DETAILED ACTION
Claims 1-20 are presented for examination.
This is a first action on the merits based on Applicant’s claims filed on 1/12/2021 for U.S. Patent Application No. 17/147,355.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Priority
Applicant’s claim for the benefit of a prior-filed PCT Patent Application No. PCT/CN2020/081526, filed March 27, 2020 is acknowledged; PCT Patent Application No. PCT/CN2020/081526 further claims foreign priority to Chinese Patent Application No. 201910245109.4 filed 3/28/2019. 
However, the foreign priority claim to Chinese Patent Application No. 20190245109.4 has not been perfected yet, applicant may perfect the priority claim by submitting a certified English translation of Chinese Patent Application No. 20190245109.4.

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 1/22/2021, 3/8/2021, and 10/13/2021 are in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statements are being considered by the examiner.


Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Independent claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Independent Claim 1 line 3 states “receiving a permission operation request from a client”, and line 11 states “user permission”. It is unclear if the two are meant to have antecedent basis. For the purpose of examination “user permission” is interpreted as “the client permission”.
 Claims 2-9 which are dependent on claim 1 are therefore indefinite via its dependence.
Independent Claim 10 line 10 states “receiving a permission operation request from a client”, and line 18 states “user permission”. It is unclear if the two are meant to have antecedent basis. For the purpose of examination “user permission” is interpreted as “the client permission”. Claims 11-18 which are dependent on claim 10 are therefore indefinite via its dependence.
Independent Claim 19 line 5 states “receiving a permission operation request from a client”, and line 13 states “user permission”. It is unclear if the two are meant to have antecedent basis. For the purpose of examination “user permission” is interpreted as “the client permission”. Claim 20 which is dependent on claim 19 is therefore indefinite via its dependence.


Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


Claims 1-3, 10-12, and 19-20 are rejected under 35 U.S.C. 102 as being unpatentable over Padmanabhan et al. (U.S. 2019/0238525 hereinafter "Padmanabhan").

Claim 1. Padmanabhan disclosed a permission verification method (Padmanabhan, Title, “Systems, Methods, and Apparatus For Implementing Super Community And Community Sidechains with Consent Management for Distributed Ledger Technologies In A Cloud Based Computing Environment ), performed by a first node device in a blockchain (Padmanbhan [0221-0222] “processing logic operates a blockchain interface to a blockchain on behalf of a plurality of tenants of the host organization, in which each of the plurality of tenants are participating nodes with the blockchain”), the method comprising:
 receiving a permission operation request from a client (Padmanbhan [0221-0222] “processing logic receives a login request from a user device [i.e. client], the login request requesting access to a user profile [i.e. a permission operation request, such as access to view user profile data]  associated with a first one of a plurality of tenants [i.e. a first node device in a blockchain]”; [0023] “user profile including non-protected data…and…the user profile including protected data”); 
forwarding the permission operation request to a second node device in the blockchain (Padmanabhan [0223-0224] “processing logic prompts the user device to grant user consent to share [i.e. forward] the protected data [i.e. aforementioned access to view user profile data] with a second one of the plurality of tenants [i.e. a second node device in a blockchain]”; [0198-0199] “permitting the user to enter their universal ID to search for associated profiles…the super community tenant bridge 805 permits users to identify all accounts across multiple tenant organizations within the host organization 110 for which the individual has data or user profiles stored within the blockchain”; [0188, 0212] “the individual can login [i.e. request access] and authenticate as a known user with either of the two customer organizations 810A [i.e. first node] and 810B [i.e. second node]…all joined into one community sidechain spanning the individual’s multiple user profiles across multiple distinct tenants of the host organization 110”; [0229] “sharing the protected data with the second one of the plurality of tenants by permitting access to the protected data within the blockchain asset includes sending an asset ID for the blockchain asset to the second tenant”), the second node device being a node device in the blockchain other than the first node device (Padmanabhan [0221-0222] aforementioned “a second node device in the blockchain”; and see [0188] and FIG. 8A aforementioned “Customer Org 810B” which is different from “Customer Org 810A”); 
obtaining a first contract execution result according to the permission operation request (Padmanabhan [0222-0223] “processing logic receives a login request from a user device, the login request requesting access to a user profile associated with a first one of the plurality of tenants...processing logic authenticates the user device and retrieve a user profile from the blockchain based on the authentication of the user device”; authentication of the user and retrieve a user profile is a first contract execution result, such that user logs in to first organization tenant and retrieve a user profile);
 receiving a second contract execution result broadcasted by the second node device based on the permission operation request (Padmanabhan FIG. 8A see “Customer Org 810A” has contract execution resulting in “Profile 851” and “Customer Org 810B” has contract execution resulting in “Profile 852”; [0227] “the second tenant to create a second user profile; creating a blockchain asset including the non-protected information for the second user profile; generating, via a blockchain service interface, a blockchain transaction including the blockchain asset; broadcasting [i.e. broadcast] the blockchain transaction [i.e. login access with second user profile, which was the second contract execution result] into circulation on the blockchain”); and
 determining that the client permission verification succeeds in a case that the first contract execution result is consistent with the second contract execution result (Padmanabhan [0227] “and committing the validated [i.e. verification succeeds] blockchain transaction in a block to the blockchain”; [0233] “in which the validating is based on receiving attestation from the one individual that both the first and second tenant's user profiles are associated with a common universal ID”; verification succeeds when login access profile of Organization A is consistent with login access profile of Organization B, such that they are both of the same user.).  

Claim 2. Padmanabhan disclosed the permission verification method according to claim 1, wherein the obtaining a first contract execution result according to the permission operation request (Padmanabhan [0222-0223] “processing logic receives a login request from a user device, the login request requesting access to a user profile associated with a first one of the plurality of tenants...processing logic authenticates the user device and retrieve a user profile from the blockchain based on the authentication of the user device”; authentication of the user and retrieve a user profile is a first contract execution result, such that user logs in to first organization tenant and retrieve a user profile) comprises: determining a to-be-operated permission operation type according to the permission operation request (Padmanabhan [0112] “when a block or transaction therein with a particular asset having the type “document” is to be added to the blockchain, the consensus protocol type to be used to commit the block or transaction therein to the blockchain is BFT”; and see FIG. 8C shows to-be-operated permission operation type in the form of view access to user profile data such as “Identity Documents”, “Health Conditions”, “Medications”, and Financial Assets” that “User chooses to unlock (and share)”), the permission operation type being user permission verification (Padmanabhan FIG. 8C “User chooses to unlock (and share)”; [0214] “the various types of data may be broken out as separate categories or different types, and therefore, a user could grant consent to share”); performing validation logic corresponding to the permission operation type based on a permission management contract (Padmanabhan [0300] “receive a login request from a user device 1398…there is an authenticator 1350 to authenticate [i.e. validation logic corresponding to the permission type such as the aforementioned Identity Document within the user profile associated with user login] the user device 1398 with the host organization. The receive interface 1326 to further receive input 1327 from the user device 1398 indicating a plurality of smart contract blocks…to form a smart contract 1340 [i.e. permission management contract] to execute via the blockchain”; [0111] “an asset type of ‘document’ may be associated with a consensus protocol type of “Byzantine Fault Tolerant” (BFT)); and performing, in a case that the validation succeeds (Padmanabhan [0227] “and committing the validated [i.e. verification succeeds] blockchain transaction in a block to the blockchain”; [0233] “in which the validating is based on receiving attestation from the one individual that both the first and second tenant's user profiles are associated with a common universal ID”), a permission operation corresponding to the permission operation type, to obtain the first contract execution result (Padmanabhan [0222-0223] “processing logic receives a login request forma user device, the login request requesting access to a user profile associated with a first one of the plurality of tenants…processing logic authenticates the user device and retrieving a user profile from the blockchain based on the authentication of the user device” and see FIG. 8A-8C for a permission operation of FIG. 8B in which “Universal ID” requesting to access user profile, that leads to FIG. 8C corresponding 4 permission types of user profile data such as “Identity Documents”, “Health Conditions”, “Medications”, and “Financials Assets” that belongs to the user profile associated with a first one of the plurality of tenants [i.e. the first contract execution result]; [0111] “an asset type of ‘document’ may be associated with a consensus protocol type of “Byzantine Fault Tolerant” (BFT)”).  

