Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on July 21, 2022 has been entered.

Response to Amendment
Applicant’s amendment filed on September 13, 2021 amends claims 1-17.  Claims 1-17 are pending.

Response to Arguments
Applicant’s arguments, filed on July 21, 2022, regarding the newly presented claim limitations have been fully considered but are moot as shown in the rejections that follow.  The newly presented claim limitations in the independent claims are taught by newly presented reference, Ford et al. (US 2021/0089676) in combination with the previously cited reference, Ebrahimi, in light of the new grounds of rejection.  Newly presented reference, Geagan (US 2017/0338955), is used to teach claims 5 and 14 in light of the new grounds of rejection.

Claim Objections
Claim 13 is objected to because of the following informalities:
Claim 13 is objected to because of 37 C.F.R. 1.121 (c) which states the following:
Amendments to a claim must be made by rewriting the entire claim with all changes (e.g., additions and deletions) as indicated in this subsection, except when the claim is being canceled.  Each amendment document that includes a change to an existing claim, cancellation of an existing claim or addition of a new claim, must include a complete listing of all claims ever presented, including the text of all pending and withdrawn claims, in the application. The claim listing, including the text of the claims, in the amendment document will serve to replace all prior versions of the claims, in the application. In the claim listing, the status of every claim must be indicated after its claim number by using one of the following identifiers in a parenthetical expression: (Original), (Currently amended), (Canceled), (Withdrawn), (Previously presented), (New), and (Not entered).
In the Listing of Claims, claim 13 is marked with underlined text to indicate added subject matter.  While the status identifier in the Listing of Claims indicates that claim 13 is original, the Examiner will treat the claim as being currently amended.

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
Claims 1-3, 5-6, 8-12, and 14-15, and 17 are rejected under 35 U.S.C. 112(a), first paragraph, as failing to comply with the written description requirement.  Each of these claims contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.
Applicant is requested to provide evidence from the specification to support any amended claim.  
Regarding each of independent claims 1 and 10, Applicant has not pointed out where the amended claim is supported, nor does there appear to be a written description of the claim limitation: “said threshold number of matching replies being t+1 decryption shares from a (t,n) vector-based threshold encryption (VTE) scheme implemented on the plurality of BFT servers;”.
Regarding claims 2, 5-6, 9, 11, 14-15, Applicant has not pointed out where the amended claim is supported, nor does there appear to be a written description of the term “local ordering” as recited in the foregoing claims.
Regarding claims 2, 6, 8, 10, 12, 15, and 17, Applicant has not pointed out where the amended claim is supported, nor does there appear to be a written description of the term “embedded vector based threshold encryption access control (EVAC)” as recited in the foregoing claims.
Regarding claim 3, Applicant has not pointed out where the amended claim is supported, nor does there appear to be a written description of the claim limitation:  “generating a decryption share by utilizing said VTE scheme, the generation of the decryption share utilizing at least a private key of the BFT server, the private key being generated by a probabilistic key generation algorithm that utilizes at least the total number of servers (n) and a threshold (t) as inputs, sending to the client the sequence number previously assigned to the transaction.”
Regarding claim 12, Applicant has not pointed out where the amended claim is supported, nor does there appear to be a written description of the claim limitation:  
“generating by each BFT server a decryption share by utilizing said VTE scheme, the generation of the decryption share utilizing at least a private key of the BFT server, the private key being generated by a probabilistic key generation algorithm that utilizes at least the total number of servers (n) and a threshold (t) as inputs; sending by each BFT server said respective generated decryption share to the client if the client is allowed to have access to a transaction specified in the read request.”
Appropriate amendments are required for the foregoing rejections.

