DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Remarks
2.	In response to communications filed on 4/25/2022, no claims are cancelled; claims 1, and 35-36 have been amended, and no new claims have been added. Therefore, claims 1-36 are still presently pending in the application.

Information Disclosure Statement
3.	The information disclosure statement (IDS) submitted on 3/11/2022 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Specification
4.	The amendment to the specification filed 4/25/2022 rectifies the specification objection of the abstract, therefore, the objection is withdrawn.

Claim Rejections - 35 USC § 103
5.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
6.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


7.	Claims 1, 4-10, 16, 21, 25-28, and 35-36 are rejected under 35 U.S.C. 103 as being unpatentable over Giordano et al. (U.S. Patent Application Publication No. 2017/0300627), in view of Goldfarb et al. (U.S. Patent Application Publication No. 2017/0364699).
As to claim 1, Giordano et al. teaches a method performed by a system of a host organization, the system having at least a processor and a memory therein to execute instructions (See Giordano et al., Figures 1 and 2), wherein the method comprises: 
operating an interface to a shared ledger on behalf of a plurality of authorized network participants for the shared ledger, wherein the shared ledger persists data via a plurality of distributed shared ledger nodes (See Giordano et al., Figure 2; Also see paragraphs 9-12, 16, 26, 49, and 58-61, wherein Giordano discloses  an electronic ledger comprising a blockchain database and “when a doctor creates a medical record that is added to a patient's smart contract, the medical record may initially be hosted by one or more computers associated with the doctor that created the record” and wherein Giordano discloses “The second computing system on which the set of medical records of the first user are stored can include a distributed filesystem that is configured to allow medical records to be shared among participants in the distributed computing network using a peer-to-peer file transfer protocol”); 
generating a network org within the shared ledger to store the data on behalf of a founder org as a first one of the plurality of authorized network participants (See Giordano et al., Figure 2 and paragraphs 3, 50-53, 61-64, wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract. Thus, if the second doctor attempts to call the smart contract assigned to the first doctor, then the requested operations (e.g., adding a medical record to the profile of a patient of the first doctor) in the called contract may be blocked because the second doctor does not have permission to use the first doctor's contract” and “the ledger also stores program modules, referred to as smart contracts, which allow participants in a distributed medical records management network to interact with the ledger and with each other. For example, doctors, patients, pharmacists, and insurers {network participants} may be issued role-specific smart contracts that allow the participants to invoke various records management events on the network”);
receiving first input, wherein the first input is received from the founder org defining a plurality of partner orgs as additional authorized network participants for the network org, wherein all of the authorized network participants have read access to the data stored by the network org via the shared ledger without replicating the data (See Giordano et al., paragraphs 50-52,  64- 67, wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract. Thus, if the second doctor attempts to call the smart contract assigned to the first doctor, then the requested operations (e.g., adding a medical record to the profile of a patient of the first doctor) in the called contract may be blocked because the second doctor does not have permission to use the first doctor's contract” and “users are assigned roles on the network 200 (e.g., patient, physician, doctor, pharmacist, administrator) and smart contracts are created and correlated with the users based on the respective roles assigned to the users. Thus, if a doctor wishes to register an account on the network 200, a smart contract specific for the role of "doctor" can be created and assigned to the user, which represents the doctor's identity on the network. The type of smart contract assigned to a user may define the types of actions that the user may take on the network 200. For example, a "patient" smart contract may enable a user to access medical records of the user (but not of other users), to add authorizations for doctors or other parties to access all or some of the user's medical records, to remove authorization of parties to access all or some of the user's medical records, to send valid prescriptions to a pharmacist for filling, to pay bills to an insurer or doctor or other medical provider, and to adjust user account settings. In contrast, a "doctor" smart contract may enable a doctor to access medical records of patients under the doctor's care, to add new medical records to the respective medical histories of the doctor's patients, to send prescriptions to pharmacists on behalf of the doctor's patients, and to send invoices for medical services rendered for a patient to the patient and the patient's insurer,” wherein “access” is read on “read access”); 
receiving second input from the founder org defining permissions for each of the partner orgs to interact with the network org within the shared ledger (See Giordano et al., Figure 2 and paragraphs 3, 50, 61-67, wherein Giordano discloses “doctors, patients, pharmacists, and insurers {network participants} may be issued role-specific smart contracts that allow the participants to invoke various records management events on the network,” wherein “defining permissions” is read on “role specific smart contracts”); 
creating metadata, at the host organization, defining at least the authorized network participants for the network org and the permissions defined for each of the partner orgs pursuant to the first and second input received from the founder org (See Giordano et al., paragraphs 3-4, 12, 21, 41, 49-50, 59, and 67-68 wherein Giordano discloses “ A given medical record management event having an entry stored in the electronic ledger can include a request to access a medical record of a user, an authorization for a participant in the distributed computing network to access a medical record of a user, a denial of authorization for a participant in the distributed computing network to access a medical record of a user, addition of a medical record of a user, update of a medical record of a user, or deletion of a medical record of a user”); and 
writing metadata (See Giordano et al., paragraphs 60-67 and 79-80, wherein Giordano discloses wherein Giordano discloses “doctors, patients, pharmacists, and insurers {network participants} may be issued role-specific smart contracts that allow the participants to invoke various records management events on the network,”  and “when a new record is added to the system, the record may be stored on the filesystem 112 and may be indexed by a hash value computed based on the content of the record and, in some instances, further based on metadata associated with the record (e.g., a timestamp indicating the date and time the data was created, identifying information of the doctor that created the record); 
receiving requests from the authorized network participants to interact with the network org (See Giordano et al., paragraphs 67 and 74, wherein Giordano discloses “the administrator 200 approves of the doctor's request to activate a type of doctor smart contract on the network 200, then the administrator 202 may call its respective smart contract 202SC to authorize activation of the doctor's smart contract”); and 
transacting with the shared ledger in fulfillment of the requests (See Giordano et al., paragraphs 50-53, where Giordano discloses “when a user that has rights to call a particular contract makes a call to that contract, the operations associated with that contract may be performed as requested and a transaction indicating a valid call and execution of the contract may be recorded on the ledger at each of the nodes in the network”).  
Giordano et al. teaches “The method can include identifying a command from a first user to access a medical record of a patient having an account on a computing network, wherein each of a plurality of nodes of the computing network maintains a respective instance of an electronic ledger that stores information about medical record management events associated with respective user accounts among a plurality of user accounts” (See Giordano et al., paragraphs 21-25, 39-41, and 47-49). Giordano et al. also teaches “role specific smart contracts” and “authorizations for a participant” (See Giordano et al., paragraphs 3, 12, 19, 43, 49-50 and 64-68). Giordano et al., however, does not explicitly teach wherein the host organization operates as a participating node on the shared ledger to enable interactions between the host organization; creating metadata, at the host organization, defining at least the authorized network participants for the network org and the permissions defined for each of the partner orgs pursuant to the first and second input received from the founder org; writing the metadata from the host organization onto the shared ledger via the participating node of the host organization.
Goldfarb et al. teaches transparent client application to arbitrate data storage between mutable and immutable data repositories (See abstract), in which he teaches wherein the host organization operates as a participating node on the shared ledger to enable interactions between the host organization (See Goldfarb et al., paragraphs 37-38 and 95-96, wherein Goldfarb discloses “the data centers 24 includes a plurality of different hosts exposed by different computational entities, like microkernels, containers, virtual machines, or computing devices executing a non-virtualized operating system. Each host may have an Internet Protocol address on the subnet of the respective data center 24 and may listen to and transmit via a port assigned to an instance of an application described below by which data is stored in a distributed ledger. In some embodiments, each storage compute node 26 may correspond to a different network hosts, each network coast having a server that monitors a port, and configured to implement an instance of one of the below-described directed acyclic graphs with hash pointers implementing immutable, tamper-evident distributed ledgers, examples include block chains and related data structures”); 
writing the metadata from the host organization onto the shared ledger via the participating node of the host organization (See Goldfarb et al., paragraphs 40, 75, 79, 87-89, 93 and 115-117, wherein Goldfard discloses “many extant blockchain-based databases are not well suited for certain use cases, particularly those involving latency-sensitive access (e.g., reading or writing) to large files (e.g., documents or other collections of binary data treated as a single entity, often called “blobs”), for instance in a blockchain-hosted filesystem (Paragraph 75)…the process 50 includes receiving a write command requesting that a document associated with the write command be stored in an immutable data structure, as indicated by block 52, such as a tamper-evident immutable data structure…Files may include stored data associated with metadata (Paragraph  93)).
Giordano et al. and Goldfarb et al. are from the analogous art of computer networks associated with distributed ledgers. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention having the teachings of Giordano et al. and Goldfarb et al. to have combined Giordano et al. and Goldfarb et al.. The motivation to combine Giordano et al. and Goldfarb et al. is to provide a system and method where security and integrity of the data in a datastore and prevent an attacker from modifying or exfiltrating confidential records in a datastore on a computer network (See Goldfarb et al., paragraphs 3-4). Therefore, it would have been obvious to one skilled in the art to combine Giordano et al. and Goldfarb et al..

