DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This written action is responding to the amendment dated on 02/28/2022.
Claims 1, 4, 6, 12, 15, 17, and 23 have been amended and all other claims are previously presented.
Claims 5, 8-11, 16, 19 and 20 have been canceled.
Claims 24-31 are added.
Claims 1-4, 6-7, 12, 14, 15, 17-18 and 23-31 are submitted for examination.
Claims 1-4, 6-7, 12, 14, 15, 17-18 and 23-31 are pending.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

Response to Arguments
Applicant’s amendment filed on February 28, 2022 has claims 1, 4, 6, 12, 15, 17, and 23 amended, claims 5, 8-11, 16, 19 and 20 are canceled, claims 24-31 has been added and all other claims are previously presented. Claims 1, 12 and 23 are independent ones, thus, the amendment necessitates a new ground of rejection.
Applicant’s remark, filed on February 28, 2022 at page 11, indicates, “With respect to the objection to Claims 8, 19, and 23. Applicant respectfully submits that amended Claim 23 is free of informalities; and the cancellation of Claims 8 and 19 renders the objection to these claims moot. Accordingly, it is respectfully requested that the objection to Claims 8, 19, and 23 be withdrawn.”
Applicant’s argument has been considered and is found persuasive. Therefore, the previous claim objection to Claims 8, 19 and 23 has been withdrawn.
Applicant’s remark, filed on February 28, 2022 at pages 11-12, indicates, “Applicant respectfully submits that Ben-Ami and Ben-Ari whether taken individually or in combination. fail to teach or suggest each of the features of Claim 1. Ben-Ami and Ben-Ari do not describe at least a publicly available database configured to store the unique identifier and a chain of access permissions recording granted permissions to access the user data in a form of one or more transactions from one previously granted organisation to another, much less the operations performed based on the stored chain of access permissions. Therefore. Ben-Ami and Ben-Ari do not describe or suggest at least the aforementioned features as recited in independent Claim 1, and independent Claim 1 is thus believed to be patentable over Ben-Ami and Ben-Ari together with all claims depending therefrom.”
Applicant’s argument has been considered and is found persuasive. Therefore, the previous prior-art rejection is withdrawn.  However, Applicant’s amendment necessitates a new ground of rejection, and therefore, a new ground of rejection has been applied to the pending claims 1-4, 6-7, 12, 14, 15, 17-18 and 23-31.
Accordingly, a new ground of rejection based on the newly identified prior-art by Gabriel et al. (US 2019/0228132) has been applied to the amendment. Specifically, Gabriel discloses a distributed systems that may comprise a hash chains (e. g., blockchains), which are data structures that record data in a fashion analogous to a chain. Each update to the chain creates a new block containing the data and each block is linked to the previous block by a cryptographic function. Blocks are generally appended to the end of the chain and, once in the chain, resist modification so that the crypto graphic links in the chain are preserved. Certain embodiments provide a computer-implemented method for managing data in a plurality of nodes of a distributed system. The method generally includes storing, by a node of the plurality of nodes, sensitive data in a block of a hash chain. The method further includes determining, by the node, that the sensitive data should not be distributed to other nodes of the plurality of nodes. The method further includes distributing, by the node, a limited version of the block to the other nodes. The limited version of the block may comprise a hash and a pointer to a previous block of the hash chain, and the limited version of the block may not contain the sensitive data. (See abstract and summary).  Gabriel further teaches, in parag. [0019], that permissions to access blocks containing sensitive data may be maintained in a distributed manner (i.e. chain of access permissions or rules in a distributed database/ledger).  Thus, the examiner submits that the newly applied reference by Gabriel teaches the amended limitation: “stores … a chain of access permissions recording granted permissions to access the user data in a form of one or more transactions from previously granted organisation to another”; “determine whether the chain of access permissions stored in the publicly available database is validated” and “the chain of access permissions stored in the publicly available database is validated.” Please refer to the prior-art rejection in details below.
Finally, Examiner respectfully submits that Ben-Ami and Ben-Ari discloses other limitations that are presented previously or amended (See rejection below). Thus, the new combination of Ben-Ami in view of Ben-Ari and Gabriel would render the claimed limitations of the newly amended independent claims obvious.
Regarding amended independent claims 12 and 23 has been considered and is addressed based on the same rationale presented for the amended claim 1. Please refer to the rejection to the claims in details below.
Regarding dependent claims 2-4, 6-7, 14, 15, 17-18 and 24-31 please refer to the aforementioned response, which addresses how the new combination of prior-art references by Ben-Ami in view of Ben-Ari and Gabriel would render the claimed limitations obvious along with Madhavan and Hotti.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 7, 12, 14, 18, 23-25 and 28-31 are rejected under 35 U.S.C. 103 as being unpatentable over Ben-Ami et al. (US 2011/0126012) hereinafter Ben-Ami in view of Ben-Ari (US 2018/0343114) (Cited on Applicant’s IDS); and in further view of Gabriel et al. (US 2019/0228132) hereinafter Gabriel.
As per claim 1, Ben-Ami teaches a device for authenticating an organisation requesting access to user data (Ben-Ami, Parag. [0010]; “requesting the data, by a data requestor; (c) in response to the request, sending the encrypted data to the data requestor; (d) authenticating the data requestor, by a crypto information server.”), comprising: 
[network interface circuitry configured to communicate over a network, and processing circuitry configured to]: 
