DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 09/12/2022 for application number 15/931,201 has been entered. Therefore, in the application,
Claims 1-17 are pending and being considered. 
Claims 1, 16 and 17 are independent. 
Claims 1-3, 8, 16 and 17 are amended.
Claim 18 has been cancelled. 
Claims 1- 17 are rejected. 

Information Disclosure Statement


The information disclosure statement (IDS) submitted on 09/08/2022 was filed on or after the mailing date of the application no.15/931,201 filed on 05/13/2020. The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner and an initialed and dated copy of Applicant’s IDS form 1449 filed on 09/08/2022 is attached to the instant office action.

Response to Arguments/Remarks
Applicant’s arguments/remarks, filed on 09/12/2022, have been fully considered and are rendered moot in view of new grounds of rejections outlined below, which were necessitated by the applicant’s amendment. The argument does not apply to the current art(s) being used. 

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claim 1-17 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Regarding claim 1, the claim recites limitation “wherein the data for verifying the chain of events comprises for an event of the chain of events: event data, a sequence number, a prior event signature, and an event signature; and”, in lines 9-11 of the claim. An “event signature” as recited in the claim limitation is indefinite because it is unclear whether the recited “event signature” refers to a current event or it refers to a next event. Therefore, clarification is required.
Regarding independent claims 16 and 17, the claims are rejected for the same reasons as mentioned above for the independent claim 1.
Dependent claims 2-15 are likewise rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph as being indefinite since they depend on and/or carries the deficiencies of the parent claims.

Claim Rejections - 35 U.S.C. 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or non-obviousness.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 6-11 and 13-17 are rejected under 35 U.S.C. 103 as being unpatentable over Kress et al. (US 2021/0334769 A1; Filed on April 22, 2020), hereinafter (Kress), in view of Tal Dayan (US 2012/0023221 A1), hereinafter (Dayan), and further in view of Andrew Sutton (Blockchain Enabled Privacy Audit Logs; Springer International Publishing AG 2017), hereinafter (Andrew).