As to claim 4, Giordano et al. as modified, teaches wherein transacting with the shared ledger in fulfillment of the requests comprises at least: (i) retrieving the metadata for the network org from the shared ledger (See Giordano et al., paragraphs 21-25, 39-41, and 47-49, wherein Giordano discloses “The method can include identifying a command from a first user to access a medical record of a patient having an account on a computing network, wherein each of a plurality of nodes of the computing network maintains a respective instance of an electronic ledger that stores information about medical record management events associated with respective user accounts among a plurality of user accounts”); (ii) validating each request originates from one of the authorized network participants for the network org (See Giordano et al., paragraphs 12, 43 and 45, wherein Giordano discloses “In some implementations, the nodes in the network can act in concert to update the ledger 106 using a validation and consensus process”); (iii) validating each request specifies an interaction by the founder org or an interaction by one of the partner orgs in compliance with the permissions defined by the retrieved metadata for the network org (See Giordano et al., paragraphs 53 and 81, wherein Giordano teaches “the patient's smart contract 408 may send a new medical record to a third party either automatically or on request of the patient 412 (see stage 4 (420)). For example, the patient 412 may configure the smart contract 408 to automatically send any new prescriptions to a smart contract 410 linked to the patient's 412 preferred pharmacy. Although not expressly shown in FIG. 4, when a medical record is sent to the pharmacist's smart contract 410, the transaction may first be validated by the rights manager 406. The pharmacist linked to the third party smart contract 410 may fill the prescription and may then call the smart contract 410 to identify when the prescription has been filled”; Also see Goldfarb et al., paragraphs 37-38 and 95-96, wherein Goldfarb discloses “the data centers 24 includes a plurality of different hosts exposed by different computational entities, like microkernels, containers, virtual machines, or computing devices executing a non-virtualized operating system...each storage compute node 26 may correspond to a different network hosts, each network coast having a server that monitors a port, and configured to implement an instance of one of the below-described directed acyclic graphs with hash pointers implementing immutable, tamper-evident distributed ledgers, examples include block chains and related data structures”); and (iv) transacting with the network org via the shared ledger in fulfillment of the request pursuant to successful validation (See Giordano et al., Figure 2 and paragraphs 43, 45-46 and 62, wherein Giordano discloses “the computer 102—and every other node in the network that maintains a copy of the ledger 106—may update the ledger 106 only when a consensus is reached, among at least a threshold number or portion of the nodes in the network, as to a manner in which the ledger 106 should be updated” and “FIG. 2 shows both full ‘validator’ nodes that store and maintain respective copies of the ledger 220 in addition to virtual nodes (e.g., factory smart contract 204 and rights manager smart contract 206) that have an account and address in the network but that may not be assigned to specific users. In some implementations, a validator node may perform mining in proof-of-work consensus procedure to determine new transaction blocks to add to the ledger 220. Transactions may be sent to and from virtual nodes in the network (e.g., by calling and executing smart contracts corresponding to the virtual nodes), but the virtual nodes themselves may not be specifically associated with a particular computer or computing system that stores or maintains an instance of the distributed ledger 220”).    

As to claim 5, Giordano et al. as modified, teaches wherein the permissions defined by the metadata for each of the partner orgs include one or more of: write access to the metadata at the request of one of the partner orgs, the write access to the metadata granted by the founder org (See Giordano et al., paragraphs 49-50, 51, 56, 60-67 and 79-80, wherein Giordano discloses “smart contracts may be permissioned such that certain operations in a given smart contract are performed only if it is verified that the caller of the contract (e.g., a particular node or user) has rights to execute that smart contract. In some implementations, a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts”); and write access to the data stored by the network org at the request of one of the partner orgs, the write access to the data granted by the founder org (See Giordano et al., paragraphs 60-67, and 79-80, wherein Giordano discloses “doctors, patients, pharmacists, and insurers may be issued role-specific smart contracts that allow the participants to invoke various records management events on the network,”  and “when a new record is added to the system, the record may be stored on the filesystem 112 and may be indexed by a hash value computed based on the content of the record and, in some instances, further based on metadata associated with the record (e.g., a timestamp indicating the date and time the data was created, identifying information of the doctor that created the record).    

As to claim 6, Giordano et al. as modified, teaches wherein the permissions defined by the metadata for each of the partner orgs include permission to create new users associated with one of the partner orgs (See Giordano et al., paragraphs 50-52, 64- 67, wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract. Thus, if the second doctor attempts to call the smart contract assigned to the first doctor, then the requested operations (e.g., adding a medical record to the profile of a patient of the first doctor) in the called contract may be blocked because the second doctor does not have permission to use the first doctor's contract” and “users are assigned roles on the network 200 (e.g., patient, physician, doctor, pharmacist, administrator) and smart contracts are created and correlated with the users based on the respective roles assigned to the users. Thus, if a doctor wishes to register an account on the network 200, a smart contract specific for the role of "doctor" can be created and assigned to the user, which represents the doctor's identity on the network. The type of smart contract assigned to a user may define the types of actions that the user may take on the network 200. For example, a "patient" smart contract may enable a user to access medical records of the user (but not of other users), to add authorizations for doctors or other parties to access all or some of the user's medical records, to remove authorization of parties to access all or some of the user's medical records, to send valid prescriptions to a pharmacist for filling, to pay bills to an insurer or doctor or other medical provider, and to adjust user account settings. In contrast, a "doctor" smart contract may enable a doctor to access medical records of patients under the doctor's care, to add new medical records to the respective medical histories of the doctor's patients, to send prescriptions to pharmacists on behalf of the doctor's patients, and to send invoices for medical services rendered for a patient to the patient and the patient's insurer”).   

As to claim 7, Giordano et al. as modified, teaches wherein the permissions defined by the metadata for each of the partner orgs include permission to add new partner orgs as authorized network participants for the network org (See Giordano et al., paragraphs 50-52, 64- 67, wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract. Thus, if the second doctor attempts to call the smart contract assigned to the first doctor, then the requested operations (e.g., adding a medical record to the profile of a patient of the first doctor) in the called contract may be blocked because the second doctor does not have permission to use the first doctor's contract” and “users are assigned roles on the network 200 (e.g., patient, physician, doctor, pharmacist, administrator) and smart contracts are created and correlated with the users based on the respective roles assigned to the users. Thus, if a doctor wishes to register an account on the network 200, a smart contract specific for the role of "doctor" can be created and assigned to the user, which represents the doctor's identity on the network. The type of smart contract assigned to a user may define the types of actions that the user may take on the network 200. For example, a "patient" smart contract may enable a user to access medical records of the user (but not of other users), to add authorizations for doctors or other parties to access all or some of the user's medical records, to remove authorization of parties to access all or some of the user's medical records, to send valid prescriptions to a pharmacist for filling, to pay bills to an insurer or doctor or other medical provider, and to adjust user account settings. In contrast, a "doctor" smart contract may enable a doctor to access medical records of patients under the doctor's care, to add new medical records to the respective medical histories of the doctor's patients, to send prescriptions to pharmacists on behalf of the doctor's patients, and to send invoices for medical services rendered for a patient to the patient and the patient's insurer”).   

As to claim 8, Giordano et al. as modified, teaches wherein the permissions defined by the metadata further include one or more of: permission for the founder org granted by the founder org to modify the metadata (See Giordano et al., paragraphs 49-52, 64- 67, wherein Giordano discloses “patient's smart contract may include, in some instances, program code for adding records to the patient's medical history, removing records, amending records, and for granting permission to others to access the patient's records”); permission for the founder org granted by the founder org to modify the data stored by the network org (See Giordano et al., paragraphs 49-52, 64- 67, wherein Giordano discloses “patient's smart contract may include, in some instances, program code for adding records to the patient's medical history, removing records, amending records, and for granting permission to others to access the patient's records;” and “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract);  Claims- 200 -Attorney Docket No.: 37633.6327 (A4281US)permission for the founder org granted by the founder org to remove one of the partner orgs from the network org and eliminating the removed partner org as one of the authorized network participants for the network org (See Giordano et al., paragraphs 49, 59, and 63 wherein Giordano discloses “ The patient's smart contract may include, in some instances, program code for adding records to the patient's medical history, removing records, amending records, and for granting permission to others to access the patient's records”); permission for the founder org granted by the founder org to add a new partner orgs as an authorized network participant for the network org (See Giordano et al., paragraphs 49, 59, and 63 wherein Giordano discloses “ Each of these entities has a strong, real-world identity. By contrast, automated actors—generally smart contracts—are represented by scrolls in the network 200. The automated actors represent what can be done in the network and the way data may be stored in the distributed ledger 220. Some, but not all, smart contracts may be linked to a user having a strong identity in the real world and may be called by users to invoke a medical record management event such as adding a medical record to a patient's medical history or granting permissions to one or more users to access records in the patient's medical history”); permission for the founder org granted by the founder org to declare new business logic common across all of the authorized network participants for the network org; and permission for the founder org granted by the founder org to declare new business rules common across all of the authorized network participants for the network org (See Giordano et al., Figure 2 and paragraphs 3, 50-53, 61-64, wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract. Thus, if the second doctor attempts to call the smart contract assigned to the first doctor, then the requested operations (e.g., adding a medical record to the profile of a patient of the first doctor) in the called contract may be blocked because the second doctor does not have permission to use the first doctor's contract” and “the ledger also stores program modules, referred to as smart contracts, which allow participants in a distributed medical records management network to interact with the ledger and with each other. For example, doctors, patients, pharmacists, and insurers {network participants} may be issued role-specific smart contracts that allow the participants to invoke various records management events on the network”).   