receive, [via the network interface circuitry], encrypted user data from an information processing apparatus (Ben-Ami, Parag. [0010]; “requesting the data, by a data requestor; (c) in response to the request, sending the encrypted data to the data requestor; (d) authenticating the data requestor, by a crypto information server.”), the encrypted user data being generated by encrypting the user data (Ben-Ami, Parag. [0010]; “According to the present invention there is provided a method of distributing data, including the steps of (a) encrypting the data, using a data encryption key, thereby providing encrypted data”); 
generate a unique identifier to be associated with the encrypted user data and a decryption key used for decrypting the encrypted user data (Ben-Ami, Parag. [0014]; “the data encryption key is a symmetric key, to enable the data requestor to decrypt the encrypted data.” … Parag. [0017]; “generating the data encryption key and associating the data encryption key with a respective identifier.”); 
provide the encrypted user data and the unique identifier to a publicly available database for storage immutably therein or thereon, the publicly available database being configured to store the unique identifier and [a chain of access permissions recording granted permissions to access the user data in a form of one or more transactions from previously granted organisation to another] (Ben-Ami, Parag. [0019]; “the crypto information server stores the data encryption key and the identifier in a database.” … Parag. [0020]; “the data are encrypted by a data provider, and the encrypted data also are stored in an archive that is separate from the data provider. When the data requestor requests the data, the encrypted data are sent to the data requestor from the archive. In the preferred embodiments below, loggers 32 are the data providers.”); 
store the decryption key in association with the unique identifier (Ben-Ami, Parag. [0014]; “Preferably, the data encryption key is a symmetric key, to enable the data requestor to decrypt the encrypted data.”… Parag. [0017]; “the method includes generating the data encryption key and associating the data encryption key with a respective identifier.”… Parag. [0019]; “the crypto information server stores the data encryption key and the identifier in a database.”); 
receive, [via the network interface circuitry], a request to access the user data from a requesting organisation (Ben-Ami, Parag. [0010]: “requesting the data, by a data requestor.”);
in response to the request, determine whether the requesting organisation is an approved organization (Ben-Ami, Parag. [0010]: “requesting the data, by a data requestor”.  Parag. [0024]; “The crypto information server authenticates the data requestor.”), and 
[determine whether the chain of access permissions stored in the publicly available database is validated]; and
in a case that the requesting organisation is the approved organization (Ben-Ami, Parag. [0024]; “The crypto information server authenticates the data requestor.”) [and the chain of access permissions stored in the publicly available database is validated]: 
transmit, [via the network interface circuitry], the decryption key to the requesting organization (Ben-Ami, Parag. [0024]; “Contingent on that authentication, i.e., if the crypto information server determines that the data requestor is authorized to receive the data, the crypto information server sends the data encryption key to the data requestor.”) 
Ben-Ami does not expressly teach:
network interface circuitry configured to communicate over a network, and processing circuitry configured to …;
…, via the network interface circuitry …
store … a chain of access permissions recording granted permissions to access the user data in a form of one or more transactions from previously granted organisation to another;
determine whether the chain of access permissions stored in the publicly available database is validated;
in a case … the chain of access permissions stored in the publicly available database is validated
However, Ben-Ari teaches:
network interface circuitry configured to communicate over a network (Ben-Ari, Parag. [0068]; “Network adapters may also be coupled to the system to enable the data processing system to become coupled to other data processing systems or remote printers or storage devices through intervening private or public networks.”), and processing circuitry configured to (Ben-Ari, Parag. [0071]; “A processor may include any processing circuitry or control circuitry operative to control the operations and performance of an electronic device.”).
…, via the network interface circuitry (Ben-Ari, Parag. [0068]; “Network adapters may also be coupled to the system to enable the data processing system to become coupled to other data processing systems or remote printers or storage devices through intervening private or public networks.” … Parag. [0080]; “computer-executable instructions or data structures received over a network or data link can be buffered in RAM within a network interface module (e. g., a “NIC”)).
Ben-Ami and Ben-Ari are from similar field of technology. Prior to the instant application’s effective filling date, there was a need for provides a device and secure method for authenticating an organization requesting access to user data.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ben-Ari system into Ben-Ami system, with a motivation to provide system and method for executing cryptographically secure transactions in a network comprising a public ledger, comprising associating a first proposed transaction with a public keys smart contract to provide a secure transaction (Ben-Ari, Abstract).
The combination of Ben-Ami and Ben-Ari does not expressly teach:
store … a chain of access permissions recording granted permissions to access the user data in a form of one or more transactions from previously granted organisation to another; and
determine whether the chain of access permissions stored in the publicly available database is validated;
However, Gabriel teaches:
store … a chain of access permissions recording granted permissions to access the user data in a form of one or more transactions from previously granted organisation to another (Gabriel, Parag. [0018]; “In certain embodiments, a hash chain may be distributed across a plurality of nodes, each node comprising a copy of the hash chain. A block on the hash chain generally comprises a payload with data, as well as header information comprising a hash of the data and a pointer to the previous block on the chain. In some embodiments, the hash may serve as an identifier for the block.” … Parag. [0019]; “Permissions to access blocks containing sensitive data may be maintained in a distributed manner. For example, the node may send permission information for the block to all of the other nodes in the system. Permission information may specify the security requirements for accessing the block or the particular entities or types of entities that can access the block. Permission information may, for instance, specify geographic regions, particular users, particular companies, particular nodes, or the like. For example, permission information for the block may specify that access to the sensitive data is limited to entities located in a particular geographic region, such as Germany. Each node that stores the block with the sensitive data may enforce the permissions by determining whether a requesting entity meets the security requirements of the block based on the permission information. If a requesting entity, such as another node or an application, meets the security requirements of the block, then the node may return the sensitive data to the requesting entity. Otherwise, the node may deny the request.” … Parag. [0030]; “Furthermore, permission information may be distributed and maintained by node managers 126 and 136 in association with blocks 122a-n and 132a-n. For example, node manager 126 may generate and distribute permission information for block 122n based on the determination of which entities may store and/or access the item of data 124.”);
determine whether the chain of access permissions stored in the publicly available database is validated (Gabriel, Parag. [0019]; “Permission information may specify the security requirements for accessing the block or the particular entities or types of entities that can access the block. Permission information may, for instance, specify geographic regions, particular users, particular companies, particular nodes, or the like. For example, permission information for the block may specify that access to the sensitive data is limited to entities located in a particular geographic region, such as Germany. Each node that stores the block with the sensitive data may enforce the permissions by determining whether a requesting entity meets the security requirements of the block based on the permission information. If a requesting entity, such as another node or an application, meets the security requirements of the block, then the node may return the sensitive data to the requesting entity. Otherwise, the node may deny the request.” Parag. [0020]; “When a node contains a complete copy of the hash chain with all of the data in each block, validation generally involves traversing the chain starting with the tail (e. g., the most recently added block) and calculating the hash of the data in each block in order to confirm that the calculated hash matches the hash stored in the block header. Once the head of the chain (e. g., the first block added to the chain) is reached and validated, the entire chain has been validated, and the data stored thereon may be confirmed as valid.” Parag. [0025]; “… even when all nodes of a distributed hash chain comprise all complete blocks of the chain, permissions for the blocks may still be maintained at each node so that they may be applied to entities other than nodes which request data from the hash chain. For example, distributed permission information may specify that the data of a particular block may only be accessed by a certain user account. If a request for the data in the particular block is received by a node from a user other than the particular user, the request may be denied”);
in a case … the chain of access permissions stored in the publicly available database is validated (Gabriel, Parag. [0019]; “Permission information may specify the security requirements for accessing the block or the particular entities or types of entities that can access the block. Permission information may, for instance, specify geographic regions, particular users, particular companies, particular nodes, or the like. For example, permission information for the block may specify that access to the sensitive data is limited to entities located in a particular geographic region, such as Germany. Each node that stores the block with the sensitive data may enforce the permissions by determining whether a requesting entity meets the security requirements of the block based on the permission information. If a requesting entity, such as another node or an application, meets the security requirements of the block, then the node may return the sensitive data to the requesting entity. Parag. [0020]; “When a node contains a complete copy of the hash chain with all of the data in each block, validation generally involves traversing the chain starting with the tail (e. g., the most recently added block) and calculating the hash of the data in each block in order to confirm that the calculated hash matches the hash stored in the block header. Once the head of the chain (e. g., the first block added to the chain) is reached and validated, the entire chain has been validated, and the data stored thereon may be confirmed as valid.” Parag. [0025]; “… even when all nodes of a distributed hash chain comprise all complete blocks of the chain, permissions for the blocks may still be maintained at each node so that they may be applied to entities other than nodes which request data from the hash chain. For example, distributed permission information may specify that the data of a particular block may only be accessed by a certain user account. If a request for the data in the particular block is received by a node from a user other than the particular user, the request may be denied”).
Ben-Ami, Ben-Ari and Gabriel are from similar field of technology. Prior to the instant application’s effective filling date, there was a need for provides a device and secure method for authenticating an organization requesting access to user data.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Gabriel system into Ben-Ami-Ben-Ari system, with a motivation to provide managing data in a plurality of nodes of a distributed system. Include storing and give permissions, by a node of the plurality of nodes, to sensitive data in a block of a hash chain (Gabriel, Abstract).