Claim 3. Padmanabhan disclosed the permission verification method according to claim 2, wherein the performing validation logic corresponding to the permission operation type based on a permission management contract comprises: performing verification on operation legality of a request initiating user based on the permission management contract (Padmanabhan [0300] “receive a login request from a user device 1398…there is an authenticator 1350 to authenticate [i.e. validation logic on operation legality, such as the aforementioned login request corresponding to permission type such as aforementioned Identity Document within the user profile associated with user login] the user device 1398 [i.e. request initiating user] with the host organization. The receive interface 1326 to further receive input 1327 from the user device 1398 indicating a plurality of smart contract blocks…to form a smart contract 1340 [i.e. permission management contract] to execute via the blockchain”); performing, in a case that an operation of the request initiating user is legal (Padmanabhan [0161] “depicted within the blockchain services interface 190 a blockchain consent manager 705 which implements community sidechain functionality with consent management to control access rights” and [0023] “processing logic authenticates the user device and retrieving a user profile from the blockchain based on the authentication” and [0188] “the individual can login and authenticate as a known user”), verification on permission information of an operation object corresponding to the permission 031384-7058-US43operation type (Padmanabhan [0222-0223] “processing logic receives a login request form a user device, the login request requesting access to a user profile [i.e. permission information on an operation object] associated with a first one of the plurality of tenants…processing logic authenticates [i.e. verification] the user device and retrieving a user profile from the blockchain based on the authentication of the user device” and see FIG. 8A-8C for a permission operation of FIG. 8B in which “Universal ID” requesting to access user profile, that leads to FIG. 8C corresponding 4 permission types [i.e. permission operation types] of user profile data such as “Identity Documents”, “Health Conditions”, “Medications”, and “Financials Assets” that belongs to the user profile; and [0111] “an asset type of ‘document’ may be associated with a consensus protocol type of “Byzantine Fault Tolerant” (BFT)”; and determining that the validation succeeds in a case that the verification on the permission information succeeds (Padmanabhan [0223] “processing logic authenticates [i.e. validation succeeds] the user device and retrieving a user profile [i.e. operation object] from the blockchain based on the authentication [i.e. verification, such as aforementioned user login which is a verification of permission information] of the user device”).  

Claim 10. Padmanabhan disclosed a computer device (Padmanabhan [0384] “FIG. 17 illustrates a diagrammatic representation of a machine 1700 in the exemplary form of a computer system”) acting as a first node device in a blockchain (Padmanbhan [0221-0222] “processing logic operates a blockchain interface to a blockchain on behalf of a plurality of tenants of the host organization, in which each of the plurality of tenants are participating nodes with the blockchain”), comprising: a processor (Padmanabhan FIG. 17 “Processor”), a communication interface (Padmanabhan FIG. 17 “Processor”), a memory (Padmanabhan FIG. 17 “Memory”), and a communication bus (Padmanabhan FIG. 17 “Bus”), the processor, the communication interface (Padmanabhan FIG. 17 “user interface” “peripheral device” and “blockchain services interface”), and the memory communicating with each other by using the communication bus (Padmanabhan FIG. 17 and [0385-0387] “computer system 1700 includes a processor 1702, a main memory 1704…a secondary memory 1718…which communicate with each other via a bus…the computer system 1700 also may include a user interface…peripheral device…(e.g., wireless or wired communication devices…)”); and the communication interface being an interface of a communication module (Padmanabhan FIG. 17 and [0387] “the computer system 1700 also may include a user interface…peripheral device…(e.g., wireless or wired communication devices…)”); the memory being configured to store program code (Padmanabhan FIG. 17 “memory” with “machine-accessible storage medium” and “software”) and transmit the program code to the processor (Padmanabhan FIG. 17 and [0385-0387] “computer system 1700 includes a processor 1702, a main memory 1704…a secondary memory 1718…which communicate with each other via a bus); and the processor being configured to call instructions of the program code in the memory to perform a plurality of operations (Padmanabhan FIG. 17 and  [0385] “processing logic 1726 and processor 1702 to perform the methodologies discussed herein”) including:
 receiving a permission operation request from a client (Padmanbhan [0221-0222] “processing logic receives a login request from a user device [i.e. client], the login request requesting access to a user profile [i.e. a permission operation request, such as access to view user profile data]  associated with a first one of a plurality of tenants [i.e. a first node device in a blockchain]”; [0223] “user profile including non-protected data…and…the user profile including protected data”); forwarding the permission operation request to a second node device in the blockchain (Padmanabhan [0223-0224] “processing logic prompts the user device to grant user consent to share [i.e. forward] the protected data [i.e. aforementioned access to view user profile data] with a second one of the plurality of tenants [i.e. a second node device in a blockchain]”; [0198-0199] “permitting the user to enter their universal ID to search for associated profiles…the super community tenant bridge 805 permits users to identify all accounts across multiple tenant organizations within the host organization 110 for which the individual has data or user profiles stored within the blockchain”; [0188, 0212] “the individual can login [i.e. request access] and authenticate as a known user with either of the two customer organizations 810A [i.e. first node] and 810B [i.e. second node]…all joined into one community sidechain spanning the individual’s multiple user profiles across multiple distinct tenants of the host organization 110”; [0229] “sharing the protected data with the second one of the plurality of tenants by permitting access to the protected data within the blockchain asset includes sending an asset ID for the blockchain asset to the second tenant”), the second node device being a node device in the blockchain other than the first node device (Padmanabhan [0221-0222] aforementioned “a second node device in the blockchain”; and see [0188] and FIG. 8A aforementioned “Customer Org 810B” which is different from “Customer Org 810A”); obtaining a first contract execution result according to the permission operation request (Padmanabhan [0222-0223] “processing logic receives a login request from a user device, the login request requesting access to a user profile associated with a first one of the plurality of tenants...processing logic authenticates the user device and retrieve a user profile from the blockchain based on the authentication of the user device”; authentication of the user and retrieve a user profile is a first contract execution result, such that user logs in to first organization tenant and retrieve a user profile); receiving a second contract execution result broadcasted by the second node device based on the permission operation request (Padmanabhan FIG. 8A see “Customer Org 810A” has contract execution resulting in “Profile 851” and “Customer Org 810B” has contract execution resulting in “Profile 852”; [0227] “the second tenant to create a second user profile; creating a blockchain asset including the non-protected information for the second user profile; generating, via a blockchain service interface, a blockchain transaction including the blockchain asset; broadcasting [i.e. broadcast] the blockchain transaction [i.e. second user profile, which was the second contract execution result] into circulation on the blockchain”); and determining that the client permission verification succeeds in a case that the first contract execution result is consistent with the second contract execution result.  (Padmanabhan [0227] “and committing the validated [i.e. verification succeeds] blockchain transaction in a block to the blockchain”; [0233] “in which the validating is based on receiving attestation from the one individual that both the first and second tenant's user profiles are associated with a common universal ID”)