Regarding claim 1, Kress teaches a system for auditing event data, comprising (Kress, Para. [0039], discloses a blockchain ledger 232 (see Fig. 2) that stores a data transaction record for the data transaction information of each data transaction. The data transaction record may store the data transaction information as metadata in a body of the record, and see Para. [0078], that discloses to audit the blockchain ledger(s)): an interface configured to (Kress, Fig. 2 illustrates a communication interface 204): receive an audit query request (Kress, Fig. 2 and Para. [0043-0044], discloses a metadata query module 224 that may receive metadata queries) and a client key (Kress, Para. [0058], discloses a valid encryption key provided separately or in advance by the data retrieval module 222); and a hardware processor configured to (Kress, Fig. 2 and Para. [0053], discloses a processor 206 to perform the recited operations): determine whether the audit query request is valid (Kress, Fig. 2 and Para. [0043-0044], discloses that the metadata query module may permit an authorized person to submit the metadata query after the authentication credentials of the authorized person are validated. The authorized persons may include government auditors, and/or other personnel that perform oversight, compliance, regulation, and/or carry out other official duties, as also disclosed in Fig. 7 and Para. [0067-0068]); retrieve from the audit store data for verifying the chain of events (Kress, Figs. 1-2 and Para. [0043], accordingly the metadata query module 224 may retrieve metadata that matches the metadata query 140 from the subscriber preference blockchain ledger 112, the access configuration blockchain ledger 114, and/or the data transaction blockchain ledger 138, and as disclosed in Para. [0040], wherein the blockchain technology provides a decentralized secure data storage for storing records in a verifiable and permanent manner), wherein the data for verifying the chain of events comprises for an event of the chain of events: event data, a sequence number, a prior event signature, and an event signature (Kress, Para. [0039-0040], discloses the use of blockchain technology to generate a data transaction record for the data transaction information of each data transaction (i.e., an event) and store the record(s) in the data transaction blockchain ledger 232 (or in a secure data storage) in a verifiable and permanent manner. Wherein, the data transaction record may store the data transaction information as metadata in a body 236 of the record 234. In various embodiments, the metadata may include other information, such as a transaction identifier (i.e., a sequence number), the date and time of the data transaction information receipt (i.e., event data), an initial (or hash) signature 240 of a prior data transaction (i.e., a prior event signature), and a hash signature 242 of the data transaction (i.e., an event signature), as depicted in Fig. 2); and  
Kress, Para. [0039-0040], discloses to generate a cryptographic hash signature 242 by performing a cryptographic hash of the record 234. Wherein, the data transaction record 234 may store the data transaction information as metadata in a body 236 of the record 234. Wherein, the metadata may include other information, such as a transaction identifier (i.e., a sequence number), the date and time of the data transaction information receipt (i.e., event data), and an initial (or hash) signature 240 of a prior data transaction (i.e., a prior event signature)); and 
Kress fails to explicitly disclose but Dayan teaches determine whether a chain of events is stored in an audit store, wherein the chain of events is associated with the audit query request (Dayan, Fig. 2 and Para. [0032-0033], discloses a query engine 208 that may receive a query and consult the event repository 202 and system information (metadata) 210. Based upon the query and the information obtained from the event repository 202 and/or the system information 210, the query engine 208 generates query results by selecting the events that are relevant to the query); and in response to determining that the chain of events is stored in the audit store, retrieve from the audit store data for verifying the chain of events (Dayan, Fig. 2 and Para. [0032-0033], discloses that the query engine 208 generates (or outputs) query results based upon the query and the information obtained from the event repository 202),
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Dayan’ into the teachings of ‘Kress’, with a motivation to determine whether a chain of events is stored in an audit store, wherein the chain of events is associated with the audit query request, as taught by Dayan, in order for a query engine to filter events and select events that are relevant to the query and ignores the ones that are not; Dayan, Para. [0033].
Kress as modified by Dayan fails to explicitly disclose but Andrew teaches verify the event, comprising to (Andrew, pdf page 10 (4. Log Integrity Verification; last paragraph), discloses to verify the integrity of a log event and the event signature):  
generate a check signature for the event using the client key to encrypt a hash value generated by hashing the event data, the sequence number, and the prior event signature (Andrew, pdf page 7 (3.3 Signature Graph Generation; last paragraph) and pdf page 8 (first paragraph), discloses that a logger generates a signature, Sig, by signing the generated hash value (or digest) by using the Elliptic Curve Digital Signature Algorithm (ECDSA), such as illustrated in line 3 of Algorithm 1 “3  Sig ← Sign (Hash, sk);”, wherein “sk” represents logger’s private key. ECDSA uses smaller keys to achieve the same level of security as other algorithms (such as RSA), resulting in a faster signing algorithm, and as disclosed in pdf page 8 (3.4 Block Graph Generation), an algorithm 2 that inputs an event ‘s signature (sgi), header (hgi) and body (bgi) graphs to compute an integrity proof digest (i.e., hash value, as disclosed in step 2 of the algorithm 2), and as disclosed in the last paragraph on pdf page 5, wherein the log events consist of a header (hgi) that captures the provenance (i.e., sequence number) of an event and a body (bgi) containing information about the event, such as what data is being access by whom); and determine whether the check signature is equivalent to the event signature (Andrew, pdf pages 10-11 (4. Log Integrity Verification), discloses an event signature verification algorithm 3 (steps 1-9) that verifies and returns a Boolean verification value “                        
                            
                                
                                    v
                                
                                
                                    i
                                
                            
                        
                    ” as “true or false” for the generated signatures).
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Andrew’ into the teachings of ‘Kress’ as modified by ‘Dayan’, with a motivation to generate a check signature for the event using the client key to encrypt a hash value generated by hashing the event data, the sequence number, and the prior event signature; and determine whether the check signature is equivalent to the event signature, as taught by Andrew, in order to verify the integrity of the log events that will result in a genuine audit of the participant's actions, since the performed actions (events) in the log are proven to be authentic, and further makes the audit logs tamper-proof; Andrew, pdf page 2 and 4.