As to claim 9, Giordano et al. as modified, teaches wherein the data stored by the network org within the shared ledger comprises one or more of: application data records common across all of the authorized network participants for the network org; business data records common across all of the authorized network participants for the network org; declared business logic common across all of the authorized network participants for the network org; and declared business rules common across all of the authorized network participants for the network org (See Giordano et al., Figure 2 and paragraphs 3, 50-53, 61-64, wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract. Thus, if the second doctor attempts to call the smart contract assigned to the first doctor, then the requested operations (e.g., adding a medical record to the profile of a patient of the first doctor) in the called contract may be blocked because the second doctor does not have permission to use the first doctor's contract” and “the ledger also stores program modules, referred to as smart contracts, which allow participants in a distributed medical records management network to interact with the ledger and with each other. For example, doctors, patients, pharmacists, and insurers {network participants} may be issued role-specific smart contracts that allow the participants to invoke various records management events on the network”).  

As to claim 10, Giordano et al. as modified, teaches further comprising: receiving a request from one of the authorized network participants to store localized data via the shared ledger (See Giordano et al., paragraphs 50-52, 64- 67, wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract” and “users are assigned roles on the network 200 (e.g., patient, physician, doctor, pharmacist, administrator) and smart contracts are created and correlated with the users based on the respective roles assigned to the users”); storing the localized data via the shared ledger; and wherein the stored localized data is accessible to only to the authorized network participant having originated the request to store the localized data and wherein the stored localized data is not exposed to the other authorized network participants (See Giordano et al., Figure 2 and paragraphs 50-57, 61-64, wherein Giordano discloses “Medical records in the decentralized filesystem 112 may be physically stored at one or more of a plurality of computing nodes in a distributed network. In some implementations, all or some of the nodes in the storage network may be common to the network that maintains the ledger 106. For example, a computer 102 that belongs to a doctor may both store medical records created by the doctor for his or her patients and may also maintain an instance of the distributed ledger 106. In some implementations, all or some of the nodes in the storage network may be different from nodes in the network that maintains the ledger 106. For example, the doctor associated with the computer 102 may transmit medical records that he or she creates to one or more servers separate from the computer 102 that hosts data for the decentralized filesystem 112”).    

As to claim 11, Giordano et al. as modified, teaches wherein the stored localized data comprises at least one of: a modification to the data stored by the network org accessible only to the authorized network participant having originated the request to store the localized data (See Giordano et al., paragraphs 99-100, wherein Giordano discloses “such as a client computer having a graphical user interface or an Internet browser, or any combination of them. The components of the system can be connected by any form or medium of digital data communication such as a communication network. Examples of communication networks include a local area network (“LAN”), a wide area network (“WAN”), peer-to-peer networks (having ad-hoc or static members), grid computing infrastructures, and the Internet;” Also see Giordano et al., Figure 2 and paragraphs 3, 50-53, 61-64, wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract); Claims- 201 -Attorney Docket No.: 37633.6327 (A4281US)a modification to application data records common across all of the authorized network participants for the network org, wherein the modification is accessible only to the authorized network participant having originated the request to store the localized data; a modification to business data records common across all of the authorized network participants for the network org, wherein the modification is accessible only to the authorized network participant having originated the request to store the localized data; a modification declared business logic common across all of the authorized network participants for the network org, wherein the modification is accessible only to the authorized network participant having originated the request to store the localized data; and a modification declared business rules common across all of the authorized network participants for the network org, wherein the modification is accessible only to the authorized network participant having originated the request to store the localized data (See Giordano et al., Figure 2 and paragraphs 50-57, 61-64, wherein Giordano discloses “Medical records in the decentralized filesystem 112 may be physically stored at one or more of a plurality of computing nodes in a distributed network. In some implementations, all or some of the nodes in the storage network may be common to the network that maintains the ledger 106. For example, a computer 102 that belongs to a doctor may both store medical records created by the doctor for his or her patients and may also maintain an instance of the distributed ledger 106. In some implementations, all or some of the nodes in the storage network may be different from nodes in the network that maintains the ledger 106. For example, the doctor associated with the computer 102 may transmit medical records that he or she creates to one or more servers separate from the computer 102 that hosts data for the decentralized filesystem 112”).  

As to claim 12, Giordano et al. teaches wherein the stored localized data comprises a new user account for the authorized network participant having originated the request to store the localized data and defined user permissions for the new user account; and wherein each authorized network participant has distinct user controls without affecting the data stored by the network org within the shared ledger (See Giordano et al., Figure 2 and paragraphs 50-57, 61-64, wherein Giordano discloses “Medical records in the decentralized filesystem 112 may be physically stored at one or more of a plurality of computing nodes in a distributed network. In some implementations, all or some of the nodes in the storage network may be common to the network that maintains the ledger 106. For example, a computer 102 that belongs to a doctor may both store medical records created by the doctor for his or her patients and may also maintain an instance of the distributed ledger 106. In some implementations, all or some of the nodes in the storage network may be different from nodes in the network that maintains the ledger 106).  

As to claim 13, Giordano et al. as modified, teaches wherein the authorized network participant having originated the request to store the localized data is a customer organization having a plurality of users within the host organization (See Giordano et al., paragraphs 99-100, wherein Giordano discloses “such as a client computer having a graphical user interface or an Internet browser, or any combination of them. The components of the system can be connected by any form or medium of digital data communication such as a communication network. Examples of communication networks include a local area network (“LAN”), a wide area network (“WAN”), peer-to-peer networks (having ad-hoc or static members), grid computing infrastructures, and the Internet;” Also see Giordano et al., Figure 2 and paragraphs 3, 50-53, 61-64, wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract); wherein the stored localized data comprises a new user account for the authorized network participant having originated the request to store the localized data (See Giordano et al., paragraphs 99-100, wherein Giordano discloses “such as a client computer having a graphical user interface or an Internet browser, or any combination of them. The components of the system can be connected by any form or medium of digital data communication such as a communication network. Examples of communication networks include a local area network (“LAN”), a wide area network (“WAN”), peer-to-peer networks (having ad-hoc or static members), grid computing infrastructures, and the Internet;” Also see Giordano et al., Figure 2 and paragraphs 3, 50-53, 61-64, wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract); and wherein the new user account is distinct from any user account associated with the plurality of user accounts for the customer organization (See Giordano et al., Figure 2 and paragraphs 50-57, 61-64, wherein Giordano discloses “Medical records in the decentralized filesystem 112 may be physically stored at one or more of a plurality of computing nodes in a distributed network. In some implementations, all or some of the nodes in the storage network may be common to the network that maintains the ledger 106. For example, a computer 102 that belongs to a doctor may both store medical records created by the doctor for his or her patients and may also maintain an instance of the distributed ledger 106. In some implementations, all or some of the nodes in the storage network may be different from nodes in the network that maintains the ledger 106. For example, the doctor associated with the computer 102 may transmit medical records that he or she creates to one or more servers separate from the computer 102 that hosts data for the decentralized filesystem 112”). 

As to claim 14, Giordano et al. as modified, teaches wherein the authorized network participant having originated the request to store the localized data is a customer organization having tenancy within the host organization (See Giordano et al., paragraphs 99-100, wherein Giordano discloses “such as a client computer having a graphical user interface or an Internet browser, or any combination of them. The components of the system can be connected by any form or medium of digital data communication such as a communication network. Examples of communication networks include a local area network (“LAN”), a wide area network (“WAN”), peer-to-peer networks (having ad-hoc or static members), grid computing infrastructures, and the Internet;” Also see Giordano et al., Figure 2 and paragraphs 3, 50-53, 61-64, wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract); wherein the stored localized data comprises a customer organization specific workflow to execute against CRM data for the customer organization based on changes affecting the data stored by the network org (See Giordano et al., Figure 2 and paragraphs 50-57, 61-64, wherein Giordano discloses “Medical records in the decentralized filesystem 112 may be physically stored at one or more of a plurality of computing nodes in a distributed network. In some implementations, all or some of the nodes in the storage network may be common to the network that maintains the ledger 106. For example, a computer 102 that belongs to a doctor may both store medical records created by the doctor for his or her patients and may also maintain an instance of the distributed ledger 106. In some implementations, all or some of the nodes in the storage network may be different from nodes in the network that maintains the ledger 106. For example, the doctor associated with the computer 102 may transmit medical records that he or she creates to one or more servers separate from the computer 102 that hosts data for the decentralized filesystem 112”).

As to claim 15, Giordano et al. as modified, teaches wherein all changes affecting the data and metadata stored by the network org are cryptographically verifiable providing a full audit log including at least what data was changed, when the data was changed, and who made the changes to the data (See Giordano et al., paragraphs 12, 45-47 and 53, wherein Giordano discloses “transactions may be stored in the ledger 106 in groups referred to as `blocks.` These blocks are represented in FIG. 1 as medical record management blocks 108a-n. Together, the blocks 108a-n may include a complete record of all the transactions that have occurred in the network since its genesis).  