The following is a quotation of 35 U.S.C. 112(b):

(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

Claims 1-3, 5-6, 9-12, and 14-15 are rejected under 35 U.S.C. 112(b), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Regarding claim 1, it is unclear what is meant by “receiving a threshold number of matching replies being t+1 decryption shares from a (t,n) vector-based threshold encryption (VTE) scheme”.  Further, it is unclear what is meant by a (t,n) vector-based threshold encryption (VTE) scheme.
Regarding claim 10, it is unclear what is meant by “receiving by the client a threshold number of matching replies from two or more BFT servers of said plurality of BFT servers, said threshold number of matching replies being t+1 decryption shares from a VTE scheme”.
Regarding claims 2, 5-6, 9, 11, 14-15, the term “local ordering” is a relative or subjective term which renders the claim indefinite.  The term “local ordering” is not defined by the claim, the specification does not provide a standard for ascertaining the requisite degree, and one of ordinary skill in the art would not be reasonably apprised of the scope of the invention.
Regarding claim 3, it is unclear what the following limitation means, “sending said decryption share to the client if the client is allowed to have access to a transaction specified in the read request”, when the decryption share had already been received from two or more BFT servers of the plurality of BFT servers, in response to the read request sent by the client, as recited in the first and second clauses of the claim.  Since the Examiner is unable to determine what claim 3 is directed to, an examination under prior art cannot be performed at this time.
Regarding claim 12, it is unclear how a determination is made to authorize a particular read request from a client by way of checking embedded vector based threshold encryption access control (EVAC) policies associated with the transaction against the attribute.  Since the Examiner is unable to determine what claim 12 is directed to, an examination under prior art cannot be performed at this time.
Appropriate amendments are required for the foregoing rejections.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.