As per claim 2, the combination of Ben-Ami, Ben-Ari and Gabriel teaches the device according to claim 1. Ben-Ari further teaches wherein the publicly available database is a block-chain (Ben-Ari, Parag. [0031-0032]; “The term “ledger” refers to a principal book or computer file for recording transactions. The term “blockchain” refers to a public ledger that records peer to peer digital transactions such as Bitcoin transactions.”).

As per claim 3, the combination of Ben-Ami, Ben-Ari and Gabriel teaches the device according to claim 1. Ben-Ami teaches wherein the request to access the user data includes the unique identifier stored in the publicly available database (Ben-Ami, Parag. [0018]; “More preferably, the identifier is sent to the data requestor along with the encrypted data; and the data requestor sends the identifier to the crypto information server to request the data encryption key. The authentication of the data requestor is in response to receipt of the identifier from the data requestor by the crypto information server.” … Parag. [0019]; “the crypto information server stores the data encryption key and the identifier in a database.” … Parag. [0020]; “the data are encrypted by a data provider, and the encrypted data also are stored in an archive that is separate from the data provider. When the data requestor requests the data, the encrypted data are sent to the data requestor from the archive.” … Parag. [0022]; “The identifier is sent to the data requestor along with the encrypted data.” Examiner submits that the data requestor sends the identifier to (request) obtain the encryption key in order to have access to the user data.).

As per claim 7, the combination of Ben-Ami, Ben-Ari and Gabriel teaches the device according to claim 1, Ben-Ari teaches wherein the processing circuitry is further configured (Ben-Ari, Parag. [0071]; “A processor may include any processing circuitry or control circuitry operative to control the operations and performance of an electronic device.”) to receive, via the network interface circuitry (Ben-Ari, Parag. [0068]; “Network adapters may also be coupled to the system to enable the data processing system to become coupled to other data processing systems or remote printers or storage devices through intervening private or public networks.” … Parag. [0080]; “computer-executable instructions or data structures received over a network or data link can be buffered in RAM within a network interface module (e. g., a “NIC”)), usage rules associated with the user data, the usage rules defining one or more criterion limiting use of the user data (Ben-Ari, Parag. [0011]; “one of the advantages of using blockchain smart contracts to store and share data is the ability to wrap data with permissions logic, thereby limiting who can modify the data.”).

As per claim 12, it is a method claim that recites similar limitations to those of claim 1, and therefore, it is rejected for the same rationale applied to claim 1.

As per claim 14, the rejection of claim 12 it is incorporated. In addition, it is a method claim that recites similar limitations to those of claim 3, and therefore it is rejected for the same rationale applied to claim 3.