As to claim 16, Giordano et al. as modified, teaches wherein each of the authorized network participants are tenants of the host organization (See Giordano et al., paragraphs 12, 45-47 and 53, wherein Giordano discloses “transactions may be stored in the ledger 106 in groups referred to as `blocks.` These blocks are represented in FIG. 1 as medical record management blocks 108a-n. Together, the blocks 108a-n may include a complete record of all the transactions that have occurred in the network since its genesis).  

As to claim 17, Giordano et al. as modified, teaches wherein the founder org is a first one of a plurality of tenants of the host organization having requested generation of the network org; and wherein each of the partner orgs are tenants of the host organization different than the founder org and having been added as authorized network participants for the shared ledger by the founder org  (See Giordano et al., Figures 1 and 2; Also see paragraphs 26-29, 39-43 and 61-64, wherein Giordano teaches “Different nodes in the network may be managed and operated by different individuals, organizations, or other entities. In this way, each node in the network may separately maintain a respective copy (instance) of the ledger 106” and “in its role as a node in the distributed computing network, the computer 102 can store and maintain a copy of the distributed ledger”).  

As to claim 18, Giordano et al. as modified, teaches wherein the system of the host organization embodies hardware, software, and logic elements to implement cloud based functionality providing on-demand services, on-demand database services, and cloud computing services to subscribing customer organizations (See Giordano et al., paragraphs 99-100, wherein Giordano discloses “such as a client computer having a graphical user interface or an Internet browser, or any combination of them. The components of the system can be connected by any form or medium of digital data communication such as a communication network. Examples of communication networks include a local area network (“LAN”), a wide area network (“WAN”), peer-to-peer networks (having ad-hoc or static members), grid computing infrastructures, and the Internet;” Also see Giordano et al., Figure 2 and paragraphs 3, 50-53, 61-64, wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract); and wherein the founder org and each of the partner orgs are selected from amongst the subscriber customer organizations; and wherein the cloud based functionality is accessible to the subscribing customer organizations over a public Internet (See Giordano et al., Figures 1 and 2; Also see paragraphs 26-29, 39-43 and 61-64, wherein Giordano teaches “Different nodes in the network may be managed and operated by different individuals, organizations, or other entities. In this way, each node in the network may separately maintain a respective copy (instance) of the ledger 106” and “in its role as a node in the distributed computing network, the computer 102 can store and maintain a copy of the distributed ledger”).  

As to claim 19, Giordano et al. as modified, teaches wherein the network org is represented by the host organization as one of a plurality of customer organizations of the host organization (See Giordano et al., Figures 1 and 2; Also see paragraphs 26-29, 39-43 and 61-64, wherein Giordano teaches “Different nodes in the network may be managed and operated by different individuals, organizations, or other entities. In this way, each node in the network may separately maintain a respective copy (instance) of the ledger 106” and “in its role as a node in the distributed computing network, the computer 102 can store and maintain a copy of the distributed ledger”).  

As to claim 20, Giordano et al. as modified, teaches wherein the shared ledger comprises a relational database system internal to the host organization (See Giordano et al., paragraphs 99-100, wherein Giordano discloses “such as a client computer having a graphical user interface or an Internet browser, or any combination of them. The components of the system can be connected by any form or medium of digital data communication such as a communication network. Examples of communication networks include a local area network (“LAN”), a wide area network (“WAN”), peer-to-peer networks (having ad-hoc or static members), grid computing infrastructures, and the Internet;” Also see Giordano et al., Figure 2 and paragraphs 3, 50-53, 61-64, wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract); wherein a copy of the data stored by the network org is accessible from each of a plurality of data centers of the host organization via one or more of the plurality of shared ledger nodes; and wherein the method further comprises: Claims- 203 - Attorney Docket No.: 37633.6327 (A4281US)determining a first one of the plurality of shared ledger nodes is inaccessible based on an outage at one of the plurality of datacenters of the host organization or pursuant to a non-response from the first one of the plurality of shared ledger nodes (See Giordano et al., paragraphs 99-100, wherein Giordano discloses “such as a client computer having a graphical user interface or an Internet browser, or any combination of them. The components of the system can be connected by any form or medium of digital data communication such as a communication network. Examples of communication networks include a local area network (“LAN”), a wide area network (“WAN”), peer-to-peer networks (having ad-hoc or static members), grid computing infrastructures, and the Internet;” Also see Giordano et al., Figure 2 and paragraphs 3, 50-53, 61-64, wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract); and transacting with the network org stored by the shared ledger from a second one of the plurality of shared ledger nodes subsequent to the determination (See Giordano et al., Figures 1 and 2; Also see paragraphs 3, 27-29, 39-43 and 61, wherein Giordano teaches “FIG. 2, a conceptual illustration is shown of an example computing network 200 for managing medical records on a distributed ledger 220. The network 200 is generally a decentralized network in which records management is coordinated among potentially many distinct computers or computing systems that comprise nodes in the network. The respective computers or computing systems for all or some of the respective nodes in the network may be physically separate from each other, independently owned and operated by different entities, and/or geographically remote from each other”).

As to claim 29, Giordano et al. as modified, teaches wherein the data stored by the network org is associated with a first declared application and a second declared application, both the first and the second declared applications being utilized by the founder org and the plurality of partner orgs (See Giordano et al., Figure 2 and paragraphs 3, 50-53, 61-64, wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract); and Claims- 205 - Attorney Docket No.: 37633.6327 (A4281US)wherein the permissions defined by the metadata specify different access permissions to the data stored by the network org based on whether each of the partner organizations is accessing the data utilizing the first declared application or the second declared application (See Giordano et al., Figures 1 and 2; Also see paragraphs 3, 27-29, 39-43 and 61, wherein Giordano teaches “FIG. 2, a conceptual illustration is shown of an example computing network 200 for managing medical records on a distributed ledger 220. The network 200 is generally a decentralized network in which records management is coordinated among potentially many distinct computers or computing systems that comprise nodes in the network. The respective computers or computing systems for all or some of the respective nodes in the network may be physically separate from each other, independently owned and operated by different entities, and/or geographically remote from each other”).

As to claim 30, Giordano et al. as modified, teaches wherein the metadata written to the shared ledger further defines a plurality of entity types and a plurality of field definitions for each of the plurality of entity types; and wherein the method further comprises: generating a virtual table within a database system of the host organization; structuring the virtual table at the database system of the host organization based on the metadata written to the shared ledger, wherein the entity types from the metadata written to the shared ledger are represented as tables within the virtual table and further wherein the one or more new field definitions for each of the plurality of entity types are represented as columns within the tables at the virtual table  (See Giordano et al., Figures 1 and 2; Also see paragraphs 26-29, 39-43 and 61-64, wherein Giordano teaches “Different nodes in the network may be managed and operated by different individuals, organizations, or other entities. In this way, each node in the network may separately maintain a respective copy (instance) of the ledger 106” and “in its role as a node in the distributed computing network, the computer 102 can store and maintain a copy of the distributed ledger”).     


As to claim 21, Giordano et al. as modified, teaches wherein the shared ledger implements a Distributed Ledger Technology (DLT) data store internal to the host organization (See Giordano et al., Figures 1 and 2; Also see paragraphs 3, 27-29, and 39-40, wherein Giordano discloses “a collection of independent nodes in a computing network may each maintain a respective instance of a distributed ledger. The distributed ledger may store records of transactions that have occurred on the network, including information about medical records for a population of patients”); wherein a copy of the data stored by the network org is accessible from each of the plurality of shared ledger nodes distributed across a plurality of geographically dispersed data centers of the host organization (See Giordano et al., Figures 1 and 2; Also see paragraphs 3, 27-29, 39-43 and 61, wherein Giordano teaches “FIG. 2, a conceptual illustration is shown of an example computing network 200 for managing medical records on a distributed ledger 220. The network 200 is generally a decentralized network in which records management is coordinated among potentially many distinct computers or computing systems that comprise nodes in the network. The respective computers or computing systems for all or some of the respective nodes in the network may be physically separate from each other, independently owned and operated by different entities, and/or geographically remote from each other”); and wherein the DLT data store immutably stores all data within assets added to the DLT data store (See Giordano et al., Figures 1 and 2; Also see paragraphs 3, 27-29, 39-43, wherein Giordano teaches “in its role as a node in the distributed computing network, the computer 102 can store and maintain a copy of the distributed ledger”).  