Claims 1 and 10 are rejected under 35 U.S.C. 103 as being unpatentable over Ebrahimi et al. (US 2017/0257358) in view of Ford et al. (US 2021/0089676).
Regarding claim 1, Ebrahimi teaches a selective electronic distribution system, the system comprising: a client from a plurality of clients configured to perform the steps of:  registering with [a plurality of Byzantine Fault Tolerance (BFT) servers,] (see Ebrahimi at Figs. 1A-1C, 2, and 3 which illustratively disclose a blockchain such as a simplified bitcoin blockchain as well as client devices communicating over a network, such as the Internet, and communicatively coupled to a web server; also, see Ebrahimi at [0158-0159] in conjunction with Fig. 13 depicting a register & login between a user of a blockchain with his certifier 1310 with respect to blockchain 980.  Ebrahimi at Figure 3 illustratively describes a communication network where a client device communicates to the web server.  Examiner maps authenticating entity to the recited server.  Examiner maps device to the recited client.  Also, see Ebrahimi at [0116] which discloses the authenticating entity 810 configured to implement the identity management technology used to perform registration, validation, and/or certification of raw data, to facilitate the implementation of biometric authentication (e.g., through the verification of the biometric data, and certification of biometric data).  Ebrahimi at [0046] further discloses that the systems and methods described herein may be executed with any number of computer systems and that server operations may also be performed and communicated between client devices, to facilitate transactions with the blockchain database, server storage, and the like.  Examiner notes that the computer systems and server operations may be implemented using a plurality of servers.) said registration including sharing an attribute and a corresponding proof of validity of the attribute, (see Ebrahimi at [0007-0009] which discloses registering a user ID with the identity manager, that the method includes verifying the confirmation login request to the login challenge using the session ID from the confirmation login request and that the method also includes verifying the user using the user ID and seal.  Examiner notes that the user ID may correspond to the recited attribute and the seal may correspond to the proof of validity of the attribute.  Furthermore, Ebrahimi also states that user data sent by the user from device 11 may include newly presented original biometric data and a validating seal associated with the original biometric data.  Therefore, the user ID may comprise biometric data.)
Regarding claim 1, Ebrahimi does not expressly disclose a plurality of Byzantine Fault Tolerance (BFT) servers and receiving a threshold number of matching replies from two or more BFT servers of said plurality of BFT servers; said threshold number of matching replies being t+1 decryption shares from a (t,n) vector-based threshold encryption (VTE) scheme implemented on the plurality of BFT servers; each BFT server of the plurality of BFT servers configured to perform the steps of: receiving the attribute and subsequently verifying the attribute, with two or more additional BFT servers of the plurality of BFT servers, sending a VTE scheme response to the client, said response signaling the success of registration which in a related art, Ford teaches (see Ford at [0001] which discloses that the present invention generally relates to the field of secure digital data exchange, and more particularly to systems and methods for secure, decentralized, dynamic and/or accountable access control using blockchain technology.  Ford at [0003] further discloses that blockchains are secure by design and are an example of a distributed computing system with high Byzantine fault tolerance; Examiner notes that Ford at [0003] teaches a plurality of BFT servers.  Also, see Ford at [0020] which discloses that in one embodiment, the invention provides a computer-implemented method for secure data exchange between a sender and a recipient and that the method may further comprise creating a write transaction Tw, wherein the write transaction Tw comprises information usable to derive the symmetric key k and/or an access policy identifying the recipient as being allowed to decrypt the encrypted data and that the method may further comprise providing the recipient access to the encrypted data.  Ford at [0020] discloses that the method may further comprise sending the write transaction Tw to a first group of servers for being stored in a blockchain data structure maintained by the first group of servers.  Ford at [0021] further discloses that the method may further comprise receiving a write transaction from a blockchain data structure maintained by a first group of servers.  Furthermore, see Ford at [0104-0114] disclosing a decryption request and decryption of shares, at [0155] disclosing decryption share creation, at [0230]-0234] disclosing auditable decryption, at [0237-0242] disclosing atomic decryption, at [0292-0296] disclosing a full encryption/decryption protocol for LTS.  Examiner notes that the secure data exchange between a sender and a recipient including receiving a write transaction from a blockchain data structure maintained by a first group of servers, as well as providing the recipient access to the encrypted data corresponds to receiving a threshold number of matching replies from two or more BFT servers of said plurality of BFT servers.  Ford at [0021] discloses that the method may further comprise verifying the integrity of the write transaction Tw and that if verifying the integrity of the write transaction Tw is successful, the method may further comprise sending a read transaction TR to the first group of servers for being stored in the blockchain data structure maintained by the first group of servers; Examiner notes that verifying the integrity of the write transaction is successful corresponds to sending a VTE scheme response to the client, which signals the success of registration.  Examiner maps the write transaction from a blockchain data structure maintained by a first group of servers to the VTE scheme response to the client.  Examiner previously mapped a user ID to the recited attribute.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Ebrahimi to include a plurality of Byzantine Fault Tolerance (BFT) servers and receiving a threshold number of matching replies from two or more BFT servers of said plurality of BFT servers; said threshold number of matching replies being t+1 decryption shares from a (t,n) vector-based threshold encryption (VTE) scheme implemented on the plurality of BFT servers; each BFT server of the plurality of BFT servers configured to perform the steps of: receiving the attribute and subsequently verifying the attribute, with two or more additional BFT servers of the plurality of BFT servers, sending a VTE scheme response to the client, said response signaling the success of registration, as taught by Ford.  
One would have been motivated to make such a modification to implement a decentralized data sharing system and corresponding methods which support transparent, dynamic and/or accountable access control on privacy sensitive shared data within blockchain systems, as suggested by Ford at [0010].
The modified Ebrahimi further teaches assigning a sequence number to said registration by running an underlying BFT protocol, and storing the registration in sequence number order, wherein the VTE scheme response is generated utilizing at least a vector label, the vector label including a variable number of labels, each label being of variable length, wherein the vector label includes at least a client identity label and an attribute label, and wherein the registration includes attribute-based access controls based on said client identity label and attribute label (see Ebrahim [0157-0163] in conjunction with Fig. 13, which discloses the certification process between a user and certifier via the blockchain network.  Ebrahim at Fig. 13 depicts certification with user personally identifiable information (PII) and certified attributes, accessible by the user as well as by the certifier.  Examiner notes that the user personally identifiable information (PII) and certified attributes correspond a vector label that includes a client identity label and attribute label.  Moreover, see Ford at [0076] which discloses various processing sequences performed by the sender A, the recipient B, the AC and the SC will be described in relation to certain embodiments of the invention and as illustrated in FIG. 2 and that the sequences may be performed independently from each other.  Also, see Ford at [0293] which discloses that a label may be used as an identifier of a blockchain where the label L is an element {0,1}t.  Examiner notes that the use of a label identifier of a blockchain where the label L is an element {0,1}t corresponds to a vector label including a variable number of labels, each label being of variable length, wherein the vector label includes a client identity label and attribute label.)
Independent claim 10 is directed toward a method that performs the steps recited in system claim 1.  The cited portions of the cited prior art used in the rejection of claim 1 teach the steps recited in the method of claim 10.  Therefore, claim 10 is rejected under the same rationale as stated for claim 1 above.
 