Claim 11. Padmanabhan disclosed the computer device according to claim 10, wherein the obtaining a first contract execution result according to the permission operation request (Padmanabhan [0222-0223] “processing logic receives a login request from a user device, the login request requesting access to a user profile associated with a first one of the plurality of tenants...processing logic authenticates the user device and retrieve a user profile from the blockchain based on the authentication of the user device”; authentication of the user and retrieve a user profile is a first contract execution result, such that user logs in to first organization tenant and retrieve a user profile) comprises: determining a to-be-operated permission operation type according to the permission operation request (Padmanabhan [0112] “when a block or transaction therein with a particular asset having the type “document” is to be added to the blockchain, the consensus protocol type to be used to commit the block or transaction therein to the blockchain is BFT”; FIG. 8C shows to-be-operated permission operation type in the form of view access to user profile data such as “Identity Documents”, “Health Conditions”, “Medications”, and Financial Assets” that “User chooses to unlock (and share)”), the permission operation type being user permission verification (Padmanabhan FIG. 8C “User chooses to unlock (and share)”; [0214] “the various types of data may be broken out as separate categories or different types, and therefore, a user could grant consent to share”); performing validation logic corresponding to the permission operation type based on a permission management contract (Padmanabhan [0300] “receive a login request from a user device 1398…there is an authenticator 1350 to authenticate [i.e. validation logic corresponding to the permission type such as the aforementioned Identity Document within the user profile associated with user login] the user device 1398 with the host organization. The receive interface 1326 to further receive input 1327 from the user device 1398 indicating a plurality of smart contract blocks…to form a smart contract 1340 [i.e. permission management contract] to execute via the blockchain; [0111] “an asset type of ‘document’ may be associated with a consensus protocol type of “Byzantine Fault Tolerant” (BFT)”); and performing, in a case that the validation succeeds (Padmanabhan [0227] “and committing the validated [i.e. verification succeeds] blockchain transaction in a block to the blockchain”; [0233] “in which the validating is based on receiving attestation from the one individual that both the first and second tenant's user profiles are associated with a common universal ID”), a permission operation corresponding to the permission operation type, to obtain the first contract execution result.  (Padmanabhan [0222-0223] “processing logic receives a login request forma user device, the login request requesting access to a user profile associated with a first one of the plurality of tenants…processing logic authenticates the user device and retrieving a user profile from the blockchain based on the authentication of the user device” and see FIG. 8A-8C for a permission operation of FIG. 8B in which “Universal ID” requesting to access user profile, that leads to FIG. 8C corresponding 4 permission types of user profile data such as “Identity Documents”, “Health Conditions”, “Medications”, and “Financials Assets” that belongs to the user profile associated with a first one of the plurality of tenants [i.e. the first contract execution result]; [0111] “an asset type of ‘document’ may be associated with a consensus protocol type of “Byzantine Fault Tolerant” (BFT)”)

Claim 12. Padmanabhan disclosed the computer device according to claim 11, wherein the performing validation logic corresponding to the permission operation type based on a permission management contract comprises: performing verification on operation legality of a request initiating user based on the permission management contract (Padmanabhan [0300] “receive a login request from a user device 1398…there is an authenticator 1350 to authenticate [i.e. validation logic on operation legality, such as the aforementioned login request corresponding to permission type such as aforementioned Identity Document within the user profile associated with user login] the user device 1398 [i.e. request initiating user] with the host organization. The receive interface 1326 to further receive input 1327 from the user device 1398 indicating a plurality of smart contract blocks…to form a smart contract 1340 [i.e. permission management contract] to execute via the blockchain”; [0111] “an asset type of ‘document’ may be associated with a consensus protocol type of “Byzantine Fault Tolerant” (BFT)); performing, in a case that an operation of the request initiating user is legal (Padmanabhan [0161] “depicted within the blockchain services interface 190 a blockchain consent manager 705 which implements community sidechain functionality with consent management to control access rights” and [0023] “processing logic authenticates the user device and retrieving a user profile from the blockchain based on the authentication” and [0188] “the individual can login and authenticate as a known user”), verification on permission information of an operation object corresponding to the permission operation type (Padmanabhan [0222-0223] “processing logic receives a login request form a user device, the login request requesting access to a user profile [i.e. permission information on an operation object] associated with a first one of the plurality of tenants…processing logic authenticates [i.e. verification] the user device and retrieving a user profile from the blockchain based on the authentication of the user device” and see FIG. 8A-8C for a permission operation of FIG. 8B in which “Universal ID” requesting to access user profile, that leads to FIG. 8C corresponding 4 permission types [i.e. permission operation types] of user profile data such as “Identity Documents”, “Health Conditions”, “Medications”, and “Financials Assets” that belongs to the user profile; [0111] “an asset type of ‘document’ may be associated with a consensus protocol type of “Byzantine Fault Tolerant” (BFT)); and determining that the validation succeeds in a case that the verification on the permission information succeeds.  (Padmanabhan [0223] “processing logic authenticates [i.e. validation succeeds] the user device and retrieving a user profile [i.e. operation object] from the blockchain based on the authentication [i.e. verification, such as aforementioned user login which is a verification of permission information] of the user device”)

Claim 19. Padmanabhan disclosed a non-transitory computer-readable storage medium, configured to store a plurality of computer programs, the computer programs, when executed (Padmanabhan [0388] “may include a non-transitory machine-readable storage medium…stored on or more sets of instructions…embodying any one or more of the methodologies or functions described herein”) by a computer device acting as a first node device in a blockchain (Padmanbhan [0221-0222] “processing logic operates a blockchain interface to a blockchain on behalf of a plurality of tenants of the host organization, in which each of the plurality of tenants are participating nodes with the blockchain”; and see FIG. 17 “computer system 1700” with “Processor” and “machine-accessible storage medium”), causing the computer device to perform a plurality of operations including: receiving a permission operation request from a client (Padmanbhan [0221-0222] “processing logic receives a login request from a user device [i.e. client], the login request requesting access to a user profile [i.e. a permission operation request, such as access to view user profile data]  associated with a first one of a plurality of tenants [i.e. a first node device in a blockchain]”; [0223] “user profile including non-protected data…and…the user profile including protected data”); 031384-7058-US49forwarding the permission operation request to a second node device in the blockchain (Padmanabhan [0223-0224] “processing logic prompts the user device to grant user consent to share [i.e. forward] the protected data [i.e. aforementioned access to view user profile data] with a second one of the plurality of tenants [i.e. a second node device in a blockchain]”; [0198-0199] “permitting the user to enter their universal ID to search for associated profiles…the super community tenant bridge 805 permits users to identify all accounts across multiple tenant organizations within the host organization 110 for which the individual has data or user profiles stored within the blockchain”; [0188, 0212] “the individual can login [i.e. request access] and authenticate as a known user with either of the two customer organizations 810A [i.e. first node] and 810B [i.e. second node]…all joined into one community sidechain spanning the individual’s multiple user profiles across multiple distinct tenants of the host organization 110”; [0229] “sharing the protected data with the second one of the plurality of tenants by permitting access to the protected data within the blockchain asset includes sending an asset ID for the blockchain asset to the second tenant”), the second node device being a node device in the blockchain other than the first node device (Padmanabhan [0221-0222] aforementioned “a second node device in the blockchain”; and see [0188] and FIG. 8A aforementioned “Customer Org 810B” which is different from “Customer Org 810A”); obtaining a first contract execution result according to the permission operation request (Padmanabhan [0222-0223] “processing logic receives a login request from a user device, the login request requesting access to a user profile associated with a first one of the plurality of tenants...processing logic authenticates the user device and retrieve a user profile from the blockchain based on the authentication of the user device”; authentication of the user and retrieve a user profile is a first contract execution result, such that user logs in to first organization tenant and retrieve a user profile); receiving a second contract execution result broadcasted by the second node device based on the permission operation request (Padmanabhan FIG. 8A see “Customer Org 810A” has contract execution resulting in “Profile 851” and “Customer Org 810B” has contract execution resulting in “Profile 852”; [0227] “the second tenant to create a second user profile; creating a blockchain asset including the non-protected information for the second user profile; generating, via a blockchain service interface, a blockchain transaction including the blockchain asset; broadcasting [i.e. broadcast] the blockchain transaction [i.e. second user profile, which was the second contract execution result] into circulation on the blockchain”); and determining that the client permission verification succeeds in a case that the first contract execution result is consistent with the second contract execution result (Padmanabhan [0227] “and committing the validated [i.e. verification succeeds] blockchain transaction in a block to the blockchain”; [0233] “in which the validating is based on receiving attestation from the one individual that both the first and second tenant's user profiles are associated with a common universal ID”).  