As to claim 25, Giordano et al. as modified, teaches Claims- 204 - Attorney Docket No.: 37633.6327 (A4281US)wherein operating the interface to the shared ledger comprises operating a blockchain services interface to a blockchain on behalf of the authorized network participants for the shared ledger (See Giordano et al., paragraphs 12, 45-47 and 53, wherein Giordano discloses “transactions may be stored in the ledger 106 in groups referred to as `blocks.` These blocks are represented in FIG. 1 as medical record management blocks 108a-n. Together, the blocks 108a-n may include a complete record of all the transactions that have occurred in the network since its genesis. For example, the first block (108a) may include a first set of transactions that occurred in the network over a first period of time, the second block (108b) may include a second set of transactions that occurred in the network over a next (second) period of time, a third block (not shown) may include a third set of transactions that occurred in the network over a next (third) period of time, and so on”); wherein each of the authorized network participants operate as a participating node on the blockchain and transact with the blockchain via the blockchain services interface operated by the host organization (See Giordano et al., paragraphs 43-48, wherein Giordano discloses “each time a new block is determined, that block can be appended to the end of the existing blockchain. Each block in the chain (other than the genesis block) may include a signature of one or more preceding blocks in the chain. For example, the second block 108b in FIG. 1 includes a signature of the genesis block 108a. The signature of the genesis block 108a may be a hash value of the genesis block 108a, for example. When a third block is later appended to the chain, that block may include a signature of the second block 108b. Notably, because the second block 108b includes a hash of the genesis block 108a , the signature added to the third block in the chain not only characterizes the immediately preceding block 108b, but also depends on the signature of the genesis block 108a. Thus, the signature of every new block in the chain can be at least partially influenced by every preceding block in the chain”).  

As to claim 26, Giordano et al. as modified, teaches wherein a copy of the data stored by the network org is accessible from any of the authorized network participants operating as participating nodes on the blockchain and further accessible from any other participating node on the blockchain (See Giordano et al., paragraphs 43-48, wherein Giordano discloses “each time a new block is determined, that block can be appended to the end of the existing blockchain. Each block in the chain (other than the genesis block) may include a signature of one or more preceding blocks in the chain. For example, the second block 108b in FIG. 1 includes a signature of the genesis block 108a. The signature of the genesis block 108a may be a hash value of the genesis block 108a, for example. When a third block is later appended to the chain, that block may include a signature of the second block 108b. Notably, because the second block 108b includes a hash of the genesis block 108a , the signature added to the third block in the chain not only characterizes the immediately preceding block 108b, but also depends on the signature of the genesis block 108a. Thus, the signature of every new block in the chain can be at least partially influenced by every preceding block in the chain”); wherein the blockchain immutably stores all record added to the blockchain (See Giordano et al., Figure 2; Also see paragraphs 9-12, 49, 58 and 61, wherein Giordano discloses  an electronic ledger comprising a blockchain database and “when a doctor creates a medical record that is added to a patient's smart contract, the medical record may initially be hosted by one or more computers associated with the doctor that created the record” and wherein Giordano discloses “network 200 is generally a decentralized network in which records management is coordinated among potentially many distinct computers or computing systems that comprise nodes in the network”); and wherein the data stored by the network org affected by deletions and updates remain accessible from the blockchain as a non-current version of the data via an audit log for the blockchain (See Giordano et al., paragraphs 43-48, 60 and 79-80, wherein Giordano discloses “each node may independently perform processing to determine how the queued transactions can be arranged to form a new block that satisfies certain criteria for the new blocks. For example, the nodes may each test hashes of possible block arrangements until the hash value for the block falls below a threshold hash value (e.g., a proof of work problem). This process of determining new blocks to add to the ledger 106, referred to as mining, can be computationally intensive and on average may only be completed by any node in the network after a target period of time (e.g., 2 minutes). Once a new, valid block is determined by a particular network node, that node adds the block to the ledger 106 and broadcasts information to the other nodes in the network that allow the other nodes to duplicate the block and add it to their respective copies of the ledger 106”).   

As to claim 27, Giordano et al. as modified, teaches wherein the host organization operates a participating node on the blockchain (See Giordano et al., Figure 2; Also see paragraphs 9-12, 16, 26, 49, and 58-61, wherein Giordano discloses  an electronic ledger comprising a blockchain database and “when a doctor creates a medical record that is added to a patient's smart contract, the medical record may initially be hosted by one or more computers associated with the doctor that created the record” and wherein Giordano discloses “The second computing system on which the set of medical records of the first user are stored can include a distributed filesystem that is configured to allow medical records to be shared among participants in the distributed computing network using a peer-to-peer file transfer protocol”); and wherein the blockchain operates external from the host organization and operates outside of the host organization's exclusive control (See Giordano et al., paragraphs 57-58, 79 and 84, wherein Giordano discloses that the medical records may be stored on a system that is external to the ledger).   

As to claim 28, Giordano et al. as modified, teaches wherein the network org comprises one of a plurality of distinct network orgs operating via the shared ledger (See Giordano et al., Figure 2; Also see paragraphs 9-12, 16, 26, 49, and 58-61, wherein Giordano discloses  an electronic ledger comprising a blockchain database and “when a doctor creates a medical record that is added to a patient's smart contract, the medical record may initially be hosted by one or more computers associated with the doctor that created the record” and wherein Giordano discloses “The second computing system on which the set of medical records of the first user are stored can include a distributed filesystem that is configured to allow medical records to be shared among participants in the distributed computing network using a peer-to-peer file transfer protocol”); or alternatively wherein the network org operates on a unique shared ledger instance of the host organization and wherein different network orgs operate on other shared ledger instances within the host organization separate from the unique shared ledger instance upon which the network org operates (See Giordano et al., paragraphs 57-58, 79 and 84, wherein Giordano discloses that the medical records may be stored on a system that is external to the ledger. Also see Giordano et al., Figure 2 and paragraphs 3, 50-53, 61-64, wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract. Thus, if the second doctor attempts to call the smart contract assigned to the first doctor, then the requested operations (e.g., adding a medical record to the profile of a patient of the first doctor) in the called contract may be blocked because the second doctor does not have permission to use the first doctor's contract” and “the ledger also stores program modules, referred to as smart contracts, which allow participants in a distributed medical records management network to interact with the ledger and with each other. For example, doctors, patients, pharmacists, and insurers {network participants} may be issued role-specific smart contracts that allow the participants to invoke various records management events on the network”).    