Claims 2, 9, and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Ebrahimi et al. (US 2017/0257358) in view of Ford et al. (US 2021/0089676) and further in view of Pattanaik et al. (US 2017/0366516).
As for claim 2, the modified Ebrahimi teaches the system according to claim 1 further comprising the client configured to perform the steps of: encrypting a transaction, using a vector-label-input VTE algorithm, said transaction having at least two transaction attributes, wherein at least one of said transaction attributes is an input having embedded vector based threshold encryption access control (EVAC) policies; sending said transaction to the plurality of BFT servers, and receiving from two or more BFT servers of the plurality of servers a result, said result including ordered client transaction information; (see Ebrahimi at [0042] disclosing that embodiments of the present invention provide for being able to authenticate the user whenever the user does any kind of transaction and at [0044] disclosing that to certify a user ID, the raw data (e.g., user ID) is encrypted.  Also, see Ebrahim [0157-0163] in conjunction with Fig. 13, which discloses the certification process between a user and certifier via the blockchain network.  Ebrahim at Fig. 13 depicts certification with user personally identifiable information (PII) and certified attributes, accessible by the user as well as by the certifier.  Examiner notes that the user personally identifiable information (PII) and certified attributes correspond to a vector label including a variable number of labels, each label being of variable length, wherein the vector label includes a client identity label and attribute label.  Ebrahimi at [0053] discloses that in embodiments, any number of hashing algorithms may be used such as SHA256, for example.  Examiner maps a hashing algorithm to the recited vector-label-input VTE algorithm.  Examiner notes that user data, such as user ID or biometric data may correspond to the at least two transaction attributes.) 
The modified Ebrahimi discloses verifying the local ordering with two or more additional BFT servers of the plurality of BFT servers, said verification including comparing the BFT server's local order for the transaction against the local ordering of said two or more additional BFT servers; wherein upon successful verification the plurality of BFT servers agree upon a BFT total publication order; assigning a sequence number to said transaction; storing said transaction; executing an associated operation in sequence number order; assigning a sequence number to said transaction; storing said transaction; executing an associated operation in sequence number order; and (Examiner had previously shown that Ford teaches a plurality of BFT servers and that Ford discloses that the method may further comprise verifying the integrity of the write transaction.  Also, see Ford at [0022] which discloses that write transactions are stored in a blockchain data structure maintained by a group of servers; see Ford at [0076] which discloses various processing sequences performed by the sender A, the recipient B, the AC and the SC will be described in relation to certain embodiments of the invention and as illustrated in FIG. 2 and that the sequences may be performed independently from each other.  Also, see Ebrahim [0157-0163] in conjunction with Fig. 13, which discloses the certification process between a user and certifier via the blockchain network.  Ebrahim at Fig. 13 depicts certification with user personally identifiable information (PII) and certified attributes, accessible by the user as well as by the certifier.)
The modified Ebrahimi does not expressly teach that each server of the plurality of servers configured to additionally perform the steps: receiving said transaction and ordering said transaction with prior transactions, delivering results of said BFT total publication order ordering to the client, said results being said ordered client transaction information which in a related art Pattanaik teaches (see Pattanaik, at [0074] which discloses that the transaction management module 310 organizes the received transactions and can assign an order to the transaction such that the transactions are written in a block to the blockchain in their assigned order.  Pattanaik, at [0074], further discloses that, in one embodiment, the transaction management module 310 orders the transactions based on a timestamp associated with each transaction.  Examiner notes that the use of a timestamp orders the transactions with prior transactions.  Also, see Pattanaik at [0074] which discloses that the transaction management module 310 can assign an order to the transactions such that the transactions are written in a block to the blockchain in their assigned order.  Also, Pattanaik, at [0100] discloses that a transaction receipt module generates and transmits a transaction receipt to the client device where the transaction receipt includes the unique transaction request identifier and the hash values representing previous transactions.  Examiner maps transaction receipt to client transaction information.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the modified Ebrahimi to include the steps of receiving said transaction and ordering said transaction with prior transactions and delivering results to the client, as taught by Pattanaik.
One would have been motivated to make such a modification because use of such a transaction receipt reflects the executed transactions to the client device and also verifies all executed transactions, as suggested by Pattanaik at [0095].  
Claim 11 is substantially the same as claim 2 and is therefore rejected under the same rationale as stated for claim 2 above.
Regarding claim 9, the modified Ebrahimi teaches the system of claim 1, wherein prior to sending a response to the client, each BFT server of the plurality of BFT servers additionally performs the steps of:  locally ordering the attribute, storing the attribute, verifying said local ordering with the local ordering of at least one other BFT server within the plurality of BFT servers, wherein said attribute is an attribute of the client (see Pattanaik, at [0074] which discloses that the transaction management module 310 orders the transactions based on a timestamp associated with each transaction.  Pattanaik, at [0075] discloses that the transaction management module extracts attributes of the transaction and that the extracted attributes reflect the details of the executed transaction.  Further, Pattanaik at [0075] discloses that the transaction management module 310 uses the extracted information to identify the appropriate parties.  Examiner notes that the previously stated biometric data, for example, may be used to identify the appropriate parties.  Examiner notes that ordering the transactions, which comprise attributes, also orders the transaction’s attributes.  Pattanaik, at [0075], further discloses that a graph module 305 may use the extracted attributes to reflect the details of an executed transaction and that the directed graph module initializes and maintains the extracted attributes.  Thus, Examiner notes that the extracted attributes must be stored for it to be maintained by the graph module.  Pattanaik at [0005] discloses that the central service provider manages a blockchain network that records details of executed transactions.  Examiner notes that a blockchain comprises a network of nodes which may include client devices which act as servers throughout the network.  (As was previously stated, Ebrahimi at [0046], discloses that the systems and methods described herein may be executed with any number of computer systems and that server operations may also be performed and communicated between client devices, to facilitate transactions with the blockchain database, server storage, and the like.)  Thus, it may be interpreted that the blockchain incorporates a plurality of servers.  Pattanaik, at [0076] further discloses how the transaction management module maintains and continuously updates a table which can serve as a blockchain ledger.  Pattanaik, at [0077] further discloses that in executing a transaction, the transaction management module queries the table using the extracted information to identify the appropriate directed graphs for the transaction. Examiner notes that querying the table or blockchain ledger may comprise verifying the extracted attributes.  As was previously stated in the rejection of claim 1, the Examiner mapped the user ID or original biometric data of the user (or client) to the recited attribute.)