Claim 20. Padmanabhan disclosed the non-transitory computer-readable storage medium according to claim 19, wherein the obtaining a first contract execution result according to the permission operation request (Padmanabhan [0222-0223] “processing logic receives a login request from a user device, the login request requesting access to a user profile associated with a first one of the plurality of tenants...processing logic authenticates the user device and retrieve a user profile from the blockchain based on the authentication of the user device”; authentication of the user and retrieve a user profile is a first contract execution result, such that user logs in to first organization tenant and retrieve a user profile) comprises: determining a to-be-operated permission operation type according to the permission operation request (Padmanabhan [0112] “when a block or transaction therein with a particular asset having the type “document” is to be added to the blockchain, the consensus protocol type to be used to commit the block or transaction therein to the blockchain is BFT”; FIG. 8C shows to-be-operated permission operation type in the form of view access to user profile data such as “Identity Documents”, “Health Conditions”, “Medications”, and Financial Assets” that “User chooses to unlock (and share)”), the permission operation type being user permission verification (Padmanabhan FIG. 8C “User chooses to unlock (and share)”; [0214] “the various types of data may be broken out as separate categories or different types, and therefore, a user could grant consent to share”); performing validation logic corresponding to the permission operation type based on a permission management contract (Padmanabhan [0300] “receive a login request from a user device 1398…there is an authenticator 1350 to authenticate [i.e. validation logic corresponding to the permission type such as the aforementioned Identity Document within the user profile associated with user login] the user device 1398 with the host organization. The receive interface 1326 to further receive input 1327 from the user device 1398 indicating a plurality of smart contract blocks…to form a smart contract 1340 [i.e. permission management contract] to execute via the blockchain”; [0111] “an asset type of ‘document’ may be associated with a consensus protocol type of “Byzantine Fault Tolerant” (BFT)); and performing, in a case that the validation succeeds (Padmanabhan [0227] “and committing the validated [i.e. verification succeeds] blockchain transaction in a block to the blockchain”; [0233] “in which the validating is based on receiving attestation from the one individual that both the first and second tenant's user profiles are associated with a common universal ID”), a permission operation corresponding to the permission operation type, to obtain the first contract execution result. (Padmanabhan [0222-0223] “processing logic receives a login request forma user device, the login request requesting access to a user profile associated with a first one of the plurality of tenants…processing logic authenticates the user device and retrieving a user profile from the blockchain based on the authentication of the user device” and see FIG. 8A-8C for a permission operation of FIG. 8B in which “Universal ID” requesting to access user profile, that leads to FIG. 8C corresponding 4 permission types of user profile data such as “Identity Documents”, “Health Conditions”, “Medications”, and “Financials Assets” that belongs to the user profile associated with a first one of the plurality of tenants [i.e. the first contract execution result]”; [0111] “an asset type of ‘document’ may be associated with a consensus protocol type of “Byzantine Fault Tolerant” (BFT))



Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 4-9, and 13-18 are rejected under 35 U.S.C. 103 as being unpatentable over Padmanabhan et al. (U.S. 2019/0238525 hereinafter "Padmanabhan") in view of Yan (2019/0253257 A1 hereinafter “Yan”).

Claim 4. Padmanabhan disclosed the permission verification method according to claim 3, wherein the performing verification on operation legality of a request initiating user based on the permission management contract (Padmanabhan [0300] “receive a login request from a user device 1398…there is an authenticator 1350 to authenticate [i.e. validation logic on operation legality, such as the aforementioned login request corresponding to permission type such as aforementioned Identity Document within the user profile associated with user login] the user device 1398 [i.e. request initiating user] with the host organization. The receive interface 1326 to further receive input 1327 from the user device 1398 indicating a plurality of smart contract blocks…to form a smart contract 1340 [i.e. permission management contract] to execute via the blockchain”)
Padmanabhan did not explicitly disclose such comprises: performing verification on an operation parameter based on the permission management contract, the operation parameter comprising one or a combination of a call parameter, and a function permission and a signature of the request initiating user; and determining that the operation of the request initiating user is legal in a case that the verification succeeds.
	However, analogous art Yan disclosed such comprises: performing verification on an operation parameter based on the permission management contract (Yan [0156-0158] “performing permission authentication on the target user by invoking the authentication program stated in the smart contract object corresponding to the asset type of the target asset object, and determining that the target user is a member user with update permission for the target asset object if permission authentication succeeds…verifying whether the target user matches a member user in the user list, and determining that the target user is a member user with update permission for the target asset object if the target user matches a member user in the user list”), the operation parameter comprising one or a combination of a call parameter (Yan [0156] “performing permission authentication on the target user by invoking [i.e. call parameter] the authentication program stated in the smart contract object corresponding to the asset type of the target asset object”), and a function permission (Yan [0157] “verifying whether the target user matches a member user in the user list, and determining that the target user is a member user with update permission for the target asset object if the target user matches a member user in the user list”) and a signature of the request initiating user (Yan [0158] “the user list is a public key list of the member users with update permission for the target asset object…performing authentication on a signature of the status update request based on a public key in the public key list, and determining that the target user matches a member user in the user list if authentication succeeds”); and determining that the operation of the request initiating user is legal in a case that the verification succeeds (Yan [0158] “performing permission authentication [i.e. aforementioned authenticate user login] on the target user…and determining that the target user is a member user [i.e. aforementioned validate user login] with update permission for the target asset object [i.e. aforementioned user profile] if the target user matches a member user in the user list”).  
	A person having ordinary skill in the art would have been motivated before the effective filing date of the claimed invention, to apply the known technique of performing login access verification authentication of a user based on smart contract so as to access user profile with different operation types of Padmanabhan, to Yan’s known system of performing permission authentication by invoking parameter such as an authentication program stated in the smart contract object corresponding to the asset type of the target asset object, by a signature of the request intuiting user, and by determining by the function permission such as verifying whether the target user matches a member user in the user list, so as to improve and yield the predictable result of providing options in verification of operation rights.

