release funds committed to the blockchain 140. intermediary server 112 can control the blocks 142 on stored value blockchain 140. A payment transaction block that pays funds to a seller entity can require a signature from the intermediary server 112. The intermediary server 112 maintains control over release of funds committed to the transaction data blockchain 140).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Underwood and Minakawa with the teachings of Kamalsky to generate an operation transaction request through a blockchain deployment protocol deployed in a blockchain node and transmit the operation transaction request to a blockchain network for on-chain storage. One of ordinary skill in the art would have been motivated to make this modification because blockchain, e.g. the ETHERIUM blockchain, may provide a traceable, recallable, and non-volatile system for managing stored value and stored value smart contract code on a secure blockchain. Smart contracts are programs with code that can be executed on a blockchain platform and allow logic to be introduced on top of a transaction (para. 0005).

Regarding claim 9, the combination of Underwood and Minakawa discloses the method according to claim 8, wherein according to the operation behavior and the associated data during the intermediate business processing ([Underwood col. 19 line 28-32] In operation 154, selection criteria from the first server is transmitted to the second server. In response to the selection criteria, the first server receives a first recordset and a second recordset [“operation behavior and associated data”] from the second server in operation 155. Business data is included in the first recordset and result codes are included in the second recordset. The first and second recordsets are mapped to the business object in operation 156 and, in operation 157, the business object is sent to the application on the first server), generating the operation transaction request through the blockchain deployment protocol deployed in the blockchain node and transmitting the operation transaction request to the blockchain network for on-chain storage, comprises ([Kamalsky: 0051-0053] intermediary server 112 are required to release funds committed to the blockchain 140. intermediary server 112 can control the blocks 142 on stored value blockchain 140. A payment transaction block that pays funds to a seller entity can require a signature from the intermediary server 112. The intermediary server 112 maintains control over release of funds committed to the transaction data blockchain 140): 
calculating a hash value of the operation behavior and the associated data during the intermediate business processing; and generating the operation transaction request through the blockchain deployment protocol deployed in the blockchain node ([Kamalsky: 0092-0094] FIG. 6A is a data architecture diagram illustrating a simplified example of a blockchain ledger 600 based on the blocks 142A-E of the stored value blockchain 140 of FIG. 1. A Merkle tree 620 is used to cryptographically secure the transaction data. For example, Transaction Tx1 node 634A of data tree 620A of block 610A can be hashed to Hash1 node 632A, Transaction Tx2 node 638A may be hashed to Hash2 node 636A. Hash1 node 632A and Hash2 node 636A may be hashed to Hash12 node 630A. A similar subtree may be formed to generate Hash34 node 640A. Hash12 node 630A and Hash34 node 640A may be hashed to Transaction Root 614A hash sorted in the data block 610A), and adding the hash value to the operation transaction request ([Kamalsky: 0053]  intermediary server 112 can control the blocks 142 [“adding the hash”] on stored value blockchain 140; [0092-0094] FIG. 6A is a data architecture diagram illustrating a simplified example of a blockchain ledger 600 based on the blocks 142A-E of the stored value blockchain 140 of FIG. 1. For example, Transaction Tx1 node 634A of data tree 620A of block 610A can be hashed to Hash1 node 632A, Transaction Tx2 node 638A may be hashed to Hash2 node 636A. Hash1 node 632A and Hash2 node 636A may be hashed to Hash12 node 630A).  
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Underwood and Minakawa with the teachings of Kamalsky to calculate a hash value of the operation behavior and the associated data during the intermediate business processing; and generate the operation transaction request through the blockchain deployment protocol deployed in the blockchain node, and adding the hash value to the operation transaction request. One of ordinary skill in the art would have been motivated to make this modification because the integrity of the transactions may be checked by verifying the hash is correct by using a Merkle tree, or any similar data structure (para. 0005).


Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Underwood (US 7100195 B1) in view of  Minakawa et al. (US 20010054007 A1 hereinafter “Minakawa”) in view of KAMALSKY et al. (US 20190205870 A1 hereinafter “Kamalsky”) as applied to claim 3 above, and further in view of Uhr et al . (US 20190081800 A1 hereinafter “Uhr”).
Regarding claim 5, Minakawa teaches, in para. 0086 or Fig. 9, the operation S1-S2 as considered the user request, but the combination of Underwood, Minakawa and Kamalsky does not explicitly teach “the user request carries the account key of the user and an on-chain transaction identifier corresponding to the operation transaction request.”
In a same field of endeavor, Uhr discloses the method, wherein discloses the method according to claim 3, wherein the [[user request]] carries the account key of the user and an on-chain transaction identifier corresponding to the operation transaction request ([0123] The issuance-requesting server 200 may acquire the public key [“account key”] of the specific user, may send a registration-requesting signal including the specific identification information [“on-chain transaction identifier”] on the specific user corresponding to the specific personal information on the specific user and the public key [“account key”] to the certificate-managing server 300, at a step of S13).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Underwood, Minakawa and Kamalsky with the teachings of Uhr to include user request that carries the account key of the user and an on-chain transaction identifier corresponding to the operation transaction request. One of ordinary skill in the art would have been motivated to make this modification because the certificate-managing server 300 may confirm whether one of the current anchoring conditions is met. Further, the certificate-managing server 300 may monitor whether one of the current anchoring conditions is satisfied to register the specific transaction in the blockchain network (para. 0125).


Claims 6 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Underwood (US 7100195 B1) in view of  Minakawa et al. (US 20010054007 A1 hereinafter “Minakawa”) as applied to claim 1 and 7 above, and further in view of in view of GAULT et al. (US 20150052615 A1 hereinafter “Gault”).
Regarding claim 6, Underwood teaches businesses sensitive information including one's credit card number or one's social security number, but the combination of Underwood and Minakawa does not explicitly teach “the user request is a governmental information processing request comprising at least one of a registration request, a query request, an update request, an audit request, and a logout request, the business server is a governmental transaction server, and the business result data is governmental information”.
In a same field of endeavor, Gault discloses the method according to claim 1, wherein the user request is a governmental information processing request comprising at least one of a registration request, a query request, an update request, an audit request, and a logout request, the business server is a governmental transaction server, and the business result data is governmental information ([0022] the document identifier may be received along with the request to register the document for verification; for example, driving licenses and passports will already be identified by unique numbers, and these could if desired be retained for use as the document identifiers).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Underwood and Minakawa with the teachings of Gault to include a user request that is a governmental information processing request comprising at least one of a registration request, a query request, an update request, an audit request, and a logout request, the business server is a governmental transaction server, and the business result data is governmental information. One of ordinary skill in the art would have been motivated to make this modification because the document identifier could also be derived from the document content itself. For example, passports, many ID cards, etc., have machine-readable zones that could include alphanumeric characters or other information that could serve as, or as the basis for, the identifier. For example, if the contents of an electronic file are the document, then the file name could be used as a natural identifier, or the title of the document as written, etc. (para. 0034).

Regarding claim 11, Underwood teaches businesses sensitive information including one's credit card number or one's social security number, but the combination of Underwood and Minakawa does not explicitly teach “the user request is a governmental information processing request comprising at least one of a registration request, a query request, an update request, an audit request, and a logout request, the business server is a governmental transaction server, and the business result data is governmental information.”
In a same field of endeavor, Gault discloses the method according to claim 7, wherein the user request is a governmental information processing request comprising at least one of a registration request, a query request, an update request, an audit request, and a logout request, the business server is a governmental transaction server, and the business result data is governmental information ([0022] the document identifier may be received along with the request to register the document for verification; for example, driving licenses and passports will already be identified by unique numbers, and these could if desired be retained for use as the document identifiers).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Underwood and Minakawa with the teachings of Gault to include a user request that is a governmental information processing request comprising at least one of a registration request, a query request, an update request, an audit request, and a logout request, the business server is a governmental transaction server, and the business result data is governmental information. One of ordinary skill in the art would have been motivated to make this modification because the document identifier could also be derived from the document content itself. For example, passports, many ID cards, etc., have machine-readable zones that could include alphanumeric characters or other information that could serve as, or as the basis for, the identifier. For example, if the contents of an electronic file are the document, then the file name could be used as a natural identifier, or the title of the document as written, etc. (para. 0034).


Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Underwood (US 7100195 B1) in view of Minakawa et al. (US 20010054007 A1 hereinafter “Minakawa”) in view of KAMALSKY et al. (US 20190205870 A1 hereinafter “Kamalsky”) as applied to claim 8 above, and further in view of Qiu (US 20200177391 A1, Foreign Application Priority Data 06/28/2019).
Regarding claim 10, Underwood teaches “a first recordset and a second recordset” that considered as operation behavior and the associated data as stated above, but the combination of Underwood, Minakawa and Kamalsky does not teach “obtaining an on-chain transaction identifier of the user's operation behavior from the client, and obtaining operation behavior and associated data from a blockchain according to the on-chain transaction identifier; and according to the operation behavior and the associated data obtained from the blockchain, verifying operation behavior and associated data of the user request.”
In a same field of endeavor, Qiu discloses the method according to claim 9, before performing the intermediate service processing according to the user request, further comprising: 
obtaining an on-chain transaction identifier of the user's operation behavior from the client ([0024] the sending account respectively correspond to the following field values: an identifier [“on-chain transaction identifier”] of the first blockchain network and the first account), and
obtaining [[operation behavior and associated data]] from a blockchain according to the on-chain transaction identifier ([0024] obtaining, based on the identifier [“on-chain transaction identifier”] of the first blockchain network in the authenticatable message, second data [analogous to “operation behavior and the associated data”] related to the first blockchain network); and 
according to the operation behavior and the associated data obtained from the blockchain, verifying [[operation behavior and associated data]] of the user request ([0024] verifying the authenticatable message based on the first data, the second data [analogous to “operation behavior and the associated data”] related to the first blockchain network, and the first location information).  
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Underwood, Minakawa and Kamalsky with the teachings of Qiu to obtain an on-chain transaction identifier of the user's operation behavior, and obtain operation behavior and associated data from a blockchain according to the on-chain transaction identifier; and according to the operation behavior and the associated data obtained from the blockchain, verify operation behavior and associated data of the user request. One of ordinary skill in the art would have been motivated to make this modification because unique identifiers can be assigned to anything that needs to be distinguished from other entities. Thus, it can be determined that the identifier of the second blockchain network in the authenticatable message is an identifier of a blockchain network that is to receive the authenticatable based on a pre-determined protocol (para. 0079).


Claims 12 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Underwood (US 7100195 B1) in view of Arora et al. (US 20200382490 A1 hereinafter “Arora”).
Regarding claim 12, Underwood discloses a private data processing method, executable by a business server, comprising:
obtaining a target business processing request transmitted by an intermediate server, wherein the target business processing request is initiated by the intermediate server according to a user request provided by a client (col. 19 line 28-32, Initially, in operation 152, a request for a business object is identified by an application on the first server. The first server is connected to the second server in operation 153. In operation 154, selection criteria from the first server [“intermediate server”] is transmitted to the second server [“business server”]. In response to the selection criteria, the first server receives a first recordset and a second recordset from the second server in operation 155. Business data is included in the first recordset and result codes are included in the second recordset. The first and second recordsets are mapped to the business object in operation 156 and, in operation 157, the business object is sent to the application on the first server); 
processing the target business processing request to obtain business result data (col. 19 line 28-32, the first server receives a first recordset and a second recordset from the second server in operation 155. Business data is included in the first recordset and result codes are included in the second recordset. The first and second recordsets are mapped to the business object in operation 156 and, in operation 157, the business object is sent to the application on the first server); and 
adopting the account key to encrypt the business result data, and transmitting the encrypted business result data back to the client through the intermediate server (col. 19 line 28-32, in operation 157, the business object is sent to the application on the first server; col. 119 line 60-col. 120 line 12, Encryption services encrypt data prior to network transfer to prevent unauthorized interception. Encryption has two main components: the encryption algorithm, which is the series of steps that is performed to transform the original data; and the key, which is used by the algorithm in some way to encrypt the message. Typically, the algorithm is widely known, while the key is kept secret. There are several types of encryption in use today, including: Secret key cryptography—uses one key (the secret key) both to encrypt the message on one side and to decrypt the message on the other side. Public key cryptography—uses two keys, the public key and the private key. The public key and private key are mathematically related so that a message encrypted with the recipient's public key may be decrypted with the recipient's private key. Therefore, the public key can be widely published, while the private key is kept secret).  
Although Underwood teaches “the public key can be widely published, while the private key is kept secret” as stated above, it does not explicitly teach, “obtaining an account key of a user”.
In a same field of endeavor, Arora disclose the method, wherein obtaining an account key of a user ([0007] a certificate request from a computing device, wherein the certificate request includes at least a user public key of a cryptographic key pair).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Underwood with the teachings of Arora to obtain an account key of a user. One of ordinary skill in the art would have been motivated to make this modification because the sender and recipient may thus exchange digital certificates, which may be evaluated by each entity to determine if they want to go through with the transaction (para. 0023). Further. the digital certificate request may be validated by the processing server using the sender public key to confirm that the sender is the owner or an authorized user of the electronic wallet for which a digital certificate is requested (para. 0030).