Claims 4 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Ebrahimi et al. (US 2017/0257358) in view of Ford et al. (US 2021/0089676) and further in view of Shtrauch et al. (US 10,764,160).
Regarding claim 4, the modified Ebrahimi does not expressly teach, but in a related art Shtrauch teaches the system according to claim 1, further comprising wherein said plurality of clients includes a subset of at least one permissioned subscriber and at least one permissioned publisher (see Shtrauch, at col. 3 lines 12-17, which discloses that blockchain system may include a distributed publish-subscribe mechanism that enables any member of the blockchain system to subscribe to any type of published events and receive notifications accordingly, as well as provide the participants with an interface to publish the events.  Further, see Ebrahimi at [0007-0009] which discloses verifying the user using the user ID and seal and at [0128] disclosing a traveler publishing a selfie; Examiner notes that the user is authenticated to control access to products and/or services, of which the user may be a subscriber or publisher based on the type of products and/or services.  Examiner notes that being authenticated corresponds to getting permission.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the modified Ebrahimi to include wherein said plurality of clients includes a subset of at least one permissioned subscriber and at least one permissioned publisher, as taught by Shtrauch.
One would have been motivated to make such a modification because the system disclosed by Shtrauch exposes all relevant information from the open and global/private blockchain and enables 3rd party entities to leverage this information and enhance system functionality, as suggested by Shtrauch at col. 1, lines 57-60.  
Claim 13 is substantially the same as claim 4 and is therefore rejected under the same rationale as stated for claim 4 above.