As per claim 18, the rejection of claim 12 it is incorporated. In addition, it is a method claim that recites similar limitations to those of claim 7, and therefore it is rejected for the same rationale applied to claim 7.

As per claim 23, it is a non-transitory storage medium claim that recites limitation similar to those of claim 1.  Therefore, it is rejected for the same rationale applied to claim 1.  In addition, Ben-Ari teaches a non-transitory storage medium comprising computer readable instructions which, when loaded onto a computer, cause the computer to perform a method according to claim 12 (Ben-Ari, Parag. [0076]; “one or more of the processes described herein may be implemented at least in part as instructions embodied in a non-transitory computer readable medium and executable by one or more computing devices (e. g., any of the media content access devices described herein). In general, a processor (e. g., a microprocessor) receives instructions, from a non-transitory computer-readable medium, (e. g., a memory, etc.), and executes those instructions, thereby performing one or more processes, including one or more of the processes described herein.”).

As per claim 24, the rejection of claim 23 it is incorporated. In addition, it is a non-transitory storage medium claim that recites similar limitations to those of claim 2, and therefore it is rejected for the same rationale applied to claim 2.

As per claim 25, the rejection of claim 23 it is incorporated. In addition, it is a non-transitory storage medium claim that recites similar limitations to those of claim 3, and therefore it is rejected for the same rationale applied to claim 3.

As per Claim 28, the combination of Ben-Ami, Ben-Ari and Gabriel the non-transitory storage medium according to claim 23, wherein the computer readable instructions, when executed by the computer, further cause the computer to perform, in the case that the requesting organisation is the approved organisation (Ben-Ami, Parag. [0024]; “The crypto information server authenticates the data requestor.”) and the chain of access permissions stored in the publicly available database is validated (Gabriel, Parag. [0020]; “When a node contains a complete copy of the hash chain with all of the data in each block, validation generally involves traversing the chain starting with the tail (e. g., the most recently added block) and calculating the hash of the data in each block in order to confirm that the calculated hash matches the hash stored in the block header. Once the head of the chain (e. g., the first block added to the chain) is reached and validated, the entire chain has been validated, and the data stored thereon may be confirmed as valid.”), storing, in the publicly available database, a new transaction at an end of the chain of access permissions indicating the requesting organisation as a receiving organisation that receives a granted permission to access the user data (Gabriel, Parag. [0018]; “In certain embodiments, a hash chain may be distributed across a plurality of nodes, each node comprising a copy of the hash chain. A block on the hash chain generally comprises a payload with data, as well as header information comprising a hash of the data and a pointer to the previous block on the chain. In some embodiments, the hash may serve as an identifier for the block.” … Parag. [0019]; “Permissions to access blocks containing sensitive data may be maintained in a distributed manner. For example, the node may send permission information for the block to all of the other nodes in the system. Permission information may specify the security requirements for accessing the block or the particular entities or types of entities that can access the block. Permission information may, for instance, specify geographic regions, particular users, particular companies, particular nodes, or the like. For example, permission information for the block may specify that access to the sensitive data is limited to entities located in a particular geographic region, such as Germany. Each node that stores the block with the sensitive data may enforce the permissions by determining whether a requesting entity meets the security requirements of the block based on the permission information. If a requesting entity, such as another node or an application, meets the security requirements of the block, then the node may return the sensitive data to the requesting entity. Otherwise, the node may deny the request.” … Parag. [0030]; “Furthermore, permission information may be distributed and maintained by node managers 126 and 136 in association with blocks 122a-n and 132a-n. For example, node manager 126 may generate and distribute permission information for block 122n based on the determination of which entities may store and/or access the item of data 124.”).

As per claim 29, the rejection of claim 1 it is incorporated. In addition, it is a device claim that recites similar limitations to those of claim 28, and therefore it is rejected for the same rationale applied to claim 28.

As per claim 30, the rejection of claim 12 it is incorporated. In addition, it is a method claim that recites similar limitations to those of claim 2, and therefore it is rejected for the same rationale applied to claim 2.

As per claim 31, the rejection of claim 12 it is incorporated. In addition, it is a method claim that recites similar limitations to those of claim 28, and therefore it is rejected for the same rationale applied to claim 28.