Regarding claim 14, the combination of Underwood and Arora discloses the method according to claim 12, wherein obtaining the account key of the user comprises: 
analyzing the target business processing request to obtain the account key of the user, wherein the account key is carried in the user request ([Arora: 0007] a certificate request from a computing device, wherein the certificate request includes at least a user public key of a cryptographic key pair).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Underwood with the teachings of Arora to analyze the target business processing request to obtain the account key of the user, wherein the account key is carried in the user request. One of ordinary skill in the art would have been motivated to make this modification because the sender and recipient may thus exchange digital certificates, which may be evaluated by each entity to determine if they want to go through with the transaction (para. 0023). Further. the digital certificate request may be validated by the processing server using the sender public key to confirm that the sender is the owner or an authorized user of the electronic wallet for which a digital certificate is requested (para. 0030).


Claims 13 is rejected under 35 U.S.C. 103 as being unpatentable over Underwood (US 7100195 B1) in view of Arora et al. (US 20200382490 A1 hereinafter “Arora”) as applied to claim 12 above, and further in view of Chen et al. (US 20210073177 A1 hereinafter “Chen”).
Regarding claim 13, the combination of Underwood and Arora discloses the method according to claim 12, wherein the account key for encryption is a public key in an asymmetric key pair ([Arora: 0007] a certificate request from a computing device, wherein the certificate request includes at least a user public key of a cryptographic key pair).
However, the combination of Underwood and Arora may not disclose, but Chen, which is a same field of endeavor, discloses the method, wherein the asymmetric key pair is a blockchain account key pair registered by the user in a blockchain network ([0039] any user can register itself on the blockchain with a private key and public key pair (similar to bitcoin)).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Underwood and Arora with the teachings of Chen to include a asymmetric key pair that is a blockchain account key pair registered by the user in a blockchain network. One of ordinary skill in the art would have been motivated to make this modification because it is critical to know that data in the blockchain has not been tampered with by any of the compute nodes in the computer network (or any other node or party) (para. 0034).  