Claim 5. Padmanabhan disclosed the permission verification method according to claim 3, wherein the performing verification on operation legality of a request initiating user based on the permission management contract (Padmanabhan [0300] “receive a login request from a user device 1398…there is an authenticator 1350 to authenticate [i.e. validation logic on operation legality, such as the aforementioned login request] the user device 1398 [i.e. request initiating user] with the host organization. The receive interface 1326 to further receive input 1327 from the user device 1398 indicating a plurality of smart contract blocks…to form a smart contract 1340 [i.e. permission management contract] to execute via the blockchain”)
Padmanabhan did not explicitly disclose such comprises: performing verification on a call parameter and a signature of the request initiating user based on the permission management contract; and determining that the verification on operation legality of the request initiating user succeeds in a case that the verification on the call parameter and the signature succeeds.  
However analogous art Yan disclosed such comprises: performing verification on a call parameter and a signature of the request initiating user based on the permission management contract (Yan [0156-0158] “performing permission authentication on the target user by invoking [i.e. call parameter] the authentication program stated in the smart contract object corresponding to the asset type of the target asset object”; [0158] “the user list is a public key list of the member users with update permission for the target asset object…performing authentication on a signature of the status update request based on a public key in the public key list, and determining that the target user matches a member user in the user list if authentication succeeds”); and determining that the verification on operation legality of the request initiating user succeeds (Yan [0158] “performing permission authentication [i.e. aforementioned authenticate user login] on the target user…and determining that the target user is a member user [i.e. aforementioned validate user login] with update permission for the target asset object [i.e. aforementioned user profile] if the target user matches a member user in the user list”) in a case that the verification on the call parameter (Yan [0156] “performing permission authentication on the target user by invoking [i.e. call parameter] the authentication program stated in the smart contract object corresponding to the asset type of the target asset object”) and the signature succeeds (Yan [0158] “the user list is a public key list of the member users with update permission for the target asset object…performing authentication on a signature of the status update request based on a public key in the public key list, and determining that the target user matches a member user in the user list if authentication succeeds”).  
	A person having ordinary skill in the art would have been motivated before the effective filing date of the claimed invention, to apply the known technique of performing login access verification authentication of a user based on smart contract so as to access user profile with different operation types of Padmanabhan, to Yan’s known system of performing permission authentication by invoking parameter such as an authentication program stated in the smart contract object corresponding to the asset type of the target asset object, by a signature of the request intuiting user, and by determining by the function permission such as verifying whether the target user matches a member user in the user list, so as to improve and yield the predictable result of providing options in verification of operation rights.

Claim 6. Padmanabhan and Yan disclosed the permission verification method according to claim 4, wherein the performing verification on an operation parameter based on the permission management contract (Yan [0156-0158] “performing permission authentication on the target user by invoking the authentication program stated in the smart contract object corresponding to the asset type of the target asset object, and determining that the target user is a member user with update permission for the target asset object if permission authentication succeeds…verifying whether the target user matches a member user in the user list, and determining that the target user is a member user with update permission for the target asset object if the target user matches a member user in the user list”) comprises: obtaining a role token set  (check Padmanabhan [100, 0216-0218] “the sidechain asset retains its identity as a parent chain token” “all nodes in the blockchain may view and validate the consent as a separate blockchain asset, with the node being given consent having a link via which to pierce the consent management layer to access the user's protected information…the link is the asset ID within the blockchain”; therein the asset retains its identity as token by having a link being the asset ID within the blockchain which discloses the aforementioned login access ID profile, such as login access ID profile of firs tenant organization and second tenant organization being a role token set that allows login access) of the request initiating user from a blockchain contract ledger (Padmanabhan [0219-0223] “FIG. 9 depicts a flow diagram illustrating a method 900 for implementing Super Community and community sidechains with consent management for distributed ledger technologies…receiving a login request from a user device, the login request requesting access to a user profile associated with a first one of the plurality of tenants…authenticates the user device and retrieving a user profile from the blockchain based on the authentication of the user device) based on the permission management contract (Padmanabhan [0300] “receive a login request from a user device 1398…there is an authenticator 1350 to authenticate the user device 1398 with the host organization. The receive interface 1326 to further receive input 1327 from the user device 1398 indicating a plurality of smart contract blocks…to form a smart contract 1340 [i.e. permission management contract] to execute via the blockchain”); determining that the verification on the function permission succeeds in a case that function permissions corresponding to role tokens in the role token set comprise a function needing to be performed by the request initiating user (Padmanabhan [0223] “processing logic authenticates [i.e. verification on the function permission succeeds] the user device and retrieving a user profile from the blockchain based on the authentication [i.e. verification function such that the login access profile ID corresponds to permission to access which comprise a function needing to be performed by the user which is to gain access/permission] of the user device”); obtaining a proxy role token set surrogated by the request initiating user from the blockchain contract ledger (Padmanabhan [0203] “it doesn't matter which user profile [i.e. login user access profile of first organization or login user access profile of second organization] the individual authenticates with so long as both are associated with the same universal ID [i.e. proxy role token set substituted] for that particular individual”) in a case that the function permissions corresponding to the role tokens in the role token set do not comprise the function needing to be performed by the 031384-7058-US44request initiating user (Padmanabhan [0203] “the individual authenticates with either the first or the second customer organization, in which one customer organization has access to the individual's protected data and in which the other customer organization does not…Stated differently, it doesn’t matter which user profile the individual authenticates with so long as both are associated with the same universal ID”; proxy token Universal ID associated with the user is used when the user profile the individual authenticates with does not have function access/permission); and determining that the verification on the function permission succeeds in a case that function permissions corresponding to proxy role tokens in a proxy role token set comprise the function needing to be performed by the request initiating user (Padmanabhan [0197] “an individual may utilize a user computing device 899 such as the one shown to search the blockchain for all profiles associated with their Universal ID which is unique to that individual within the host organization 110”; [0223, 0234] “processing logic authenticates the user device and retrieving a user profile from the blockchain based on the authentication of the user device…the blockchain asset is identified via a blockchain asset identifier or a Universal ID unique within the blockchain”; authenticates Universal ID which acts as proxy role that substitutes regular individual profile login, which comprise the function of gaining access/permission for login that was needed to be performed by the requesting user).  

