DETAILED ACTION
This non-final Office Action is in response to applicants’ original filing on 02/10/2021.  Claims 1-20 are currently pending and have been considered as follows.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Drawings
The drawings filed on 02/10/2021 are accepted.
Claim Objections
Claims 11 and 15 are objected to because of the following informalities:
Claim 11 line 4 recites “by the trusted aggregator based verifying integrity” which should be corrected as “by the trusted aggregator based on verifying integrity”;
Claim 15 line 4 recites “by the trusted aggregator based verifying integrity” which should be corrected as “by the trusted aggregator based on verifying integrity”;
Appropriate correction is required.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claims 19 and 20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claim 19 line 21 recites “a second cryptographic proof”, but it is unclear and indefinite as to whether this refers to the same “second cryptographic proof” recited in line 13 or a completely different cryptographic proof.  The metes and bounds of the claim language cannot be reasonably ascertained by one of ordinary skill in the art.
Claim 20 line 3 recites “the data items”, but it is unclear and indefinite as to which of the aforementioned “first data item”, “second data item”, “third data item”, “fourth data item” in Claim 19 are being referred to by the language “the data items” in line 3 of Claim 20.  Therefore, the scope of the claim is uncertain since it is indefinite as to which data items among the four are being referred to.
Allowable Subject Matter
Claims 1-18 are allowed.
Reasons for Allowance: 
The closest prior art of record are as follows:
Bomgardner et al. (US 20120291089 A1) discloses a “Data manager 100 enables enforcement of security policies between multiple domains. As will be described further below, data manager 100 includes security processes (for example, first domain security process 110 and second domain security process 120) to enforce associated domain security policies (for example, first domain security policy 112 and second domain security policy 122) between first domain 171 and second domain 181. Data manager 100 may enable unidirectional data access from one domain to another domain (or from one domain to multiple domains) and/or bidirectional data access between domains. Optionally, data manager 100 may enable data access within the same domain, such as between different groups of an organization of first domain 171” [0027]”; “first domain security process 110 can receive data 101, execute the rules in policy 112 and render the results. Second domain security process 120 can receive the results from first domain security process 110” [0031] separate microprocessor for second domain security policy [0050]; second processor to execute a second security policy [0066]”; “second domain security process 120 uses second domain security policy 122 to secure and process data 101 received from first domain 171 via first domain security process 110. Data manger 100 may send some, all, or none of data 101 to second domain 181 based second domain security policy 122. It should be noted that respective first domain security policy 112 and second domain security policy 122 enable data 101 to be secured according to security policies related to respective first domain 171 and second domain 181” [0029]; “second domain security policy 122 (which data manager 100 receives from second domain 181) includes rules to search for and remove sensitive information from data (which can include data 101) in accordance with the security practices of a second organization in control of second domain 181” [0030]; “Second domain security process 120 can receive the results from first domain security process 110 and execute the rules in policy 122 to further search for and remove any sensitive information from rendered data” [0031]; [0032]; [0033]”.
Boebert et al. (US 20040230791 A1) discloses a system and method for the secure transfer of data between a workstation connected to a private network and a remote computer connected to an unsecured network. A secure computer is inserted into the private network to serve as the gateway to the unsecured network and a client subsystem is added to the workstation in order to control the transfer of data from the workstation to the secure computer. The secure computer includes a private network interface connected to the private network, an unsecured network interface connected to the unsecured network, wherein the unsecured network interface includes means for encrypting data to be transferred from the first workstation to the remote computer and a server function for transferring data between the private network interface and the unsecured network interface.
Mraz et al. (US 20140337410 A1) discloses a cross-domain system for transferring files from a client to a server. A first server in the first network domain receives and stores files from the client via the first network. The received files are processed based on predetermined instructions stored in an associated file. The processed received files are transmitted to a second server via a one-way data link. The second server in the second network domain receives and stores the processed received files. The received files are further processed based on predetermined instructions stored in an associated file. The further processed received files are transmitted to the server via the second network. The two associated files are stored in permanent memory with security policies which prevent the files from disrupting operation of the first and second servers, respectively. The security policies allow the associated files to be overwritten to update the processing performed by the associated server.
Redlich et al. (US 20150156206 A1) discloses a plurality of select content data stores for respective ones of a plurality of enterprise designated categorical filters which include content-based filters, contextual filters and taxonomic classification filters, all operatively coupled over a communications network. A data input is processed through at least one activated categorical filter to obtain select content, and contextually associated select content and taxonomically associated select content as aggregated select content. The aggregated select content is stored in the corresponding select content data store. A data process from the group of data processes including a copy process, a data extract process, a data archive process, a data distribution process and a data destruction process is associated with the activated categorical filter and the method and system applies the associated data process to a further data input based upon a result of that further data being processed by the activated categorical filter utilizing the aggregated select content data. In effect, the system and process translates the sec-con or SC data and then stores the same in certain locations or secure stores. In this manner, a transformation of the data is achieved. By transposing the sec-con or SC data, higher levels of organization are realized or higher levels of security are implemented.
However, the prior art of record does not teach individually or in combination the following limitations as recited in applicants’ independent Claims:
[Claim 1] “in a distributed cross-domain solution (CDS) system… generating, by the untrusted node using a proof-carrying data (PCD) computation, a second cryptographic proof that indicates (a) validity of the first cryptographic proof and (b) integrity of the first computation on the first data item; and transmitting, by the untrusted node to a first recipient node in the distributed CDS system, the second data item and the second cryptographic proof”;
[Claim 8] “in a distributed cross-domain solution (CDS) system… generating, by the first untrusted node, a first cryptographic proof that indicates integrity of the first computation on the first data item; transmitting, by the first untrusted node to a trusted aggregator in the distributed CDS system, the first cryptographic proof; and transmitting, by the first untrusted node to a first recipient node in the distributed CDS system, the second data item”;
[Claim 19] “in a distributed cross-domain solution (CDS) system… generating, by the first untrusted node using a proof-carrying data (PCD) computation, a second cryptographic proof that indicates (a) validity of the first cryptographic proof and (b) integrity of the first computation on the first data item; transmitting, by the first untrusted node to a first recipient node in the distributed CDS system, the second data item and the second cryptographic proof… generating, by the second untrusted node, a second cryptographic proof that indicates integrity of the second computation on the third data item; transmitting, by the second untrusted node to the trusted aggregator, the second cryptographic proof; and transmitting, by the second untrusted node to a second recipient node in the distributed CDS system, the fourth data item”.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicants’ disclosure.
Kuckelman et al. (US 20110314536 A1) is cited for testing firewall functionality in a cross-domain system utilized to control data transfer.
Camenisch et al. (US 20120204035 A1) is cited for verifying cryptographic proofs such as possession of cryptographic credentials.
Golle et al. (US 20090249220 A1) is cited for verifying integrity of owner redacted documents by a recipient that challenges the redactions. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Kenneth W Chang whose telephone number is (571)270-7530. The examiner can normally be reached Monday - Friday 9-5pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on 571-272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/KENNETH W CHANG/Primary Examiner, Art Unit 2438                                                                                                                                                                                                        
    PNG
    media_image1.png
    35
    280
    media_image1.png
    Greyscale

08.12.2022