Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
Claims 1 – 9 are presently pending in the application and have been examined below, of which claims 1 and 5 are presented in independent form.

Information Disclosure Statement
The information disclosure statement (IDS) dated 11/25/2020 has been received and considered.

Priority
Acknowledgment is made of applicant’s claim for foreign priority under 35 U.S.C. 119 (a)-(d). 

Drawings
	The drawings were received on 11/25/2020. These drawings are accepted.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 2, 6, and 7 are rejected under 35 U.S.C. 112 (b) or 35 U.S.C. 112 (pre-AIA ) second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claims 2, 6, and 7 recite the limitation “decentralized authorization” which lacks proper antecedent basis. For examination purposes the limitation “decentralized authorization” is interpreted as an authorization process that allows communication between access control unit and an access application as disclosed in Para. [0028].

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(d):
(d) REFERENCE IN DEPENDENT FORMS.—Subject to subsection (e), a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.

The following is a quotation of pre-AIA  35 U.S.C. 112, fourth paragraph:
Subject to the following paragraph [i.e., the fifth paragraph of pre-AIA  35 U.S.C. 112], a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.


Claims 4 and 9 rejected under 35 U.S.C. 112(d) or pre-AIA  35 U.S.C. 112, 4th paragraph, as being of improper dependent form for failing to further limit the subject matter of the claim upon which it depends, or for failing to include all the limitations of the claim 1 and 5, respectively, upon which they depend.   Applicant may cancel the claim(s), amend the claim(s) to place the claim(s) in proper dependent form, rewrite the claim(s) in independent form, or present a sufficient showing that the dependent claim(s) complies with the statutory requirements.
 
Claim Rejections - 35 USC § 102

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that
form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented,
described in a printed publication, or in public use, on sale or otherwise available to the public
before the effective filing date of the claimed invention.

Claims 1, 2, and 4 – 9 are rejected under 35 U.S.C. 102(a) (2) as being anticipated by Kurian et al. (US 2017/0244721) (hereafter Kurian).

Regarding claim 1 Kurian teaches: An access method implemented by an access application in a communications network including an access network and a network external to the access network (Kurian, in Para. [0027] discloses “Embodiments of the invention allow a financial institution to manage the access, generation, editing, retrieval, and validation rights of one or more users of the block chain distributed network, based on security levels of each user.”), the access application being registered in a blockchain and implemented by a device between the access network and the external network, the method comprising (Examiner note: communication with external network is met by communication to a third party systems, as depicted in Figs. 1, 5 of Kurian) (Kurian, in Para. [0018] discloses “FIG. 5 provides a block diagram illustrating the block chain network systems of FIG. 1” Kurian, in Para. [0028] discloses “Embodiments of the invention allow a financial institution or a group of financial institutions and/or third party systems to establish a plurality of separate, dedicated block chains comprising varied levels of security and/or functionality”):
receiving a request to access the external network, the request including at least one identifier of a terminal attached to the access network and desired connection parameters; publishing, in the blockchain, a request to verify a right for the access (Kurian, in Para. [0088] discloses “The process 900 may begin with block 902, where the system receives an authorization request from a user to conduct an action associated with a block chain distributed network. The requested action may be any action associated with the creation, editing, maintenance, and review of a block chain network.”);
receiving a response to the verification request, the response being determined based on a profile defined for this terminal by an access control application registered in the blockchain, (Kurian, in Para. [0096] discloses “A rights management protocol of the system may be utilized to take one or more actions in response to the received authorization request and the user's determined security level.”), 
the response including an instruction to deny or an instruction to authorize the access with authorized connection parameters; and (Kurian, in Para. [0096] further discloses “The rights management protocol may determine whether the user is authorized to conduct the desired action based on the security level, and can adjust or change the security level of the user based on additional input.”) processing the access request according to the instructions (Examiner note: request processing according the instructions is met by conducting actions according the predefined security level in the system) (Kurian, in Para. [0097] discloses “the process 900 may include block 906, where the system authorizes the user to conduct the action when the action is allowed under the determined security level associated with the user. By authorizing the user, the system allows the user to conduct only the authorized action(s) within the block chain network”).