Claims 5 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Ebrahimi et al. (US 2017/0257358) in view of Ford et al. (US 2021/0089676) in view of Shtrauch et al. (US 10,764,160) and further in view of Geagan (US 2017/0338955).
As for claim 5, the modified Ebrahimi teaches the system according to claim 4, further comprising the permissioned publisher additionally configured to perform the step: advertising a publication type; (See Shtrauch, at the Abstract, which discloses that the system may send at least one notification to one or more second entities indicating that the information has been published to the blockchain system for accessing by the one or more second entities.  See Shtrauch, at col. 3, lines 15-16, which discloses that the blockchain system may include a distributed publish-subscribe mechanism that enables any member of the blockchain system to subscribe to any type of published events and receive notifications accordingly; also, see Shtrauch, at col. 19 lines 25-28, which discloses that a CSP publishes a bid for VNFs and that a VNF bid transaction is added to the blockchain ledger.  Shtrauch also discloses that a notification is sent to all relevant bid subscribers regarding a VNF bid.  Examiner maps the notification(s) to advertising.  Examiner maps the bid to the recited publication and VNF to the recited publication type.); each BFT server of the plurality of servers are additionally configured to perform the steps: broadcasting to all permissioned subscribers the publication type, (see Ebrahimi at [0037] which discloses that the embodiments of the present invention are based on an identity management platform implementing a technology layer that interacts with a blockchain; Examiner notes that Byzantine fault-tolerance is a mechanism which is implemented in blockchain technology.  Also, see Shtrauch, at col. 18, line 50 and line 63, which discloses that a notification is sent to all relevant subscribers regarding a VNF bid and that a CSP can publish a bid for a VNF; Examiner maps the CSP to the recited server and the VNF vendor to the recited subscriber.) receiving from the at  least one permissioned subscriber at least one subscription interest, (see Shtrauch, at col. 19 lines 29-30 which discloses that the VNF vendor responds to a VNF bid with proposals; Examiner maps the proposals to the at least one subscription interest); locally ordering and storing said at least one subscription interest, and verifyinq the local order of the at least one subscription interest with two or more additional BFT servers of the plurality of BFT servers, said verification including comparing the BFT server's local order for the subscription interest against the local ordering of said two or more additional BFT servers; wherein upon successful verification the plurality of BFT servers agree upon a BFT total order for the subscription interest (see Shtrauch at col. 19 lines 28-31 which discloses that a notification is sent to all relevant bid subscribers, that the VNF vendors respond to the bid with proposals, that the CSP evaluates the proposals, and that the CSP sends a VNF signature to a certifier for approval.  Examiner notes that for the CSP to be able to evaluate and further submit an approval signature associated with the proposals it receives, it must store and order the at least one proposals.  Also, as was previously shown by the Examiner, Ford discloses utilizing blockchain technology for providing secure data exchanges between senders and recipients and that a group of servers may be used for authentication of users and that user data may be stored in a blockchain data structure maintained by the group of servers.) the permissioned subscriber additionally configured to perform the step: submitting to the plurality of BFT servers one or more subscription interest. (see Shtrauch, at col. 19 lines 29-30 which discloses that the VNF vendor responds to a VNF bid with proposals.)
The modified Ebrahimi does not expressly disclose wherein the broadcasting to the permissioned subscriber is performed via a Naor-Naor-Lotspiech broadcast encryption scheme with distributed key distribution, thereby supporting an unbounded number of potential recipients, which in a related art Geagan teaches (see Geagan at [0009] which discloses that NNL (named for Naor, Naor, and Lotspiech) provides space-efficient Key Allocations in Broadcast Encryption systems utilizing a subset difference tree and that NNL uses a one-way triple function to traverse downwards through a binary tree and derive encryption keys from parent nodes, where application of the triple function allows determination of a processing key as well as left and right children of the node.  Geagan at [0009] further discloses that content consumers are allocated a unique small set of labels (keys) for specific starting nodes, and by applying the triple function, are able to derive any other labels and keys beneath (covered by) those starting labels.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the modified Ebrahimi to include wherein the broadcasting to the permissioned subscriber is performed via a Naor-Naor-Lotspiech broadcast encryption scheme with distributed key distribution, thereby supporting an unbounded number of potential recipients, as taught by Geagan.
One would have been motivated to make such a modification because of the ability to derive labels from other labels gives NNL its compactness, and in particular allows the distribution of a minimal set of keys to a client, as suggested by Geagan at [0009].  
Claim 14 is substantially the same as claim 5 and is therefore rejected under the same rationale as stated for claim 5 above. 