Claims 4, 15 and 26 are rejected under 35 U.S.C. 103 as being unpatentable over Ben-Ami et al. (US 2011/0126012) hereinafter Ben-Ami in view of Ben-Ari (US 2018/0343114) and Gabriel et al. (US 2019/0228132) hereinafter Gabriel as applied to claim 1 above; and further in view of Madhavan et al. (US 2017/0295023) hereinafter Madhavan.
As per claim 4, the combination of Ben-Ami, Ben-Ari and Gabriel teaches the device according to claim 1. Ben-Ari further teaches wherein the processing circuitry is configured (Ben-Ari, Parag. [0071]; “A processor may include any processing circuitry or control circuitry operative to control the operations and performance of an electronic device.”) [to determine whether the requesting organisation is the approved organisation by: checking whether the requesting organisation is on a list of organisations].
The combination of Ben-Ami, Ben-Ari and Gabriel does not expressly teach:
to determine whether the requesting organisation is the approved organisation by: checking whether the requesting organisation is on a list of organisations.
However, Madhavan teaches to determine whether the requesting organisation is the approved organisation (Madhavan, Parag. [0042]; “In the case of the electronic cash ledger, additional parties such as banks and/or other financial institutions may be participants so as to validate or be notified of financial obligations undertaken by parties with respect to funds maintained on account for those parties by the banks.”) by: checking whether the requesting organisation is on a list of organisations (Madhavan, Parag. [0112]; “the data stored in the portion of the shared data structure 320 or electronic ledger 732, may further include data which identifies the at least one other participant to validate the request, or the data which identifies the at least one other participant may be stored in the memory 714 as part of a list of participants. The list of participants may be preapproved with particular roles, such as for example, a list of witnesses, or the like.” Examiner submits that Madhavan describes different type of participants, for example financial institutions (as shown in Parag. [0042].).
Ben-Ami, Ben-Ari, Gabriel and Madhavan are from similar field of technology. Prior to the instant application’s effective filling date, there was a need for provides a device and secure method for authenticating an organization requesting access to user data.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Madhavan system into Ben-Ami-Ben-Ari-Gabriel system, with a motivation to provide a system where the data indicative of the request to modify data stored in the portion of the shared data structure, or electronic ledger 732, further includes data which identifies the at least one other participant to validate the request (Madhavan, Parag. [0112]).

As per claim 15, the rejection of claim 12 it is incorporated. In addition, it is a method claim that recites similar limitations to those of claim 4, and therefore it is rejected for the same rationale applied to claim 4.

As per claim 26, the rejection of claim 23 it is incorporated. In addition, it is a non-transitory storage medium claim that recites similar limitations to those of claim 4, and therefore it is rejected for the same rationale applied to claim 4.