Claims 15 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Underwood (US 7100195 B1) in view of Arora et al. (US 20200382490 A1 hereinafter “Arora”) as applied to claim 12 above, and further in view of KAMALSKY et al. (US 20190205870 A1 hereinafter “Kamalsky”).
Regarding claim 15, the combination of Underwood and Arora discloses the method according to claim 12, wherein processing the target business processing request to obtain the corresponding business result data further comprises: 
according to operation behavior and associated data during a processing of the target business processing request ([Underwood col. 19 line 28-32] In operation 154, selection criteria from the first server is transmitted to the second server. In response to the selection criteria, the first server receives a first recordset and a second recordset [“operation behavior and associated data”] from the second server in operation 155. Business data is included in the first recordset and result codes are included in the second recordset. The first and second recordsets are mapped to the business object in operation 156 and, in operation 157, the business object is sent to the application on the first server). 
The combination of Underwood and Arora may not discloses, but Kamalsky, which is a same field of endeavor discloses the method, wherein generating an operation transaction request through a blockchain deployment protocol deployed in a blockchain node, transmitting the operation transaction request to a blockchain network for on-chain storage ([0051-0053] intermediary server 112 are required to release funds committed to the blockchain 140. intermediary server 112 can control the blocks 142 on stored value blockchain 140. A payment transaction block that pays funds to a seller entity can require a signature from the intermediary server 112. The intermediary server 112 maintains control over release of funds committed to the transaction data blockchain 140).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Underwood and Arora with the teachings of Kamalsky to generate an operation transaction request through a blockchain deployment protocol deployed in a blockchain node, transmit the operation transaction request to a blockchain network for on-chain storage. One of ordinary skill in the art would have been motivated to make this modification because blockchain, e.g. the ETHERIUM blockchain, may provide a traceable, recallable, and non-volatile system for managing stored value and stored value smart contract code on a secure blockchain. Smart contracts are programs with code that can be executed on a blockchain platform and allow logic to be introduced on top of a transaction (para. 0005).

Regarding claim 16, the combination of Underwood and Arora discloses the method according to claim 15, wherein according to the operation behavior and the associated data during the processing of the target business processing request ([Underwood col. 19 line 28-32] In operation 154, selection criteria from the first server is transmitted to the second server. In response to the selection criteria, the first server receives a first recordset and a second recordset [“operation behavior and associated data”] from the second server in operation 155. Business data is included in the first recordset and result codes are included in the second recordset. The first and second recordsets are mapped to the business object in operation 156 and, in operation 157, the business object is sent to the application on the first server), generating the operation transaction request through the blockchain deployment protocol deployed in the blockchain node, comprises ([Kamalsky: 0051-0053] intermediary server 112 are required to release funds committed to the blockchain 140. intermediary server 112 can control the blocks 142 on stored value blockchain 140. A payment transaction block that pays funds to a seller entity can require a signature from the intermediary server 112. The intermediary server 112 maintains control over release of funds committed to the transaction data blockchain 140):
calculating a hash value of the operation behavior and the associated data during the processing of the target business processing request; and generating the operation transaction request through the blockchain deployment protocol deployed in the blockchain node ([Kamalsky: 0092-0094] FIG. 6A is a data architecture diagram illustrating a simplified example of a blockchain ledger 600 based on the blocks 142A-E of the stored value blockchain 140 of FIG. 1. A Merkle tree 620 is used to cryptographically secure the transaction data. For example, Transaction Tx1 node 634A of data tree 620A of block 610A can be hashed to Hash1 node 632A, Transaction Tx2 node 638A may be hashed to Hash2 node 636A. Hash1 node 632A and Hash2 node 636A may be hashed to Hash12 node 630A. A similar subtree may be formed to generate Hash34 node 640A. Hash12 node 630A and Hash34 node 640A may be hashed to Transaction Root 614A hash sorted in the data block 610A), and adding the hash value to the operation transaction request  ([Kamalsky: 0053]  intermediary server 112 can control the blocks 142 [“adding the hash”] on stored value blockchain 140; [0092-0094] FIG. 6A is a data architecture diagram illustrating a simplified example of a blockchain ledger 600 based on the blocks 142A-E of the stored value blockchain 140 of FIG. 1. For example, Transaction Tx1 node 634A of data tree 620A of block 610A can be hashed to Hash1 node 632A, Transaction Tx2 node 638A may be hashed to Hash2 node 636A. Hash1 node 632A and Hash2 node 636A may be hashed to Hash12 node 630A).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Underwood and Arora with the teachings of Kamalsky to calculate a hash value of the operation behavior and the associated data; and generating the operation transaction request through the blockchain deployment protocol deployed in the blockchain node, and adding the hash value to the operation transaction request. One of ordinary skill in the art would have been motivated to make this modification because the integrity of the transactions may be checked by verifying the hash is correct by using a Merkle tree, or any similar data structure (para. 0005).