Claims 6-8 and 15-17 are rejected under 35 U.S.C. 103 as being unpatentable over Ebrahimi et al. (US 2017/0257358) in view of Ford et al. (US 2021/0089676) in view of Shtrauch et al. (US 10,764,160) in view of Geagan (US 2017/0338955) and further in view of Sewell (US 2019/0347655).
As for claim 6, the modified Ebrahimi teaches the system according to claim 5, further comprising: the permissioned publisher additionally configured to perform the step:  encrypting a publication using said VTE scheme, said encryption including a label with at least one EVAC rule, said label being generated by the VTE scheme (see Ebrahimi at [0007-0009] which discloses verifying the user using the user ID and seal and at [0128] disclosing a traveler publishing a selfie; Examiner notes that the user is authenticated to control access to products and/or services, of which the user may be a subscriber or publisher based on the type of products and/or services.  Examiner notes that being authenticated corresponds to getting permission.  Also, see Ford at [0293] which discloses that a label may be used as an identifier of a blockchain where the label L is an element {0,1}t.  Examiner notes that the use of a label identifier of a blockchain where the label L is an element {0,1}t corresponds to a vector label including a variable number of labels, each label being of variable length, wherein the vector label includes a client identity label and attribute label.) wherein said encryption produces a ciphertext of said publication, and (see Ford at [0293-0296] which discloses encryption that produces a ciphertext.) sending said publication to the plurality of servers; (see Ford at Abstract and at [0020-0023] which discloses sending a write transaction to a group of servers in a blockchain data structure.) with at least two other servers within the plurality of BFT servers said verification including comparing the BFT server's local order for the publication against the local ordering of said two or more additional BFT servers; wherein upon successful verification the plurality of BFT servers agree upon a BFT total order for the publication (see Ford at the Abstract and at [0020-0023] which discloses sending a write transaction to a group of servers in a blockchain data structure; see Ford at [0261] which discloses how a user can create an access identity that is published together with the encrypted form of his data.) 
each BFT server of the plurality of BFT servers additionally configured to perform the steps: receiving the publication from the permissioned publisher, (see Shtrauch, at col 25, claim 7, which discloses that the VNF is used by a communication service provider (CSP) to provide network services; see Shtrauch, at col. 19 lines 26-30, which discloses that a CSP publishes bids to VNF vendors that holds the relevant certifications).
The modified Ebrahimi does not expressly teach, but in a related art Sewell teaches assigning a local order number to the publication, and verifying said local order number (See Sewell at [0042] disclosing a bid transaction for a particular item which is collated by the oracle 6 (a trusted third party server which can be any node of the plurality of nodes in the blockchain network) and given a sequence number (see Table 3 disclosing a sequence number).  Examiner maps the sequence number of the bid transaction to the order number of the publication.) 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the modified Ebrahimi to provide assigning a local order number to the publication, and verifying said local order number as taught by Sewell.
 One would have been motivated to make such a modification in order to implement the transfer of a digital asset by means of blockchain transactions thereby providing the advantage of enhanced security and reliability, as suggested by Sewell at [0018].  
Claim 15 is substantially the same as claim 6 and is therefore rejected under the same rationale as stated for claim 6 above.