Regarding claim 2, Kress as modified by Dayan in view of Andrew teaches the system of claim 1, wherein Kress fails to explicitly disclose but Dayan teaches further comprising determining whether the chain of events is verified as true, and in response to determining that the chain of events is verified as true, providing the data for the audit query request (Dayan, Para. [0014], disclose to filter the plurality of events based upon a query (wherein filtering the events includes selecting the events that are relevant to the query, see Para. [0012]) and generating a data view to select a subset of events matching the query for display).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Dayan’ into the teachings of ‘Kress’, with a motivation to provide the data for the audit query request in response to determining that the chain of event is verified, as taught by Dayan, in order for a query engine to perform overing of existing events by performing logging and versioning of the existing events for auditing and recovery; Dayan, Para. [0013]. 

Regarding claim 6, Kress as modified by Dayan in view of Andrew teaches the system of claim 3, wherein Kress as modified by Dayan fails to teach but Andrew further teaches verifying the chain of events comprises generating a hash value by hashing the event data and the sequence number with the prior event signature (Andrew, pdf page 8 (3.4 Block Graph Generation), discloses an algorithm 2 that inputs an event ‘s signature (sgi), header (hgi) and body (bgi) graphs to compute an integrity proof digest (i.e., hash value, as disclosed in step 2 of the algorithm 2), and as disclosed in the last paragraph on pdf page 5, wherein the log events consist of a header (hgi) that captures the provenance (i.e., sequence number) of an event and a body (bgi) containing information about the event, such as what data is being access by whom).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Andrew’ into the teachings of ‘Kress’ as modified by ‘Dayan’, with a motivation to generate a hash value by hashing data and a sequence number of an event with an event signature from a prior event, as taught by Andrew, in order to verify the chain of events by creating a non-repudiable log events and utilize the distributed and immutable properties of block-chain technology to make the audit logs tamper-proof; Andrew, pdf page 2 (second paragraph).

Regarding claim 7, Kress as modified by Dayan in view of Andrew teaches the system of claim 6, wherein Kress further teaches verifying the chain of events further comprises encrypting the hash value using the client key Kress, Para. [0039], discloses that the metadata is encrypted by the data transaction module 220 using a unique encryption key).
Kress as modified by Dayan fails to explicitly disclose to generate a check signature, but Andrew teaches verifying the chain of events further comprises encrypting the hash value using the client key to generate a check signature (Andrew, pdf page 7 (3.3 Signature Graph Generation), discloses an algorithm 1 (step 3) to generate a signature graph such as “3. Sig ← Sign (Hash, sk);”, wherein “sk” represents logger’s private key).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Andrew’ into the teachings of ‘Kress’ as modified by ‘Dayan’, with a motivation to encrypt the hash value using the client key to generate a check signature, as taught by Andrew, in order to verify the chain of events by creating a non-repudiable log events and utilize the distributed and immutable properties of block-chain technology to make the audit logs tamper-proof; Andrew, pdf page 2 (second paragraph).

Regarding claim 8, Kress as modified by Dayan in view of Andrew teaches the system of claim 7, wherein Kress as modified by Dayan fails to explicitly disclose but Andrew teaches verifying the chain of events further comprises determining whether the check signature is equivalent to the event signature (Andrew, pdf pages 10-11 (4. Log Integrity Verification), discloses an event-based signature verification algorithm 3 (steps 1-9) that verifies and returns a Boolean verification value “Vi” as “true or false” for the generated signatures).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Andrew’ into the teachings of ‘Kress’ as modified by ‘Dayan’, with a motivation to determine whether the check signature is equivalent to a next event signature, as taught by Andrew, in order to check the compliance (i.e., by checking a subset of events through SPARQL queries) of participants’ actions with respect to the privacy policies; Andrew, pdf page 10 (4. Log Integrity Verification).