Claim 7. Padmanabhan and Yan disclosed the permission verification method according to claim 6, wherein the determining that the verification on the function permission succeeds in a case that function permissions corresponding to role tokens in the role token set comprise a function needing to be performed by the request initiating user (Padmanabhan [0223] “processing logic authenticates [i.e. verification on the function permission succeeds] the user device and retrieving a user profile from the blockchain based on the authentication [i.e. verification function such that the login access profile ID corresponds to permission to access which comprise a function needing to be performed by the user which is to gain access/permission] of the user device”) comprises: querying the function permissions corresponding to the role tokens in the role token set by traversing the role token set (Padmanabhan [0166] “the blockchain consent manager 705 implements a consent management layer 710 through which participating nodes 750A-C must traverse if they wish to view, read, or access certain information stored within the private blockchain 740”; [0197] “search the blockchain for all profiles associated with their universal ID which is unique to that individual within the host organization 110”; [0317] “the virtual chain interface additionally maps the user ID or requestor of the structured query 1406 to a participating node and transacts the native blockchain transaction from a participating node corresponding to the user ID or the requestor of the incoming structured query”); determining whether the function permissions corresponding to the role tokens comprise the function needing to be performed by the request initiating user (Padmanabhan [0223] “processing logic authenticates [i.e. verification determination on the function permission to see if the login access profile corresponds to access function of] the user device and retrieving a user profile from the blockchain based on the authentication); determining that function permission verification succeeds in a case that the function permissions corresponding to the role tokens comprise the function (Padmanabhan [0223] “processing logic authenticates [i.e. verification on the function permission succeeds] the user device and retrieving a user profile from the blockchain based on the authentication [i.e. verification function such that the login access profile ID corresponds to permission to access which comprise a function needing to be performed by the user which is to gain access/permission] of the user device”); and determining whether the role token set is completely traversed (Padmanabhan [0166] “the blockchain consent manager 705 implements a consent management layer 710 through which participating nodes 750A-C must traverse if they wish to view, read, or access certain information stored within the private blockchain 740”; [0197] “search the blockchain for all profiles associated with their universal ID which is unique to that individual within the host organization 110”) in a case that the function permissions corresponding to the role tokens do not comprise the function (Padmanabhan [0203] “the individual authenticates with either the first or the second customer organization, in which one customer organization has access to the individual's protected data and in which the other customer organization does not”; login access ID of one organization tenant do not comprise access function to protected data of another organization tenant ); and performing the operation of querying the function permissions corresponding to the role tokens in the role token set by traversing the role token set in a case that the role token set is not completely traversed ([0197, 0183] “if the same human user creates a login and profile with another tenant of the host organization, then the user will again have a node created within the private construction blockchain for the user, but each will have different unique identifiers, each will be different nodes, and the login credentials and profiles for the same human user will be distinct.” And “an individual may utilize a user computing device 899 such as the one shown to search [i.e. query] the blockchain for all profiles [i.e. role token set]”; which discloses querying one profile login access (i.e. not completely traverse) and subsequently searching all profiles for function permission of access).  

Claim 8. Padmanabhan and Yan disclosed the permission verification method according to claim 7, wherein the obtaining (Padmanabhan [0197] “an individual may utilize a user computing device 899 such as the one shown to search the blockchain for all profiles associated with their Universal ID which is unique to that individual within the host organization 110”; obtaining proxy role token such as the Universal ID), in a case that the function permissions corresponding to the role tokens in the role token set do not comprise the function needing to be performed by the request initiating user (Padmanabhan [0203] “the individual authenticates with either the first or the second customer organization, in which one customer organization has access to the individual's protected data and in which the other customer organization does not…Stated differently, it doesn’t matter which user profile the individual authenticates with so long as both are associated with the same universal ID”; proxy token Universal ID associated with the user is used when the user profile the individual authenticates with does not have function access/permission), a proxy role token set surrogated by the request initiating user from the blockchain contract ledger (Padmanabhan [0203] “it doesn't matter which user profile [i.e. login user access profile of first organization or login user access profile of second organization] the individual authenticates with so long as both are associated with the same universal ID [i.e. proxy role token set substituted] for that particular individual”)  comprises: determining, in a case that the role token set is completely traversed (Padmanabhan [0166] “the blockchain consent manager 705 implements a consent management layer 710 through which participating nodes 750A-C must traverse if they wish to view, read, or access certain information stored within the private blockchain 740”; [0197] “search the blockchain for all profiles associated with their universal ID which is unique to that individual within the host organization 110”), that the function permissions corresponding to the role tokens in the role token set do not comprise the function needing to be performed by the request initiating user (Padmanabhan [0203] “the individual authenticates with either the first or the second customer organization, in which one customer organization has access to the individual's protected data and in which the other customer organization does not”; login access ID of one organization tenant do not comprise access function to protected data of another organization tenant ); and obtaining a proxy role token set ledger (Padmanabhan [0197] “an individual may utilize a user computing device 899 such as the one shown to search the blockchain for all profiles associated with their Universal ID which is unique to that individual within the host organization 110”; obtaining proxy role token such as the Universal ID)  of the request initiating user from the blockchain contract (Padmanabhan [0219-0223] “FIG. 9 depicts a flow diagram illustrating a method 900 for implementing Super Community and community sidechains with consent management for distributed ledger technologies…receiving a login request from a user device, the login request requesting access to a user profile associated with a first one of the plurality of tenants…authenticates the user device and retrieving a user profile from the blockchain based on the authentication of the user device).  

Claim 9. Padmanabhan and Yan disclosed the permission verification method according to claim 8, wherein the determining, in a case that function permissions corresponding to proxy role tokens in a proxy role token set 031384-7058-US45comprise a function needing to be performed by the request initiating user (Padmanabhan [0197] “an individual may utilize a user computing device 899 such as the one shown to search the blockchain for all profiles associated with their Universal ID which is unique to that individual within the host organization 110”; [0223, 0234] “processing logic authenticates the user device and retrieving a user profile from the blockchain based on the authentication of the user device…the blockchain asset is identified via a blockchain asset identifier or a Universal ID unique within the blockchain”), that the verification on the function permission succeeds comprises: checking whether proxy of the proxy role tokens in the proxy role token set expires (Padmanabhan [0073] “According to certain blockchain protocol implementations provided via the blockchain services interface 190, the distributed network of users (e.g., blockchain protocol nodes) checks the timestamp 164 against their own known time and will reject any block having a time stamp 164 which exceeds an error threshold”) by traversing the proxy role token set (Padmanabhan [0166] “the blockchain consent manager 705 implements a consent management layer 710 through which participating nodes 750A-C must traverse if they wish to view, read, or access certain information stored within the private blockchain 740”; [0197] “search the blockchain for all profiles associated with their universal ID which is unique to that individual within the host organization 110”); querying the function permissions corresponding to the proxy role tokens in the proxy role token set (Padmanabhan [0197] “search the blockchain for all profiles associated with their universal ID which is unique to that individual within the host organization 110”) in a case that the proxy does not expire (Padmanabhan [0073] “reject any block having a time stamp 164 which exceeds an error threshold”); and determining whether the function permissions corresponding to the proxy role tokens comprise the function needing to be performed by the request initiating user (Padmanabhan [0197] “an individual may utilize a user computing device 899 such as the one shown to search the blockchain for all profiles associated with their Universal ID which is unique to that individual within the host organization 110”; [0223, 0234] “processing logic authenticates the user device and retrieving a user profile from the blockchain based on the authentication of the user device…the blockchain asset is identified via a blockchain asset identifier or a Universal ID unique within the blockchain”; authenticates Universal ID which acts as proxy role that substitutes regular individual profile login, which comprise the function of gaining access/permission for login that was needed to be performed by the requesting user); determining that function permission verification succeeds in a case that the function permissions corresponding to the proxy role tokens comprise the function.  (Padmanabhan [0208] “two user profiles which are not associated with a common universal ID may be linked to a common universal ID”; [0223, 0234] “processing logic authenticates the user device and retrieving a user profile from the blockchain based on the authentication of the user device…the blockchain asset is identified via a blockchain asset identifier or a Universal ID unique within the blockchain”)