Regarding claim 2 Kurian teaches: The access method of claim 1, further comprising providing a decentralized authorization application, this application being intended to be invoked by the access control application to provide the response (Examiner note: the decentralized authorization is disclosed in Para. [0028] as an authorization allowing dialog between access control unit and an application operator, i.e. external user; this limitation is met by the access authorization procedure comprising dialogs between the central and another, i.e. external or third party, systems) (Kurian, in Para. [0034] discloses “the application download server is configured to be controlled and managed by one or more third-party data providers (not shown in FIG. 1) over the network 150” Kurian, in Para. [0032] discloses “A user, in order to access the first user's account(s), online banking application and/or mobile banking application on the financial institution system(s) 400 must authenticate with the financial institution system(s) 400 and/or another system.”).

Regarding claim 4 Kurian teaches: A non-transitory computer readable medium having stored thereon instructions, which when executed by a processor, cause the processor to implement the access method of claim 1 (Examiner note: the limitations referred to claim 1 are rejected under rejection section above regarding claim 1) (Kurian, in Para. [0037] discloses “The processor 210 may include functionality to operate one or more software programs, which may be stored in the memory 220. For example, the processor 210 may be capable of operating a connectivity program, such as a web browser application 222.”).

Regarding claim 5 Kurian teaches: An access control method implemented by an application for controlling access to a communications network external to an access network, this application being registered in a blockchain, this method including: -19-detecting a request to verify a right for access of a terminal to the external network (Kurian, in Para. [0027] discloses “Embodiments of the invention allow a financial institution to manage the access, generation, editing, retrieval, and validation rights of one or more users of the block chain distributed network, based on security levels of each user.”),
the terminal being attached to the access network, the request including at least one identifier of the terminal and desired connection parameters (Kurian, in Para. [0088] discloses “The process 900 may begin with block 902, where the system receives an authorization request from a user to conduct an action associated with a block chain distributed network. The requested action may be any action associated with the creation, editing, maintenance, and review of a block chain network.”);
the request being published in the blockchain by an application for accessing the network, implemented by a device between the access network and the external network (Kurian, in Para. [0088] discloses “The process 900 may begin with block 902, where the system receives an authorization request from a user to conduct an action associated with a block chain distributed network. The requested action may be any action associated with the creation, editing, maintenance, and review of a block chain network.”); 
determining a response to the request based on a profile defined by the access control application for the terminal, the response including an instruction to deny or an instruction to authorize the access with authorized connection parameters (Kurian, in Para. [0096] further discloses “The rights management protocol may determine whether the user is authorized to conduct the desired action based on the security level, and can adjust or change the security level of the user based on additional input.”); and providing the response to the access application (Examiner note: request processing according the instructions is met by conducting actions according the predefined security level in the system) (Kurian, in Para. [0097] discloses “the process 900 may include block 906, where the system authorizes the user to conduct the action when the action is allowed under the determined security level associated with the user. By authorizing the user, the system allows the user to conduct only the authorized action(s) within the block chain network”).

Regarding claim 6 Kurian teaches: The access control method of claim 5, wherein providing a response includes an invocation of a decentralized authorization application (Examiner note: as noted above, the decentralized authorization is disclosed in Para. [0028] as an authorization allowing dialog between access control unit and an application operator, i.e. external user; this limitation is met by the access authorization procedure comprising dialogs between the central and another, i.e. external, systems) (Kurian, in Para. [0032] discloses “A user, in order to access the first user's account(s), online banking application and/or mobile banking application on the financial institution system(s) 400 must authenticate with the financial institution system(s) 400 and/or another system.”).