Regarding claim 9, Kress as modified by Dayan in view of Andrew teaches the system of claim 1, wherein Kress further teaches in response to determining that the audit query request is invalid, returning an exception (Kress, Fig. 7 and Para. [0068-0069], discloses that, at decision block 704, the metadata query module 224 may determine whether the subscriber is authenticated to request metadata. Thus, if the subscriber is authenticated (“yes” at decision block 704), the process 700 may proceed to block 706. If the subscriber is not authenticated (“no” at decision block 704), the process 700 may proceed to block 716. At block 716, the metadata query module 224 may send a notification to the user device indicating that the subscriber is not authorized to retrieve the metadata).  


Regarding claim 10, Kress as modified by Dayan in view of Andrew teaches the system of claim 1, wherein Kress fails to teach but Dayan further teaches in response to determining that the chain of events is not stored in the audit store, retrieving from an event store the data for verifying the chain of events (Dayan, Fig. 2 and Para. [0032-0033], discloses that the query engine 208 generates query results based upon the query and the information obtained from the event repository 202, and as disclosed in Para. [0035], wherein some events may not be stored explicitly in the event repository 202, but can be recovered (or retrieved) on demand from various data sources inside or outside of the cloud. For instance, an event such as "system X was slow at time Y" can be recovered at any time from the latency logs of system X).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Dayan’ into the teachings of ‘Kress’, with a motivation to determine that the chain of events is not stored in the audit store, as taught by Dayan, in order for a query engine to perform overing of existing events by performing logging and versioning of the existing events for auditing and recovery; Dayan, Para. [0013].


Regarding claim 11, Kress as modified by Dayan in view of Andrew teaches the system of claim 10, wherein Dayan further teaches further comprising verifying the chain of events, wherein verifying the chain of events comprises selecting the event (Dayan, Para. [0012], discloses an example of filtering the events includes selecting events that are relevant to the query).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Dayan’ into the teachings of ‘Kress’, with a motivation wherein verifying the chain of events comprises selecting the event, as taught by Dayan, in order for a query engine to perform overing of existing events by performing logging and versioning of the existing events for auditing and recovery; Dayan, Para. [0013].

Regarding claim 13, Kress as modified by Dayan in view of Andrew teaches the system of claim 10, wherein Kress as modified by Dayan fails to teach but Andrew teaches verifying the chain of events comprises generating a hash value by hashing the event data and the sequence number with the prior event signature (Andrew, pdf page 8 (3.4 Block Graph Generation), discloses an algorithm 2 that inputs an event ‘s signature (sgi), header (hgi) and body (bgi) graphs to compute an integrity proof digest (i.e., hash value, as disclosed in step 2 of the algorithm 2), and as disclosed in the last paragraph on pdf page 5, wherein the log events consist of a header (hgi) that captures the provenance (i.e., sequence number) of an event and a body (bgi) containing information about the event, such as what data is being access by whom).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Andrew’ into the teachings of ‘Kress’ as modified by ‘Dayan’, with a motivation to generate a hash value by hashing data and a sequence number of an event with an event signature from a prior event, as taught by Andrew, in order to verify the chain of events by creating a non-repudiable log events and utilize the distributed and immutable properties of block-chain technology to make the audit logs tamper-proof; Andrew, pdf page 2 (second paragraph).

Regarding claim 14, Kress as modified by Dayan in view of Andrew teaches the system of claim 13, wherein Kress further teaches verifying the chain of events further comprises encrypting the hash value using the client key Kress, Para. [0039], discloses that the metadata is encrypted by the data transaction module 220 using a unique encryption key).  
Kress as modified by Dayan fails to explicitly disclose to generate a check signature, but Andrew teaches verifying the chain of events further comprises encrypting the hash value using the client key to generate a check signature (Andrew, pdf page 7 (3.3 Signature Graph Generation), discloses an algorithm 1 (step 3) to generate a signature graph such as “3. Sig ← Sign (Hash, sk);”, wherein “sk” represents logger’s private key).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Andrew’ into the teachings of ‘Kress’ as modified by ‘Dayan’, with a motivation to encrypt the hash value using the client key to generate a check signature, as taught by Andrew, in order to verify the chain of events by creating a non-repudiable log events and utilize the distributed and immutable properties of block-chain technology to make the audit logs tamper-proof; Andrew, pdf page 2 (second paragraph).