Claim 13. Padmanabhan disclosed the computer device according to claim 12, wherein the performing verification on operation legality of a request initiating user based on the permission management contract (Padmanabhan [0300] “receive a login request from a user device 1398…there is an authenticator 1350 to authenticate [i.e. validation logic on operation legality, such as the aforementioned login request] the user device 1398 [i.e. request initiating user] with the host organization. The receive interface 1326 to further receive input 1327 from the user device 1398 indicating a plurality of smart contract blocks…to form a smart contract 1340 [i.e. permission management contract] to execute via the blockchain”)
Padmanabhan did not explicitly disclose such comprises: performing verification on an operation parameter based on the permission management contract, the operation parameter comprising one or a combination of a call parameter, and a function permission and a signature of the request initiating user; and determining that the operation of the request initiating user is legal in a case that the verification succeeds.  
	However, analogous art Yan disclosed such comprises: performing verification on an operation parameter based on the permission management contract (Yan [0156-0158] “performing permission authentication on the target user by invoking the authentication program stated in the smart contract object corresponding to the asset type of the target asset object, and determining that the target user is a member user with update permission for the target asset object if permission authentication succeeds…verifying whether the target user matches a member user in the user list, and determining that the target user is a member user with update permission for the target asset object if the target user matches a member user in the user list”), the operation parameter comprising one or a combination of a call parameter (Yan [0156] “performing permission authentication on the target user by invoking [i.e. call parameter] the authentication program stated in the smart contract object corresponding to the asset type of the target asset object”), and a function permission (Yan [0157] “verifying whether the target user matches a member user in the user list, and determining that the target user is a member user with update permission for the target asset object if the target user matches a member user in the user list”) and a signature of the request initiating user (Yan [0158] “the user list is a public key list of the member users with update permission for the target asset object…performing authentication on a signature of the status update request based on a public key in the public key list, and determining that the target user matches a member user in the user list if authentication succeeds”); and determining that the operation of the request initiating user is legal in a case that the verification succeeds (Yan [0158] “performing permission authentication [i.e. aforementioned authenticate user login] on the target user…and determining that the target user is a member user [i.e. aforementioned validate user login] with update permission for the target asset object [i.e. aforementioned user profile] if the target user matches a member user in the user list”).  
	A person having ordinary skill in the art would have been motivated before the effective filing date of the claimed invention, to apply the known technique of performing login access verification authentication of a user based on smart contract so as to access user profile with different operation types of Padmanabhan, to Yan’s known system of performing permission authentication by invoking parameter such as an authentication program stated in the smart contract object corresponding to the asset type of the target asset object, by a signature of the request intuiting user, and by determining by the function permission such as verifying whether the target user matches a member user in the user list, so as to improve and yield the predictable result of providing options in verification of operation rights.

Claim 14. Padmanabhan disclosed the computer device according to claim 12, wherein the performing verification on operation legality of a request initiating user based on the permission management contract 
Padmanabhan did not explicitly disclose such comprises: performing verification on a call parameter and a signature of the request initiating user based on the permission management contract; and determining that the verification on operation legality of the request initiating user succeeds in a case that the verification on the call parameter and the signature succeeds.  
However analogous art Yan disclosed such comprises: performing verification on a call parameter and a signature of the request initiating user based on the permission management contract (Yan [0156-0158] “performing permission authentication on the target user by invoking [i.e. call parameter] the authentication program stated in the smart contract object corresponding to the asset type of the target asset object”; [0158] “the user list is a public key list of the member users with update permission for the target asset object…performing authentication on a signature of the status update request based on a public key in the public key list, and determining that the target user matches a member user in the user list if authentication succeeds”); and determining that the verification on operation legality of the request initiating user succeeds (Yan [0158] “performing permission authentication [i.e. aforementioned authenticate user login] on the target user…and determining that the target user is a member user [i.e. aforementioned validate user login] with update permission for the target asset object [i.e. aforementioned user profile] if the target user matches a member user in the user list”) in a case that the verification on the call parameter (Yan [0156] “performing permission authentication on the target user by invoking [i.e. call parameter] the authentication program stated in the smart contract object corresponding to the asset type of the target asset object”) and the signature succeeds (Yan [0158] “the user list is a public key list of the member users with update permission for the target asset object…performing authentication on a signature of the status update request based on a public key in the public key list, and determining that the target user matches a member user in the user list if authentication succeeds”).  
	A person having ordinary skill in the art would have been motivated before the effective filing date of the claimed invention, to apply the known technique of performing login access verification authentication of a user based on smart contract so as to access user profile with different operation types of Padmanabhan, to Yan’s known system of performing permission authentication by invoking parameter such as an authentication program stated in the smart contract object corresponding to the asset type of the target asset object, by a signature of the request intuiting user, and by determining by the function permission such as verifying whether the target user matches a member user in the user list, so as to improve and yield the predictable result of providing options in verification of operation rights.

Claim 15. Padmanabhan and Yan disclosed the computer device according to claim 13, wherein the performing verification on an operation parameter based on the permission management contract (Yan [0156-0158] “performing permission authentication on the target user by invoking the authentication program stated in the smart contract object corresponding to the asset type of the target asset object, and determining that the target user is a member user with update permission for the target asset object if permission authentication succeeds…verifying whether the target user matches a member user in the user list, and determining that the target user is a member user with update permission for the target asset object if the target user matches a member user in the user list”) comprises: obtaining a role token set (check Padmanabhan [100, 0216-0218] “the sidechain asset retains its identity as a parent chain token” “all nodes in the blockchain may view and validate the consent as a separate blockchain asset, with the node being given consent having a link via which to pierce the consent management layer to access the user's protected information…the link is the asset ID within the blockchain”; therein the asset retains its identity as token by having a link being the asset ID within the blockchain which discloses the aforementioned login access ID profile, such as login access ID profile of firs tenant organization and second tenant organization being a role token set that allows login access)  of the request initiating user from a blockchain contract ledger (Padmanabhan [0219-0223] “FIG. 9 depicts a flow diagram illustrating a method 900 for implementing Super Community and community sidechains with consent management for distributed ledger technologies…receiving a login request from a user device, the login request requesting access to a user profile associated with a first one of the plurality of tenants…authenticates the user device and retrieving a user profile from the blockchain based on the authentication of the user device) based on the permission management contract (Padmanabhan [0300] “receive a login request from a user device 1398…there is an authenticator 1350 to authenticate the user device 1398 with the host organization. The receive interface 1326 to further receive input 1327 from the user device 1398 indicating a plurality of smart contract blocks…to form a smart contract 1340 [i.e. permission management contract] to execute via the blockchain”); determining that the verification on the function permission succeeds in a case that function permissions corresponding to role tokens in the role token set comprise a function needing to be performed by the request initiating user (Padmanabhan [0223] “processing logic authenticates [i.e. verification on the function permission succeeds] the user device and retrieving a user profile from the blockchain based on the authentication [i.e. verification function such that the login access profile ID corresponds to permission to access which comprise a function needing to be performed by the user which is to gain access/permission] of the user device”); obtaining a proxy role token set surrogated by the request initiating user from the blockchain contract ledger (Padmanabhan [0203] “it doesn't matter which user profile [i.e. login user access profile of first organization or login user access profile of second organization] the individual authenticates with so long as both are associated with the same universal ID [i.e. proxy role token set substituted] for that particular individual”) in a case that the function permissions corresponding to the role tokens in the role token set do not comprise the function needing to be performed by the request initiating user (Padmanabhan [0203] “the individual authenticates with either the first or the second customer organization, in which one customer organization has access to the individual's protected data and in which the other customer organization does not…Stated differently, it doesn’t matter which user profile the individual authenticates with so long as both are associated with the same universal ID”; proxy token Universal ID associated with the user is used when the user profile the individual authenticates with does not have function access/permission); and determining that the verification on the function permission succeeds in a case that function permissions corresponding to proxy role tokens in a proxy role token set comprise the function needing to be performed by the request initiating user (Padmanabhan [0197] “an individual may utilize a user computing device 899 such as the one shown to search the blockchain for all profiles associated with their Universal ID which is unique to that individual within the host organization 110”; [0223, 0234] “processing logic authenticates the user device and retrieving a user profile from the blockchain based on the authentication of the user device…the blockchain asset is identified via a blockchain asset identifier or a Universal ID unique within the blockchain”; authenticates Universal ID which acts as proxy role that substitutes regular individual profile login, which comprise the function of gaining access/permission for login that was needed to be performed by the requesting user).  