Regarding claim 7 Kurian teaches: The access control method of claim 6, wherein the decentralized authorization application is configured to allow a transaction between an operator of the access control application and an operator of the access application (Examiner note: transaction between access control application and access application is met by the interaction between server and the third-party provider of data and/or application) (Kurian, in Para. [0034] discloses “the application download server is configured to be controlled and managed by one or more third-party data providers (not shown in FIG. 1) over the network 150”).

Regarding claim 8 Kurian teaches: The access control method of claim 6, wherein the profile of the terminal is obtained by instantiation of a profile model defined by an operator of the access application (Examiner note: the other operator of the access application is met by the third-party data/application provider, e.g. mobile device; profile information is met by an activity information) (Kurian, in Para. [0035] discloses “the block chain systems 500 are configured to be controlled and managed by one or more third-party data providers (not shown), financial institutions or other entities over the network 150.” Kurian, in Para. [0039] discloses “the mobile device may 200 wirelessly communicate encrypted activity information to a terminal of the network 150 or the block chain systems 500.”).

Regarding claim 9 Kurian teaches: A non-transitory computer readable medium having stored thereon instructions, which when executed by a processor, cause the processor to implement the access control method of claim 5 (Examiner note: the limitations referred to claim 5 are rejected under rejection section above regarding claim 5) (Kurian, in Para. [0037] discloses “The processor 210 may include functionality to operate one or more software programs, which may be stored in the memory 220. For example, the processor 210 may be capable of operating a connectivity program, such as a web browser application 222.”).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claim 3 is rejected under 35 U.S.C. 103 as being unpatentable over Kurian et al. (US 2017/0244721) (hereafter Kurian) and in view of Hennig et al. (US 2020/0401718) (hereafter Hennig).

Regarding claim 3 Kurian teaches: The access method of claim 1 wherein the access request includes a challenge signed by a private key of the terminal, the access application being configured to: (Kurian, in Para. [0032] discloses “logging into the financial institution system(s) 400 generally requires that the first user 110 authenticate his/her identity using a user name, a passcode, a cookie, a biometric identifier, a private key, a token, and/or another authentication mechanism that is provided by the first user 110 to the financial institution system(s) 400 via the mobile device 200.);
Kurian fails to explicitly teach: communicate the challenge in the access right verification request so that it is verified by the access control application or verify the challenge with a public key of the terminal upon a determination that the key is comprised in the access request, wherein the publishing the right verification request only occurs in response to a positive verification of the challenge.
Hennig from the analogous technical field teaches: communicate the challenge in the access right verification request (Hennig, in Para. [0202] discloses “If the user computer system 104 is to access the distributed stored file 101 at a later point in time, it may receive the reference data from the web server computer system 108 while running the web application 107 and decrypt the encrypted reference data with the symmetric key using the private key 138.”)
so that it is verified by the access control application or verify the challenge with a public key of the terminal upon a determination that the key is comprised in the access request (Hennig, in Para. [0115] discloses “providing a signature verification key associated with the signing key to each of the storage services, wherein the signature verification key is adapted to verify signatures generated with the signing key” Hennig, in Para. [0163] discloses “A signature generated with a private key may be verified with the corresponding public key.”)
 wherein the publishing the right verification request only occurs in response to a positive verification of the challenge (Hennig, in Para. [0162] discloses “By making a certificate available to the public in association with a public key, a CSP enables users of asymmetric cryptosystems to assign the public key to an identity”).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Kurian, in view of the teaching of Hennig which discloses verification procedure to access a network based on application of public/private keys technology in order to improve security of the network access control (Hennig, [0115, 0162, 0163, 0202]).  

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to VLADIMIR IVANOVICH GAVRILENKO whose telephone number is (313)446-6530.  The examiner can normally be reached on Monday-Friday 7:30-4:30 EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on (571) 272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/Vladimir I. Gavrilenko/Examiner, Art Unit 2431      
/TRANG T DOAN/Primary Examiner, Art Unit 2431