Claims 6, 17 and 27 are rejected under 35 U.S.C. 103 as being unpatentable over Ben-Ami et al. (US 2011/0126012) hereinafter Ben-Ami in view of Ben-Ari (US 2018/0343114) and Gabriel et al. (US 2019/0228132) hereinafter Gabriel, as applied to claim 1 above; and further in view of Hotti (US 2014/0013398).
As per claim 6, the combination of Ben-Ami, Ben-Ari and Gabriel teaches the device according to claim 1. Gabriel teaches
[wherein one of the one or more transactions stored] in the publicly available database records a permission granted to a receiving organization (Gabriel, Parag. [0019]; “Each node that stores the block with the sensitive data may enforce the permissions by determining whether a requesting entity meets the security requirements of the block based on the permission information. If a requesting entity, such as another node or an application, meets the security requirements of the block, then the node may return the sensitive data to the requesting entity. Otherwise, the node may deny the request.”) and includes: 
a granting organisation identifier which identifies another receiving organization of another permission stored in a previous transaction immediately before the one of the one or more transactions in the chain of access permissions; 
a receiving organisation identifier which identifies the receiving organization] and 
the unique identifier that identifies the encrypted user data (Ben-Ami, Parag. [0045]; “in response to the request of the data instance portion by the data requestor, sends the respective identifier of the requested data instance portion to the data requestor along with the requested data instance portion.”).
However, the combination of Ben-Ami, Ben-Ari and Gabriel does not expressly teach:
wherein one of the one or more transactions stored in the publicly available database records a permission granted to a receiving organization and includes: 
a granting organisation identifier which identifies another receiving organization of another permission stored in a previous transaction immediately before the one of the one or more transactions in the chain of access permissions; 
a receiving organisation identifier which identifies the receiving organisation 
But, Hotti teaches: 
wherein one of the one or more transactions stored (Hotti, Parag. [0022]; “The server computer 100 comprising a data storage 101 is a source or destination of business transactions, e.g. documents, e.g. invoices, purchase requests, purchase orders or contracts.”) in the publicly available database records a permission granted to a receiving organization and includes: 
a granting organisation identifier which identifies another receiving organization of another permission stored in a previous transaction immediately before the one of the one or more transactions in the chain of access permissions; 
a receiving organisation identifier which identifies the receiving organisation (Hotti, Parag. [0026], “A permission object 204 may thus be created between a user and a document when another user has accessed or has permission to access the document utilizing trust of the user. Yet another basis for user to have access permission to a document may be e.g. a rule that has been defined in the established trust relationship. For example, the rule may specify that the user, to whom the trust has been granted, has access permission to the same documents to which the grantor of the trust has access permission”. … Parag. [0034]; “Typically an access data item comprises identifiers for a user and a document. The data that comes from the access data source 231 (120 in FIG. 1a) is specific to the application service and needs to be mapped to the data of the master data management system 110. For example, the user IDs (“local user IDs”) of the obtained access data are typically specific to the access data source. Therefore, the “local user ID” must be mapped with the corresponding user ID (“global user ID”) of the user 203 of the master data management system. Similarly, the document identifier of the back-end system (120 in FIG. 1a) may be different than what is used for the document 205 in the master data management system. The identifiers of the local systems must be mapped with the identifiers of the master data management system by the mapper component 230 before the permission object 204 between the user 203 and document 205 is established. The mapping information is advantageously managed by the master data management system 110.”  … Parag. [0038], “In the shown example, user "USER11" 303 represents the organization "ORG 1" 301 via a trust relationship 323 in a context”.  … Parag. [0039], “there is also another organization "ORG 2" 302 who is represented in the master data management system by "USER20" 305 via a trust relationship object 320 that allows user 305 to represent the organization 302 in a context”. Examiner submits that the user identifiers corresponding to the organizations are represented as having trusted relationship for granting and accessing the document. See Parags. [0035-0040].). 
Ben-Ami, Ben-Ari, Gabriel and Hotti are from similar field of technology. Prior to the instant application’s effective filling date, there was a need for provides a device and secure method for authenticating an organization requesting access to user data.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Hotti system into Ben-Ami-Ben-Ari-Gabriel system, with a motivation to provide method for controlling user's access to transaction data in the context of a service in a multitenant data management system comprising data of a first organization, a second organization providing at least one service, at least one user representing the second organization, and a transaction associable by its content with the first organization. (Hotti, Parag. [0006]).

As per claim 17, the rejection of claim 16 it is incorporated. In addition, it is a method claim that recites similar limitations to those of claim 6, and therefore it is rejected for the same rationale applied to claim 6.

As per claim 27, the rejection of claim 23 it is incorporated. In addition, it is a non-transitory storage medium claim that recites similar limitations to those of claim 6, and therefore it is rejected for the same rationale applied to claim 6.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Wack et al. (US 2018/0268386) relates to a method of providing a cryptographic platform for exchanging information includes identifying a first information transaction stored within a blockchain sequence that provides a mathematically verifiable record of information transactions. The first information transaction includes a first information transaction identifier, associated with the first party such that the first information transaction identifier provides identification of the information transferred to the first party and stored within the blockchain, and a first information payload. The first information transaction is identified based on the first information transaction identifier, to provide a first information identifier that includes a hash of the first information payload.
Magerkurth et al. (US 2021/0264052) relates to methods and systems for managing and/or processing a blockchain to maintain data security for confidential and/or personal data are provided. According to certain aspects, the disclosed data security techniques may enable access sharing functionality utilizing the blockchain. For example, access sharing may be utilized to share access to audit data. The policy information may be associated with a smart contract. Accordingly, the audit data may be encrypted using a public key for the smart contract and compiled into a block of the blockchain. In response to a request to provide access to the audit data to a particular node, the private key for the smart contract may be encrypted using the public key for the particular node and compiled into a block of the blockchain.

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALEX D CARRASQUILLO whose telephone number is (571)270-5045. The examiner can normally be reached Monday - Friday 9:00 am - 6:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/A.D.C./Examiner, Art Unit 2498           

/YIN CHEN SHAW/Supervisory Patent Examiner, Art Unit 2498