Regarding claim 15, Kress as modified by Dayan in view of Andrew teaches the system of claim 14, wherein Kress as modified by Dayan fails to explicitly disclose but Andrew teaches verifying the chain of events further comprises determining whether the check signature is equivalent to the next event signature (Andrew, pdf pages 10-11 (4. Log Integrity Verification), discloses an event based signature verification algorithm 3 (steps 1-9) that verifies and returns a Boolean verification value “Vi” as “true or false” for the generated signatures).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Andrew’ into the teachings of ‘Kress’ as modified by ‘Dayan’, with a motivation to determine whether the check signature is equivalent to a next event signature, as taught by Andrew, in order to check the compliance (i.e., by checking a subset of events through SPARQL queries) of participants’ actions with respect to the privacy policies; Andrew, pdf page 10 (4. Log Integrity Verification).

Regarding claim 16, Kress teaches a method for auditing event data, comprising (Kress, Para. [0078], discloses to audit the blockchain ledger(s)): receiving an audit query request (Kress, Fig. 2 and Para. [0043-0044], discloses a metadata query module 224 that may receive metadata queries) and a client key (Kress, Para. [0058], discloses a valid encryption key provided separately or in advance by the data retrieval module 222); and determining, using a processor, whether the audit query request is valid (Kress, Fig. 2 and Para. [0053], discloses a processor 206 to perform the recited operations, and see also Fig. 2 and Para. [0043-0044], discloses that the metadata query module may permit an authorized person to submit the metadata query after the authentication credentials of the authorized person are validated. The authorized persons may include government auditors, and/or other personnel that perform oversight, compliance, regulation, and/or carry out other official duties);Application Serial No. 15/931,201 Kress, Fig. 7 and Para. [0069], discloses that, at decision block 708, if the requested metadata is available (“yes” at decision block 708), the process 700 may proceed to block 710. At block 710, the metadata query module 224 may retrieve metadata that matches the metadata query 140 from the subscriber preference blockchain ledger 112, the access configuration blockchain ledger 114, and/or the data transaction blockchain ledger 138, and as disclosed in Figs. 1-2 and Para. [0040-0043], wherein the blockchain technology provides a decentralized secure data storage for storing records in a verifiable and permanent manner), wherein the data for verifying the chain of events comprises for an event of the chain of events: event data, a sequence number, a prior event signature, and an event signature (Kress, Para. [0039-0040], discloses the use of blockchain technology to generate a data transaction record for the data transaction information of each data transaction (i.e., an event) and store the record(s) in the data transaction blockchain ledger 232 (or in a secure data storage) in a verifiable and permanent manner. Wherein, the data transaction record may store the data transaction information as metadata in a body 236 of the record 234. In various embodiments, the metadata may include other information, such as a transaction identifier (i.e., a sequence number), the date and time of the data transaction information receipt (i.e., event data), an initial (or hash) signature 240 of a prior data transaction (i.e., a prior event signature), and a hash signature 242 of the data transaction (i.e., an event signature), as depicted in Fig. 2); and signature (Kress, Para. [0039-0040], discloses to generate a cryptographic hash signature 242 by performing a cryptographic hash of the record 234. Wherein, the data transaction record 234 may store the data transaction information as metadata in a body 236 of the record 234. Wherein, the metadata may include other information, such as a transaction identifier (i.e., a sequence number), the date and time of the data transaction information receipt (i.e., event data), and an initial (or hash) signature 240 of a prior data transaction (i.e., a prior event signature)); and
Kress fails to explicitly disclose but Dayan teaches determining whether a chain of events is stored in an audit store, wherein the chain of events is associated with the audit query request (Dayan, Fig. 2 and Para. [0032-0033], discloses a query engine 208 that may receive a query and consult the event repository 202 and system information (metadata) 210. Based upon the query and the information obtained from the event repository 202 and/or the system information 210, the query engine 208 generates query results by selecting the events that are relevant to the query); in response to determining that the chain of events is stored in the audit store, retrieving from the audit store data for verifying the chain of events (Dayan, Fig. 2 and Para. [0032-0033], discloses that the query engine 208 generates (or outputs) query results based upon the query and the information obtained from the event repository 202),
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Dayan’ into the teachings of ‘Kress’, with a motivation to determine whether a chain of events is stored in an audit store, wherein the chain of events is associated with the audit query request, as taught by Dayan, in order for a query engine to filter events and select events that are relevant to the query and ignores the ones that are not; Dayan, Para. [0033].
Kress as modified by Dayan fails to explicitly disclose but Andrew teaches verifying the event, comprising (Andrew, pdf page 10 (4. Log Integrity Verification; last paragraph), discloses to verify the integrity of a log event and the event signature): generating a check signature for the event using the client key to encrypt a hash value generated by hashing the event data, the sequence number, and the prior event signature (Andrew, pdf page 7 (3.3 Signature Graph Generation; last paragraph) and pdf page 8 (first paragraph), discloses that a logger generates a signature, Sig, by signing the generated hash value (or digest) by using the Elliptic Curve Digital Signature Algorithm (ECDSA), such as disclosed in line 3 of Algorithm 1 “3  Sig ← Sign (Hash, sk);”, wherein “sk” represents logger’s private key. ECDSA uses smaller keys to achieve the same level of security as other algorithms (such as RSA), resulting in a faster signing algorithm, and as disclosed in pdf page 8 (3.4 Block Graph Generation), an algorithm 2 that inputs an event ‘s signature (sgi), header (hgi) and body (bgi) graphs to compute an integrity proof digest (i.e., hash value, as disclosed in step 2 of the algorithm 2), and as disclosed in the last paragraph on pdf page 5, wherein the log events consist of a header (hgi) that captures the provenance (i.e., sequence number) of an event and a body (bgi) containing information about the event, such as what data is being access by whom); and determining whether the check signature is equivalent to the event signature (Andrew, pdf pages 10-11 (4. Log Integrity Verification), discloses an event signature verification algorithm 3 (steps 1-9) that verifies and returns a Boolean verification value “                        
                            