As to claim 35, Giordano et al. teaches non-transitory computer-readable storage media having instructions stored thereupon that, when executed by a processor of a system having at least a processor and a memory therein (See Giordano et al., Figures 1 and 2), the instructions cause the system to perform operations comprising: 
operating an interface to a shared ledger on behalf of a plurality of authorized network participants for the shared ledger, wherein the shared ledger persists data via a plurality of distributed shared ledger nodes (See Giordano et al., Figure 2; Also see paragraphs 9-12, 16, 26, 49, and 58-61, wherein Giordano discloses  an electronic ledger comprising a blockchain database and “when a doctor creates a medical record that is added to a patient's smart contract, the medical record may initially be hosted by one or more computers associated with the doctor that created the record” and wherein Giordano discloses “The second computing system on which the set of medical records of the first user are stored can include a distributed filesystem that is configured to allow medical records to be shared among participants in the distributed computing network using a peer-to-peer file transfer protocol”); 
generating a network org within the shared ledger to store the data on behalf of a founder org as a first one of the plurality of authorized network participants (See Giordano et al., Figure 2 and paragraphs 3, 50-53, 61-64, wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract. Thus, if the second doctor attempts to call the smart contract assigned to the first doctor, then the requested operations (e.g., adding a medical record to the profile of a patient of the first doctor) in the called contract may be blocked because the second doctor does not have permission to use the first doctor's contract” and “the ledger also stores program modules, referred to as smart contracts, which allow participants in a distributed medical records management network to interact with the ledger and with each other. For example, doctors, patients, pharmacists, and insurers {network participants} may be issued role-specific smart contracts that allow the participants to invoke various records management events on the network”);
Claims- 207 -Attorney Docket No.: 37633.6327 (A4281US)receiving input from the founder org defining a plurality of partner orgs as additional authorized network participants for the network org, wherein all of the authorized network participants have read access to the data stored by the network org via the shared ledger without replicating the data (See Giordano et al., paragraphs 50-52,  64- 67, wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract. Thus, if the second doctor attempts to call the smart contract assigned to the first doctor, then the requested operations (e.g., adding a medical record to the profile of a patient of the first doctor) in the called contract may be blocked because the second doctor does not have permission to use the first doctor's contract” and “users are assigned roles on the network 200 (e.g., patient, physician, doctor, pharmacist, administrator) and smart contracts are created and correlated with the users based on the respective roles assigned to the users. Thus, if a doctor wishes to register an account on the network 200, a smart contract specific for the role of "doctor" can be created and assigned to the user, which represents the doctor's identity on the network. The type of smart contract assigned to a user may define the types of actions that the user may take on the network 200. For example, a "patient" smart contract may enable a user to access medical records of the user (but not of other users), to add authorizations for doctors or other parties to access all or some of the user's medical records, to remove authorization of parties to access all or some of the user's medical records, to send valid prescriptions to a pharmacist for filling, to pay bills to an insurer or doctor or other medical provider, and to adjust user account settings. In contrast, a "doctor" smart contract may enable a doctor to access medical records of patients under the doctor's care, to add new medical records to the respective medical histories of the doctor's patients, to send prescriptions to pharmacists on behalf of the doctor's patients, and to send invoices for medical services rendered for a patient to the patient and the patient's insurer,” wherein “access” is read on “read access”); 
receiving input from the founder org defining permissions for each of the partner orgs to interact with the network org within the shared ledger (See Giordano et al., Figure 2 and paragraphs 3, 50, 61-67, wherein Giordano discloses “doctors, patients, pharmacists, and insurers {network participants} may be issued role-specific smart contracts that allow the participants to invoke various records management events on the network,” wherein “defining permissions” is read on “role specific smart contracts”); 
writing metadata to the shared ledger defining at least the authorized network participants for the network org and the permissions defined for each of the partner orgs (See Giordano et al., paragraphs 60-67 and 79-80, wherein Giordano discloses wherein Giordano discloses “doctors, patients, pharmacists, and insurers {network participants} may be issued role-specific smart contracts that allow the participants to invoke various records management events on the network,”  and “when a new record is added to the system, the record may be stored on the filesystem 112 and may be indexed by a hash value computed based on the content of the record and, in some instances, further based on metadata associated with the record (e.g., a timestamp indicating the date and time the data was created, identifying information of the doctor that created the record); 
receiving requests from the authorized network participants to interact with the network org (See Giordano et al., paragraphs 67 and 74, wherein Giordano discloses “the administrator 200 approves of the doctor's request to activate a type of doctor smart contract on the network 200, then the administrator 202 may call its respective smart contract 202SC to authorize activation of the doctor's smart contract”); and 
transacting with the shared ledger in fulfillment of the requests (See Giordano et al., paragraphs 50-53, where Giordano discloses “when a user that has rights to call a particular contract makes a call to that contract, the operations associated with that contract may be performed as requested and a transaction indicating a valid call and execution of the contract may be recorded on the ledger at each of the nodes in the network”).   
Giordano et al. teaches “The method can include identifying a command from a first user to access a medical record of a patient having an account on a computing network, wherein each of a plurality of nodes of the computing network maintains a respective instance of an electronic ledger that stores information about medical record management events associated with respective user accounts among a plurality of user accounts” (See Giordano et al., paragraphs 21-25, 39-41, and 47-49). Giordano et al. also teaches “role specific smart contracts” and “authorizations for a participant” (See Giordano et al., paragraphs 3, 12, 19, 43, 49-50 and 64-68). Giordano et al., however, does not explicitly teach wherein the host organization operates as a participating node on the shared ledger to enable interactions between the host organization; creating metadata, at the host organization, defining at least the authorized network participants for the network org and the permissions defined for each of the partner orgs pursuant to the first and second input received from the founder org; writing the metadata from the host organization onto the shared ledger via the participating node of the host organization.
Goldfarb et al. teaches transparent client application to arbitrate data storage between mutable and immutable data repositories (See abstract), in which he teaches wherein the host organization operates as a participating node on the shared ledger to enable interactions between the host organization (See Goldfarb et al., paragraphs 37-38 and 95-96, wherein Goldfarb discloses “the data centers 24 includes a plurality of different hosts exposed by different computational entities, like microkernels, containers, virtual machines, or computing devices executing a non-virtualized operating system. Each host may have an Internet Protocol address on the subnet of the respective data center 24 and may listen to and transmit via a port assigned to an instance of an application described below by which data is stored in a distributed ledger. In some embodiments, each storage compute node 26 may correspond to a different network hosts, each network coast having a server that monitors a port, and configured to implement an instance of one of the below-described directed acyclic graphs with hash pointers implementing immutable, tamper-evident distributed ledgers, examples include block chains and related data structures”); 
writing the metadata from the host organization onto the shared ledger via the participating node of the host organization (See Goldfarb et al., paragraphs 40, 75, 79, 87-89, 93 and 115-117, wherein Goldfard discloses “many extant blockchain-based databases are not well suited for certain use cases, particularly those involving latency-sensitive access (e.g., reading or writing) to large files (e.g., documents or other collections of binary data treated as a single entity, often called “blobs”), for instance in a blockchain-hosted filesystem (Paragraph 75)…the process 50 includes receiving a write command requesting that a document associated with the write command be stored in an immutable data structure, as indicated by block 52, such as a tamper-evident immutable data structure…Files may include stored data associated with metadata (Paragraph  93)).
Giordano et al. and Goldfarb et al. are from the analogous art of computer networks associated with distributed ledgers. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention having the teachings of Giordano et al. and Goldfarb et al. to have combined Giordano et al. and Goldfarb et al.. The motivation to combine Giordano et al. and Goldfarb et al. is to provide a system and method where security and integrity of the data in a datastore and prevent an attacker from modifying or exfiltrating confidential records in a datastore on a computer network (See Goldfarb et al., paragraphs 3-4). Therefore, it would have been obvious to one skilled in the art to combine Giordano et al. and Goldfarb et al..

As to claim 36, Giordano et al. teaches a system to execute at a host organization, wherein the system comprises: a memory to store instructions; a processor to execute instructions; wherein the processor is to execute a shared ledger interface to a shared ledger on behalf of a plurality of authorized network participants for the shared ledger (See Giordano et al., Figures 1 and 2), wherein the shared ledger persists data via a plurality of distributed shared ledger nodes; 
wherein the processor is to generate a network org within the shared ledger to store the data on behalf of a founder org as a first one of the plurality of authorized network participants (See Giordano et al., Figure 2 and paragraphs 3, 50-53, 61-64, wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract. Thus, if the second doctor attempts to call the smart contract assigned to the first doctor, then the requested operations (e.g., adding a medical record to the profile of a patient of the first doctor) in the called contract may be blocked because the second doctor does not have permission to use the first doctor's contract” and “the ledger also stores program modules, referred to as smart contracts, which allow participants in a distributed medical records management network to interact with the ledger and with each other. For example, doctors, patients, pharmacists, and insurers {network participants} may be issued role-specific smart contracts that allow the participants to invoke various records management events on the network”);
a receive interface to receive input from the founder org defining a plurality of partner orgs as additional authorized network participants for the network org, wherein all of the authorized network participants have read access to the data stored by the network org via the shared ledger without replicating the data (See Giordano et al., paragraphs 50-52,  64- 67, wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract. Thus, if the second doctor attempts to call the smart contract assigned to the first doctor, then the requested operations (e.g., adding a medical record to the profile of a patient of the first doctor) in the called contract may be blocked because the second doctor does not have permission to use the first doctor's contract” and “users are assigned roles on the network 200 (e.g., patient, physician, doctor, pharmacist, administrator) and smart contracts are created and correlated with the users based on the respective roles assigned to the users. Thus, if a doctor wishes to register an account on the network 200, a smart contract specific for the role of "doctor" can be created and assigned to the user, which represents the doctor's identity on the network. The type of smart contract assigned to a user may define the types of actions that the user may take on the network 200. For example, a "patient" smart contract may enable a user to access medical records of the user (but not of other users), to add authorizations for doctors or other parties to access all or some of the user's medical records, to remove authorization of parties to access all or some of the user's medical records, to send valid prescriptions to a pharmacist for filling, to pay bills to an insurer or doctor or other medical provider, and to adjust user account settings. In contrast, a "doctor" smart contract may enable a doctor to access medical records of patients under the doctor's care, to add new medical records to the respective medical histories of the doctor's patients, to send prescriptions to pharmacists on behalf of the doctor's patients, and to send invoices for medical services rendered for a patient to the patient and the patient's insurer,” wherein “access” is read on “read access”); 
the receive interface to further receive input from the founder org defining permissions for each of the partner orgs to interact with the network org within the shared ledger (See Giordano et al., Figure 2 and paragraphs 3, 50-52, 61-67, wherein Giordano discloses “doctors, patients, pharmacists, and insurers {network participants} may be issued role-specific smart contracts that allow the participants to invoke various records management events on the network,” wherein “defining permissions” is read on “role specific smart contracts” and wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract. Thus, if the second doctor attempts to call the smart contract assigned to the first doctor, then the requested operations (e.g., adding a medical record to the profile of a patient of the first doctor) in the called contract may be blocked because the second doctor does not have permission to use the first doctor's contract” and “users are assigned roles on the network 200 (e.g., patient, physician, doctor, pharmacist, administrator) and smart contracts are created and correlated with the users based on the respective roles assigned to the users. Thus, if a doctor wishes to register an account on the network 200, a smart contract specific for the role of "doctor" can be created and assigned to the user, which represents the doctor's identity on the network”); 
wherein the shared ledger interface is to metadata to the shared ledger defining at least the authorized network participants for the network org and the permissions defined for each of the partner orgs (See Giordano et al., paragraphs 60-67 and 79-80, wherein Giordano discloses wherein Giordano discloses “doctors, patients, pharmacists, and insurers {network participants} may be issued role-specific smart contracts that allow the participants to invoke various records management events on the network,”  and “when a new record is added to the system, the record may be stored on the filesystem 112 and may be indexed by a hash value computed based on the content of the record and, in some instances, further based on metadata associated with the record (e.g., a timestamp indicating the date and time the data was created, identifying information of the doctor that created the record); 
the receive interface to further receive requests from the authorized network participants to interact with the network org (See Giordano et al., paragraphs 67 and 74, wherein Giordano discloses “the administrator 200 approves of the doctor's request to activate a type of doctor smart contract on the network 200, then the administrator 202 may call its respective smart contract 202SC to authorize activation of the doctor's smart contract”); and 
wherein the shared ledger interface further is to transact with the shared ledger in fulfillment of the requests (See Giordano et al., paragraphs 50-53, where Giordano discloses “when a user that has rights to call a particular contract makes a call to that contract, the operations associated with that contract may be performed as requested and a transaction indicating a valid call and execution of the contract may be recorded on the ledger at each of the nodes in the network”).
Giordano et al. teaches “The method can include identifying a command from a first user to access a medical record of a patient having an account on a computing network, wherein each of a plurality of nodes of the computing network maintains a respective instance of an electronic ledger that stores information about medical record management events associated with respective user accounts among a plurality of user accounts” (See Giordano et al., paragraphs 21-25, 39-41, and 47-49). Giordano et al. also teaches “role specific smart contracts” and “authorizations for a participant” (See Giordano et al., paragraphs 3, 12, 19, 43, 49-50 and 64-68). Giordano et al., however, does not explicitly teach wherein the host organization operates as a participating node on the shared ledger to enable interactions between the host organization; creating metadata, at the host organization, defining at least the authorized network participants for the network org and the permissions defined for each of the partner orgs pursuant to the first and second input received from the founder org; writing the metadata from the host organization onto the shared ledger via the participating node of the host organization.
Goldfarb et al. teaches transparent client application to arbitrate data storage between mutable and immutable data repositories (See abstract), in which he teaches wherein the host organization operates as a participating node on the shared ledger to enable interactions between the host organization (See Goldfarb et al., paragraphs 37-38 and 95-96, wherein Goldfarb discloses “the data centers 24 includes a plurality of different hosts exposed by different computational entities, like microkernels, containers, virtual machines, or computing devices executing a non-virtualized operating system. Each host may have an Internet Protocol address on the subnet of the respective data center 24 and may listen to and transmit via a port assigned to an instance of an application described below by which data is stored in a distributed ledger. In some embodiments, each storage compute node 26 may correspond to a different network hosts, each network coast having a server that monitors a port, and configured to implement an instance of one of the below-described directed acyclic graphs with hash pointers implementing immutable, tamper-evident distributed ledgers, examples include block chains and related data structures”); 
writing the metadata from the host organization onto the shared ledger via the participating node of the host organization (See Goldfarb et al., paragraphs 40, 75, 79, 87-89, 93 and 115-117, wherein Goldfard discloses “many extant blockchain-based databases are not well suited for certain use cases, particularly those involving latency-sensitive access (e.g., reading or writing) to large files (e.g., documents or other collections of binary data treated as a single entity, often called “blobs”), for instance in a blockchain-hosted filesystem (Paragraph 75)…the process 50 includes receiving a write command requesting that a document associated with the write command be stored in an immutable data structure, as indicated by block 52, such as a tamper-evident immutable data structure…Files may include stored data associated with metadata (Paragraph  93)).
Giordano et al. and Goldfarb et al. are from the analogous art of computer networks associated with distributed ledgers. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention having the teachings of Giordano et al. and Goldfarb et al. to have combined Giordano et al. and Goldfarb et al.. The motivation to combine Giordano et al. and Goldfarb et al. is to provide a system and method where security and integrity of the data in a datastore and prevent an attacker from modifying or exfiltrating confidential records in a datastore on a computer network (See Goldfarb et al., paragraphs 3-4). Therefore, it would have been obvious to one skilled in the art to combine Giordano et al. and Goldfarb et al..