As per claim 7, the modified Ebrahimi teaches the system of claim 6 wherein said label is a variable-length vector (See Ford at [0293] which discloses that a label may be used as an identifier of a blockchain where the label L is an element {0,1}t.  Examiner notes that the use of a label identifier of a blockchain where the label L is an element {0,1}t corresponds to a vector label including a variable number of labels, each label being of variable length, wherein the vector label includes a client identity label and attribute label.  Examiner notes that a label L being an element of {0,1}t corresponds to a variable-length vector.)
Claim 16 is substantially the same as claim 7 and is therefore rejected under the same rationale as stated for claim 7 above.

As per claim 8, the modified Ebrahimi teaches the system of claim 6, further comprising each server of the plurality of servers additionally configured to perform the steps:  determining if the permissioned subscriber is both authorized and interested by comparing the subscription interest and the attribute against the EVAC rules and an attribute associated with the permissioned publisher, (as was previously stated, Shtrauch at col. 19 lines 29-30 discloses that the VNF vendor responds to a VNF bid with proposals; Examiner maps the proposals to the at least one subscription interest; regarding the recited attribute associated with the publisher, the Examiner references Shtrauch, at col. 3 lines 49-53, which discloses publishing the information to the blockchain system may include publishing a call from a communication service provider for VNF certifiers to certify any profile of the publisher.   With respect to EVAC rules, see Wack at [0058] which discloses that utilizes a secure transaction schema includes identity (such as biometric data) and encryption for providing secure access control; Wack at [0071] also discloses that the attributes define the rights required to access information associated with the roles) and delivering at least one decryption share to the permissioned subscriber, said at least one decryption share being generated by the threshold encryption scheme; the permissioned subscriber additionally configured to perform the steps: receiving said publication, in ciphertext form, from the permissioned publisher; and utilizing the at least one decryption share to decrypt said ciphertext, resulting in a plaintext version of said publication; the permissioned publisher additionally configured to perform the step: sending to the permissioned subscriber said ciphertext of said publication (see Ford at [0104-0114] disclosing a decryption request and decryption of shares, at [0155] disclosing decryption share creation, at [0230]-0234] disclosing auditable decryption, at [0237-0242] disclosing atomic decryption, at [0292-0296] disclosing a full encryption/decryption protocol for LTS; see Ford at [0293-0296] which discloses encryption that produces a ciphertext.  Also, see Shtrauch, at col. 3 lines 12-17, which discloses that blockchain system may include a distributed publish-subscribe mechanism that enables any member of the blockchain system to subscribe to any type of published events and receive notifications accordingly, as well as provide the participants with an interface to publish the events.  Further, see Ebrahimi at [0007-0009] which discloses verifying the user using the user ID and seal and at [0128] disclosing a traveler publishing a selfie; Examiner notes that the user is authenticated to control access to products and/or services, of which the user may be a subscriber or publisher based on the type of products and/or services.  Examiner previously noted that being authenticated corresponds to getting permission.  Also, see Shtrauch, at col. 19 lines 25-29, which discloses that a CSP publishes a bid for VNFs and that a VNF bid transaction is added to the blockchain ledger and that a notification is sent to all relevant bid subscribers; Examiner had mapped the bid to the recited publication.)
Claim 17 is substantially the same as claim 8 and is therefore rejected under the same rationale as stated for claim 8 above.




Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ROY RHEE whose telephone number is 313-446-6593.  The examiner can normally be reached on 8:30 am to 5:30 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Peter Nolan, can be reached on 571-270-7016.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair.  Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).  If you would like assistance from a USPTO Customer Service Representative or access to the 
automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/R.R./Examiner, Art Unit 3661

/PETER D NOLAN/Supervisory Patent Examiner, Art Unit 3661