                                
                                    v
                                
                                
                                    i
                                
                            
                        
                    ” as “true or false” for the generated signatures).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Andrew’ into the teachings of ‘Kress’ as modified by ‘Dayan’, with a motivation to generate a check signature for the event using the client key to encrypt a hash value generated by hashing the event data, the sequence number, and the prior event signature; and determine whether the check signature is equivalent to the event signature, as taught by Andrew, in order to verify the integrity of the log events that will result in a genuine audit of the participant's actions, since the performed actions (events) in the log are proven to be authentic, and further makes the audit logs tamper-proof; Andrew, pdf page 2 and 4.

Regarding claim 17, Kress teaches a computer program product for auditing event data, the computer program product being embodied in a non-transitory computer readable storage medium and comprising computer instructions for (Kress, Para. [0032], discloses that some or all of the instructions and data may be stored on a computer-readable removable recording, yet still accessible by, the processor, and as disclosed in Para. [0078], to audit the blockchain ledger(s)): receiving an audit query request (Kress, Fig. 2 and Para. [0043-0044], discloses a metadata query module 224 that may receive metadata queries) and a client key (Kress, Para. [0058], discloses a valid encryption key provided separately or in advance by the data retrieval module 222); and determining, using a processor, whether the audit query request is valid (Kress, Fig. 2 and Para. [0043-0044], discloses that the metadata query module may permit an authorized person to submit the metadata query after the authentication credentials of the authorized person are validated. The authorized persons may include government auditors, and/or other personnel that perform oversight, compliance, regulation, and/or carry out other official duties); Kress, Figs. 1-2 and Para. [0043], accordingly the metadata query module 224 may retrieve metadata that matches the metadata query 140 from the subscriber preference blockchain ledger 112, the access configuration blockchain ledger 114, and/or the data transaction blockchain ledger 138), wherein the data for verifying the chain of events comprises for an event of the chain of events: event data, a sequence number, a prior event signature, and an event signature (Kress, Para. [0039-0040], discloses the use of blockchain technology to generate a data transaction record for the data transaction information of each data transaction (i.e., an event) and store the record(s) in the data transaction blockchain ledger 232 (or in a secure data storage) in a verifiable and permanent manner. Wherein, the data transaction record may store the data transaction information as metadata in a body 236 of the record 234. In various embodiments, the metadata may include other information, such as a transaction identifier (i.e., a sequence number), the date and time of the data transaction information receipt (i.e., event data), an initial (or hash) signature 240 of a prior data transaction (i.e., a prior event signature), and a hash signature 242 of the data transaction (i.e., an event signature), as depicted in Fig. 2); and and the prior event signature (Kress, Para. [0039-0040], discloses to generate a cryptographic hash signature 242 by performing a cryptographic hash of the record 234. Wherein, the data transaction record 234 may store the data transaction information as metadata in a body 236 of the record 234. Wherein, the metadata may include other information, such as a transaction identifier (i.e., a sequence number), the date and time of the data transaction information receipt (i.e., event data), and an initial (or hash) signature 240 of a prior data transaction (i.e., a prior event signature)); and 