Claim 17 is rejected under 35 U.S.C. 103 as being unpatentable over Underwood (US 7100195 B1) in view of Arora et al. (US 20200382490 A1 hereinafter “Arora”) as applied to claim 12 above, and further in view of Qiu (US 20200177391 A1, Foreign Application Priority Data 06/28/2019).
Regarding claim 17, Underwood teaches “a first recordset and a second recordset” that considered as operation behavior and the associated data as stated above, but the combination does not teach “obtaining an on-chain transaction identifier of the user's operation behavior, and obtaining operation behavior and associated data from a blockchain according to the on-chain transaction identifier; and according to the operation behavior and the associated data obtained from the blockchain, verifying operation behavior and associated data of the user request”.
In a same field of endeavor, Qiu discloses the method according to claim 12, before processing the target business processing request, further comprising: 
obtaining an on-chain transaction identifier of the user's operation behavior ([0024] the sending account respectively correspond to the following field values: an identifier [“on-chain transaction identifier”] of the first blockchain network and the first account), and 
obtaining [[operation behavior and associated data]] from a blockchain according to the on-chain transaction identifier ([0024] obtaining, based on the identifier [“on-chain transaction identifier”] of the first blockchain network in the authenticatable message, second data [analogous to “operation behavior and the associated data”] related to the first blockchain network); and 
according to the operation behavior and the associated data obtained from the blockchain, verifying [[operation behavior and associated data]] of the user request ([0024] verifying the authenticatable message based on the first data, the second data [analogous to “operation behavior and the associated data”] related to the first blockchain network, and the first location information).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Underwood and Arora with the teachings of Qiu to obtain an on-chain transaction identifier of the user's operation behavior, and obtain operation behavior and associated data from a blockchain according to the on-chain transaction identifier; and according to the operation behavior and the associated data obtained from the blockchain, verify operation behavior and associated data of the user request. One of ordinary skill in the art would have been motivated to make this modification because unique identifiers can be assigned to anything that needs to be distinguished from other entities. Thus, it can be determined that the identifier of the second blockchain network in the authenticatable message is an identifier of a blockchain network that is to receive the authenticatable based on a pre-determined protocol (para. 0079).


Claim 18 is rejected under 35 U.S.C. 103 as being unpatentable over Underwood (US 7100195 B1) in view of Arora et al. (US 20200382490 A1 hereinafter “Arora”) as applied to claim 12 above, and further in view of in view of GAULT et al. (US 20150052615 A1 hereinafter “Gault”).
Regarding claim 18, Underwood teaches businesses sensitive information including one's credit card number or one's social security number, but the combination of Underwood and Arora does not explicitly teach “the user request is a governmental information processing request comprising at least one of a registration request, a query request, an update request, an audit request, and a logout request, the business server is a governmental transaction server, and the business result data is governmental information”.
In a same field of endeavor, Gault discloses the method according to claim 1, wherein the user request is a governmental information processing request comprising at least one of a registration request, a query request, an update request, an audit request, and a logout request, the business server is a governmental transaction server, and the business result data is governmental information ([0022] the document identifier may be received along with the request to register the document for verification; for example, driving licenses and passports will already be identified by unique numbers, and these could if desired be retained for use as the document identifiers).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Underwood and Arora with the teachings of Gault to include a user request that is a governmental information processing request comprising at least one of a registration request, a query request, an update request, an audit request, and a logout request, the business server is a governmental transaction server, and the business result data is governmental information. One of ordinary skill in the art would have been motivated to make this modification because the document identifier could also be derived from the document content itself. For example, passports, many ID cards, etc., have machine-readable zones that could include alphanumeric characters or other information that could serve as, or as the basis for, the identifier. For example, if the contents of an electronic file are the document, then the file name could be used as a natural identifier, or the title of the document as written, etc. (para. 0034).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANDREW SUH whose telephone number is (571)270-5524. The examiner can normally be reached 9:00 AM- 5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on (571) 272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/A.S./Examiner, Art Unit 2493                                                                                                                                                                                                        
/Jeremy S Duffield/Primary Examiner, Art Unit 2498