8.	Claims 2 is rejected under 35 U.S.C. 103 as being unpatentable over Giordano et al. (U.S. Patent Application Publication No. 2017/0300627), in view of Goldfarb et al. (U.S. Patent Application Publication No. 2017/0364699), in further view of Castinado et al. (U.S. Patent Application Publication No. 2017/0132630).
As to claim 2, Giordano et al. as modified, teaches wherein the shared ledger comprises a declarative, metadata driven (See Giordano et al., paragraphs 60-67 and 79-80, wherein Giordano discloses “doctors, patients, pharmacists, and insurers {network participants} may be issued role-specific smart contracts that allow the participants to invoke various records management events on the network,”  and “when a new record is added to the system, the record may be stored on the filesystem 112 and may be indexed by a hash value computed based on the content of the record and, in some instances, further based on metadata associated with the record (e.g., a timestamp indicating the date and time the data was created, identifying information of the doctor that created the record), cryptographically verifiable multi-network (multi-tenant) shared ledger operating on a relational database system internal to the host organization (See Giordano et al., Figures 1 and 2; Also see paragraphs *).
Giordano et al. as modified, does not explicitly teach the method further comprises: assigning a unique network ID to each of the partner orgs and to the founder org; and partitioning a table of the relational database system having the data of the network org stored there upon by network ID.
Castinado et al. teaches block chain alias for person to person payments (See abstract), in which he teaches the method further comprises: assigning a unique network ID to each of the partner orgs and to the founder org; and partitioning a table of the relational database system having the data of the network org stored there upon by network ID (See Castinado et al., paragraphs 188, wherein Castinado discloses UUID represented as tokens).
Giordano et al. as modified and Castinado et al. are from the analogous art of blockchain management. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention having the teachings of Giordano et al. as modified and Castinado et al. to have combined Giordano et al. as modified and Castinado et al.. The motivation to combine Giordano et al. as modified and Castinado et al. is to provide truth of the user’s identity and accurately map accounts (See Castinado et al., paragraph 2). Therefore, it would have been obvious to one skilled in the art to combine Giordano et al. as modified and Castinado et al..

9.	Claims 22-24 are rejected under 35 U.S.C. 103 as being unpatentable over Giordano et al. (U.S. Patent Application Publication No. 2017/0300627), in view of Goldfarb et al. (U.S. Patent Application Publication No. 2017/0364699), in further view of Ortiz et al. (U.S. Patent Application Publication No. 2018/0268401).
As to claim 22, Giordano et al. as modified, teaches wherein data deletion transactions at the network org are represented by new assets specifying the data deleted from the network org without removing any data from the DLT data store; wherein data update transactions at the network org are represented by new assets specifying a current version of the data updated at the network org without removing any data from the DLT data store (See Giordano et al., paragraphs 50-52,  64- 67, wherein Giordano discloses “a rights manager smart contract may maintain data that identifies users' permissions on the network and with respect to particular smart contracts or classes of smart contracts. For example, the rights manager smart contract may store data that correlates a first doctor's smart contract with a first user (a first doctor), a second doctor's smart contract with a second user (a second doctor), and a first patient's smart contract with a third user (a first patient). Each of these contracts may perform different operations depending on whether the caller of the contract has rights to call and execute the contract. Thus, if the second doctor attempts to call the smart contract assigned to the first doctor, then the requested operations (e.g., adding a medical record to the profile of a patient of the first doctor) in the called contract may be blocked because the second doctor does not have permission to use the first doctor's contract” and “users are assigned roles on the network 200 (e.g., patient, physician, doctor, pharmacist, administrator) and smart contracts are created and correlated with the users based on the respective roles assigned to the users. Thus, if a doctor wishes to register an account on the network 200, a smart contract specific for the role of "doctor" can be created and assigned to the user, which represents the doctor's identity on the network. The type of smart contract assigned to a user may define the types of actions that the user may take on the network 200. For example, a "patient" smart contract may enable a user to access medical records of the user (but not of other users), to add authorizations for doctors or other parties to access all or some of the user's medical records, to remove authorization of parties to access all or some of the user's medical records, to send valid prescriptions to a pharmacist for filling, to pay bills to an insurer or doctor or other medical provider, and to adjust user account settings. In contrast, a "doctor" smart contract may enable a doctor to access medical records of patients under the doctor's care, to add new medical records to the respective medical histories of the doctor's patients, to send prescriptions to pharmacists on behalf of the doctor's patients, and to send invoices for medical services rendered for a patient to the patient and the patient's insurer,” wherein “access” is read on “read access”).  
Giordano et al. as modified, does not teach wherein all prior versions of the data transacted to the network org are immutably persisted by the DLT data store and available via an audit log for the DLT data store including any data specified as having been deleted and all prior versions of the data transacted to the network org having been affected by one or more updates.
Ortiz et al. teaches system and methods for hybrid blockchain platform (See abstract), in which he teaches wherein all prior versions of the data transacted to the network org are immutably persisted by the DLT data store and available via an audit log for the DLT data store including any data specified as having been deleted and all prior versions of the data transacted to the network org having been affected by one or more updates (See Ortiz et al., paragraph 203, wherein Ortiz teaches “The security application 1700 can enable audit logging for operations on Non-public Data. The creation, retrieval, modification or deletion of non-public data can be carefully tracked”).  
Giordano et al. as modified and Ortiz et al. are from the analogous art of managing and using blockchain platforms. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention having the teachings of Giordano et al. as modified and Ortiz et al. to have combined Giordano et al. as modified and Ortiz et al.. The motivation to combine Giordano et al. modified and Ortiz et al. is to improve performance that relates to the field of computerized transaction processing using distributed ledger and blockchain (See Ortiz et al., paragraphs 1-3). Therefore, it would have been obvious to one skilled in the art to combine Giordano et al. as modified and Ortiz et al..