Kress fails to explicitly disclose but Dayan teaches determining whether a chain of events is stored in an audit store, wherein the chain of events is associated with the audit query request (Dayan, Fig. 2 and Para. [0032-0033], discloses a query engine 208 that may receive a query and consult the event repository 202 and system information (metadata) 210. Based upon the query and the information obtained from the event repository 202 and/or the system information 210, the query engine 208 generates query results by selecting the events that are relevant to the query); in response to determining that the chain of events is stored in the audit store, retrieving from the audit store data for verifying the chain of events (Dayan, Fig. 2 and Para. [0032-0033], discloses that the query engine 208 generates query results based upon the query and the information obtained from the event repository 202),
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Dayan’ into the teachings of ‘Kress’, with a motivation to determine whether a chain of events is stored in an audit store, wherein the chain of events is associated with the audit query request, as taught by Dayan, in order for a query engine to filter events and select events that are relevant to the query and ignores the ones that are not; Dayan, Para. [0033].
Kress as modified by Dayan fails to explicitly disclose but Andrew teaches verifying the event, comprising (Andrew, pdf page 10 (4. Log Integrity Verification; last paragraph), discloses to verify the integrity of a log event and the event signature):Application Serial No. 15/931,201 Attorney Docket No. RIDGP0034generating a check signature for the event using the client key to encrypt a hash value generated by hashing the event data, the sequence number, and the prior event signature (Andrew, pdf page 7 (3.3 Signature Graph Generation; last paragraph) and pdf page 8 (first paragraph), discloses that a logger generates a signature, Sig, by signing the generated hash value (or digest) by using the Elliptic Curve Digital Signature Algorithm (ECDSA), such as illustrated in line 3 of Algorithm 1 “3  Sig ← Sign (Hash, sk);”, wherein “sk” represents logger’s private key. ECDSA uses smaller keys to achieve the same level of security as other algorithms (such as RSA), resulting in a faster signing algorithm, and as disclosed in pdf page 8 (3.4 Block Graph Generation), an algorithm 2 that inputs an event ‘s signature (sgi), header (hgi) and body (bgi) graphs to compute an integrity proof digest (i.e., hash value, as disclosed in step 2 of the algorithm 2), and as disclosed in the last paragraph on pdf page 5, wherein the log events consist of a header (hgi) that captures the provenance (i.e., sequence number) of an event and a body (bgi) containing information about the event, such as what data is being access by whom); and determining whether the check signature is equivalent to the event signature (Andrew, pdf pages 10-11 (4. Log Integrity Verification), discloses an event signature verification algorithm 3 (steps 1-9) that verifies and returns a Boolean verification value “                        
                            
                                
                                    v
                                
                                
                                    i
                                
                            
                        
                    ” as “true or false” for the generated signatures).
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Andrew’ into the teachings of ‘Kress’ as modified by ‘Dayan’, with a motivation to generate a check signature for the event using the client key to encrypt a hash value generated by hashing the event data, the sequence number, and the prior event signature; and determine whether the check signature is equivalent to the event signature, as taught by Andrew, in order to verify the integrity of the log events that will result in a genuine audit of the participant's actions, since the performed actions (events) in the log are proven to be authentic, and further makes the audit logs tamper-proof; Andrew, pdf page 2 and 4.

Claims 3-5 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Kress et al. (US 2021/0334769 A1; Filed On April 22, 2020), hereinafter (Kress), in view of Tal Dayan (US 2012/0023221 A1), hereinafter (Dayan), and further in view of Andrew Sutton (Blockchain Enabled Privacy Audit Logs; Springer International Publishing AG 2017), hereinafter (Andrew), and Cynthia Disenfield (Specification and Verification of Event Detectors and Responses; March 24-29, 2013), hereinafter (Cynthia).

Regarding claim 3, Kress as modified by Dayan in view of Andrew teaches the system of claim 2, wherein Kress as modified by Dayan in view of Andrew fails to explicitly disclose but Cynthia teaches in response to determining that the chain of events is not verified as true, verifying the chain of events (Cynthia, pdf page 2 (1. Introduction) and left column, discloses an abstraction refinement technique for verifying a library of events and aspects, such as an algorithm disclosed in Figure 7 and (4. Abstraction-Refinement for Events) on pdf page 6, wherein at each iteration an event is verified, in response to the determined “error” that the event is not verified (See Figure. 7), i.e., by performing event refinement in response to the determined spuriousness).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Cynthia’ into the teachings of ‘Kress’ as modified by ‘Dayan’ in view of ‘Andrew’, with a motivation to verify the chain of events in response to determining that the chain of events is not verified, as taught by Cynthia (NPL), in order to detect interference among aspects that respond to complex events; Cynthia, pdf page 2 and left column.

Regarding claim 4, Kress as modified by Dayan in view of Andrew and Cynthia teaches the system of claim 3, wherein Kress fails to explicitly disclose but Dayan further teaches verifying the chain of events comprises selecting the event (Dayan, Para. [0012], discloses an example of filtering the events includes selecting events that are relevant to the query).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Dayan’ into the teachings of ‘Kress’, with a motivation wherein verifying the chain of events comprises selecting the event, as taught by Dayan, in order for a query engine to perform overing of existing events by performing logging and versioning of the existing events for auditing and recovery; Dayan, Para. [0013].


Regarding claim 5, Kress as modified by Dayan in view of Andrew and Cynthia teaches the system of claim 3, wherein Kress as modified by Dayan in view of Andrew fails to explicitly disclose but Cynthia teaches verifying the chain of events comprises retrieving contents of the event (Cynthia, Figure 7 on pdf page 6, discloses an algorithm to perform verification of events, wherein at each iteration an event (including event code and partial event spec (i.e., contents of an event)) is verified).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Cynthia’ into the teachings of ‘Kress’ as modified by ‘Dayan’ in view of ‘Andrew’, with a motivation to retrieve contents of an event, as taught by Cynthia, in order to verify a library of events; Cynthia, left column on pdf page 2.

Regarding claim 12, Kress as modified by Dayan in view of Andrew teaches the system of claim 10, wherein Kress as modified by Dayan in view of Andrew fails to explicitly disclose but Cynthia teaches verifying the chain of events comprises retrieving contents of the event (Cynthia, Figure 7 on pdf page 6, discloses an algorithm to perform verification of events, wherein at each iteration an event (including event code and partial event spec (i.e., contents of an event)) is verified).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Cynthia’ into the teachings of ‘Kress’ as modified by ‘Dayan’ in view of ‘Andrew’, with a motivation to retrieve contents of an event, as taught by Cynthia, in order to verify a library of events; Cynthia, left column on pdf page 2.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See form PTO-892.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALI CHEEMA, whose contact number is 571-272-1239. The examiner can normally be reached on Monday-Friday: 8:00AM – 4:00PM.
 If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge L. Ortiz-Criado can be reached on 571-272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.  Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ALI CHEEMA/
Examiner, Art Unit 2496

/JORGE L ORTIZ CRIADO/Supervisory Patent Examiner, Art Unit 2496