As to claim 23, Giordano et al. as modified, teaches wherein the host organization operates as a centralized trust authority to validate any transaction against the DLT data store on behalf of the authorized network participants for the network org (See Ortiz et al., Figure 2 and paragraphs 85 and 90, wherein Ortiz discloses “There may be very different needs and configurations between publicly available ledgers using untrusted, ad-hoc nodes, and private ledgers that are utilized among a secure set of trusted nodes. FIG. 2 is a comparison chart 200 of a private distributed ledger network solution and a public distributed ledger network solution, according to some embodiments”).   

As to claim 24, Giordano et al. as modified, teaches wherein the DLT data store is implemented via a hardware and software infrastructure operating wholly under the host organization's exclusive control (See Giordano et al., Figure 2; Also see paragraphs 9-12, 49, 58 and 61, wherein Giordano discloses  an electronic ledger comprising a blockchain database and “when a doctor creates a medical record that is added to a patient's smart contract, the medical record may initially be hosted by one or more computers associated with the doctor that created the record” and wherein Giordano discloses “network 200 is generally a decentralized network in which records management is coordinated among potentially many distinct computers or computing systems that comprise nodes in the network”).  

10.	Claim 3 is rejected under 35 U.S.C. 103 as being unpatentable over Giordano et al. (U.S. Patent Application Publication No. 2017/0300627), in view of Goldfarb et al. (U.S. Patent Application Publication No. 2017/0364699). in view of Castinado et al. (U.S. Patent Application Publication No. 2017/0132630), in further view of Ortiz et al. (U.S. Patent Application Publication No. 2018/0268401).
As to claim 3, Giordano et al. as modified, still does not teach wherein the relational database system immutably stores an audit log recording all insertions, deletions, and updates affecting the data stored within the network org via the plurality of shared ledger nodes.
Ortiz et al. teaches system and methods for hybrid blockchain platform (See abstract), in which he teaches wherein the relational database system immutably stores an audit log recording all insertions, deletions, and updates affecting the data stored within the network org via the plurality of shared ledger nodes (See Ortiz et al., paragraph 203, wherein Ortiz teaches “The security application 1700 can enable audit logging for operations on Non-public Data. The creation, retrieval, modification or deletion of non-public data can be carefully tracked”).  
Giordano et al. as modified and Ortiz et al. are from the analogous art of managing and using blockchain platforms. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention having the teachings of Giordano et al. as modified and Ortiz et al. to have combined Giordano et al. as modified and Ortiz et al.. The motivation to combine Giordano et al. as modified and Ortiz et al. is to improve performance that relates to the field of computerized transaction processing using distributed ledger and blockchain (See Ortiz et al., paragraphs 1-3). Therefore, it would have been obvious to one skilled in the art to combine Giordano et al. as modified and Ortiz et al..

11.	Claims 31-34 are rejected under 35 U.S.C. 103 as being unpatentable over Giordano et al. (U.S. Patent Application Publication No. 2017/0300627), in view of Goldfarb et al. (U.S. Patent Application Publication No. 2017/0364699), in further view of Clark et al. (U.S. Patent Application Publication No. 2019/0109713).
As to claim 31, Giordano et al. as modified, teaches SQL queries (See Ortiz et al., Figure 2 and paragraphs 202) and virtual table (See Giordano et al., paragraphs 79-80).  Giordano et al. as modified, teaches wherein the virtual table comprises a materialized view hosted at the database system of the host organization structured based on the metadata declared for the new application; wherein the materialized view hosted at the database system of the host organization does not store any data associated with the new application (See Giordano et al., paragraphs 60-67 and 79-80, wherein Giordano discloses wherein Giordano discloses “doctors, patients, pharmacists, and insurers {network participants} may be issued role-specific smart contracts that allow the participants to invoke various records management events on the network,”  and “when a new record is added to the system, the record may be stored on the filesystem 112 and may be indexed by a hash value computed based on the content of the record and, in some instances, further based on metadata associated with the record (e.g., a timestamp indicating the date and time the data was created, identifying information of the doctor that created the record). Giordano et al. as modified, however, does not explicitly teach wherein SQL queries requesting read-only access are processed against the materialized view by translating the read-only SQL queries into a shared ledger transaction to retrieve the requested data from the shared ledger.
Clark et al. teaches methods for internet communication security (See abstract), in which he teaches wherein SQL queries requesting read-only access are processed against the materialized view by translating the read-only SQL queries into a shared ledger transaction to retrieve the requested data from the shared ledger (See Clark et al., paragraphs 30, 54, 58, wherein teaches read and write accesses and paragraphs 770, 871 and 888, wherein Clark discloses “the data protocol authorization requires that communications transmitted from the front end server 2006 to the database server 2010 consist of SQL queries to receive data, and communications transmitted from the database server 2010 to the front end server 2006 consist of data having a predetermined format”).
Giordano et al. as modified and Clark et al. are from the analogous art of managing and using blockchain platforms and distributed ledgers. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention having the teachings of Giordano et al. as modified and Clark et al. to have combined Giordano et al. as modified and Clark et al.. The motivation to combine Giordano et al. as modified and Clark et al. is to provide a method and system with the ability to detect and mitigate network based attacks (See Clark et al., paragraphs 5-7). Therefore, it would have been obvious to one skilled in the art to combine Giordano et al. as modified and Clark et al..

As to claim 32, Giordano et al. as modified, teaches wherein the metadata written to the shared ledger further defines a plurality of entity types and a plurality of field definitions for each of the plurality of entity types (See Giordano et al., Figures 1 and 2; Also see paragraphs 26-29, 39-43 and 61-64, wherein Giordano teaches “Different nodes in the network may be managed and operated by different individuals, organizations, or other entities. In this way, each node in the network may separately maintain a respective copy (instance) of the ledger 106” and “in its role as a node in the distributed computing network, the computer 102 can store and maintain a copy of the distributed ledger”); and wherein the method further comprises: retrieving the metadata from the shared ledger, including the plurality of entity types, the one or more new field definitions for each of the plurality of entity types, and any field types applied to the one or more field definitions); generating a materialized view of the data stored via the shared ledger within a virtual table at the host organization by structuring the virtual table based on the defined metadata; Claims- 206 - Attorney Docket No.: 37633.6327 (A4281US)wherein the materialized view represents the structure of the data associated stored by the shared ledger without storing the data within the materialized view at the host organization (See Giordano et al., Figures 1 and 2; Also see paragraphs 26-29, 39-43 and 61-64, wherein Giordano teaches “Different nodes in the network may be managed and operated by different individuals, organizations, or other entities. In this way, each node in the network may separately maintain a respective copy (instance) of the ledger 106” and “in its role as a node in the distributed computing network, the computer 102 can store and maintain a copy of the distributed ledger”).  

As to claim 33, Giordano et al. as modified, teaches receiving, at the host organization, an SQL statement from a user device, wherein the SQL statement is directed toward the materialized view requesting an SQL update or an SQL insert for the data persisted to the blockchain and associated with the new application; processing the SQL statement against the materialized view by translating the SQL statement requesting the SQL update or the SQL insert into a corresponding shared ledger transaction to update or add the data associated with the new application at the shared ledger; and issuing an acknowledgement to the user device confirming successful processing of the SQL statement against the materialized view pursuant to the corresponding shared ledger transaction being accepted by the shared ledger and successfully updating or adding the data associated with the new application at the shared ledger (See Clark et al., paragraphs 30, 54, 58, wherein teaches read and write accesses and paragraphs 770, 871 and 888, wherein Clark discloses “the data protocol authorization requires that communications transmitted from the front end server 2006 to the database server 2010 consist of SQL queries to receive data, and communications transmitted from the database server 2010 to the front end server 2006 consist of data having a predetermined format”).  

As to claim 34, Giordano et al. as modified, teaches further comprising: receiving an SQL statement directed toward the materialized view at the host organization; wherein the SQL statement specifies one or more of (i) a SELECT from SQL statement, (ii) an INSERT into SQL statement, and (iii) an UPDATE set SQL statement; and wherein the SQL statement received is processed by translating the SQL statement into a corresponding shared ledger transaction and executing the corresponding shared ledger transaction against the shared ledger in fulfillment of the SQL statement directed toward the materialized view at the host organization (See Clark et al., paragraphs 30, 54, 58, wherein teaches read and write accesses and paragraphs 770, 871 and 888, wherein Clark discloses “the data protocol authorization requires that communications transmitted from the front end server 2006 to the database server 2010 consist of SQL queries to receive data, and communications transmitted from the database server 2010 to the front end server 2006 consist of data having a predetermined format”).  

Response to Arguments
12.	Applicant's arguments filed on 4/25/2022, with respect to the rejected claims in view of the cited references have been considered but are moot in view of the new ground(s) of rejection. 

Conclusion
13.	Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

14.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to MELLISSA M OHBA whose telephone number is (571)272-4076. The examiner can normally be reached 9:30-6:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashish Thomas can be reached on (571)-272-0631. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





7/15/2022
Mmo
/MELLISSA M. OHBA/Examiner, Art Unit 2164                                                                                                                                                                                                        

/ASHISH THOMAS/Supervisory Patent Examiner, Art Unit 2164