Claim 16. Padmanabhan and Yan disclosed the computer device according to claim 15, wherein the determining that the verification on the function permission succeeds in a case that function permissions corresponding to role tokens in the role token set comprise a function needing to be performed by the request initiating user (Padmanabhan [0223] “processing logic authenticates [i.e. verification on the function permission succeeds] the user device and retrieving a user profile from the blockchain based on the authentication [i.e. verification function such that the login access profile ID corresponds to permission to access which comprise a function needing to be performed by the user which is to gain access/permission] of the user device”) comprises: querying the function permissions corresponding to the role tokens in the role token set by traversing the role token set (Padmanabhan [0166] “the blockchain consent manager 705 implements a consent management layer 710 through which participating nodes 750A-C must traverse if they wish to view, read, or access certain information stored within the private blockchain 740”; [0197] “search the blockchain for all profiles associated with their universal ID which is unique to that individual within the host organization 110”; [0317] “the virtual chain interface additionally maps the user ID or requestor of the structured query 1406 to a participating node and transacts the native blockchain transaction from a participating node corresponding to the user ID or the requestor of the incoming structured query”); determining whether the function permissions corresponding to the role tokens comprise the function needing to be performed by the request initiating user (Padmanabhan [0223] “processing logic authenticates [i.e. verification determination on the function permission to see if the login access profile corresponds to access function of] the user device and retrieving a user profile from the blockchain based on the authentication); determining that function permission verification succeeds in a case that the function permissions corresponding to the role tokens comprise the function (Padmanabhan [0223] “processing logic authenticates [i.e. verification on the function permission succeeds] the user device and retrieving a user profile from the blockchain based on the authentication [i.e. verification function such that the login access profile ID corresponds to permission to access which comprise a function needing to be performed by the user which is to gain access/permission] of the user device”); and determining whether the role token set is completely traversed (Padmanabhan [0166] “the blockchain consent manager 705 implements a consent management layer 710 through which participating nodes 750A-C must traverse if they wish to view, read, or access certain information stored within the private blockchain 740”; [0197] “search the blockchain for all profiles associated with their universal ID which is unique to that individual within the host organization 110”) in a case that the function permissions corresponding to the role tokens do not comprise the function (Padmanabhan [0203] “the individual authenticates with either the first or the second customer organization, in which one customer organization has access to the individual's protected data and in which the other customer organization does not”; login access ID of one organization tenant do not comprise access function to protected data of another organization tenant ); and 031384-7058-US48performing the operation of querying the function permissions corresponding to the role tokens in the role token set by traversing the role token set in a case that the role token set is not completely traversed ([0197, 0183] “if the same human user creates a login and profile with another tenant of the host organization, then the user will again have a node created within the private construction blockchain for the user, but each will have different unique identifiers, each will be different nodes, and the login credentials and profiles for the same human user will be distinct.” And “an individual may utilize a user computing device 899 such as the one shown to search [i.e. query] the blockchain for all profiles [i.e. role token set]”; which discloses querying one profile login access (i.e. not completely traverse) and subsequently searching all profiles for function permission of access).  

Claim 17. Padmanabhan and Yan disclosed the computer device according to claim 16, wherein the obtaining (Padmanabhan [0197] “an individual may utilize a user computing device 899 such as the one shown to search the blockchain for all profiles associated with their Universal ID which is unique to that individual within the host organization 110”; obtaining proxy role token such as the Universal ID), in a case that the function permissions corresponding to the role tokens in the role token set do not comprise the function needing to be performed by the request initiating user (Padmanabhan [0203] “the individual authenticates with either the first or the second customer organization, in which one customer organization has access to the individual's protected data and in which the other customer organization does not…Stated differently, it doesn’t matter which user profile the individual authenticates with so long as both are associated with the same universal ID”; proxy token Universal ID associated with the user is used when the user profile the individual authenticates with does not have function access/permission), a proxy role token set surrogated by the request initiating user from the blockchain contract ledger (Padmanabhan [0203] “it doesn't matter which user profile [i.e. login user access profile of first organization or login user access profile of second organization] the individual authenticates with so long as both are associated with the same universal ID [i.e. proxy role token set substituted] for that particular individual”)  comprises: determining, in a case that the role token set is completely traversed Padmanabhan [0166] “the blockchain consent manager 705 implements a consent management layer 710 through which participating nodes 750A-C must traverse if they wish to view, read, or access certain information stored within the private blockchain 740”; [0197] “search the blockchain for all profiles associated with their universal ID which is unique to that individual within the host organization 110”), that the function permissions corresponding to the role tokens in the role token set do not comprise the function needing to be performed by the request initiating user (Padmanabhan [0203] “the individual authenticates with either the first or the second customer organization, in which one customer organization has access to the individual's protected data and in which the other customer organization does not”; login access ID of one organization tenant do not comprise access function to protected data of another organization tenant ); and obtaining a proxy role token set (Padmanabhan [0197] “an individual may utilize a user computing device 899 such as the one shown to search the blockchain for all profiles associated with their Universal ID which is unique to that individual within the host organization 110”; obtaining proxy role token such as the Universal ID) of the request initiating user from the blockchain contract ledger (Padmanabhan [0219-0223] “FIG. 9 depicts a flow diagram illustrating a method 900 for implementing Super Community and community sidechains with consent management for distributed ledger technologies…receiving a login request from a user device, the login request requesting access to a user profile associated with a first one of the plurality of tenants…authenticates the user device and retrieving a user profile from the blockchain based on the authentication of the user device).  

Claim 18. Padmanabhan and Yan disclosed the computer device according to claim 17, wherein the determining, in a case that function permissions corresponding to proxy role tokens in a proxy role token set comprise a function needing to be performed by the request initiating user (Padmanabhan [0197] “an individual may utilize a user computing device 899 such as the one shown to search the blockchain for all profiles associated with their Universal ID which is unique to that individual within the host organization 110”; [0223, 0234] “processing logic authenticates the user device and retrieving a user profile from the blockchain based on the authentication of the user device…the blockchain asset is identified via a blockchain asset identifier or a Universal ID unique within the blockchain”), that the verification on the function permission succeeds comprises: checking whether proxy of the proxy role tokens in the proxy role token set expires (Padmanabhan [0073] “According to certain blockchain protocol implementations provided via the blockchain services interface 190, the distributed network of users (e.g., blockchain protocol nodes) checks the timestamp 164 against their own known time and will reject any block having a time stamp 164 which exceeds an error threshold”)  by traversing the proxy role token set (Padmanabhan [0166] “the blockchain consent manager 705 implements a consent management layer 710 through which participating nodes 750A-C must traverse if they wish to view, read, or access certain information stored within the private blockchain 740”; [0197] “search the blockchain for all profiles associated with their universal ID which is unique to that individual within the host organization 110”); querying the function permissions corresponding to the proxy role tokens in the proxy role token set (Padmanabhan [0197] “search the blockchain for all profiles associated with their universal ID which is unique to that individual within the host organization 110”) in a case that the proxy does not expire (Padmanabhan [0073] “reject any block having a time stamp 164 which exceeds an error threshold”); and determining whether the function permissions corresponding to the proxy role tokens comprise the function needing to be performed by the request initiating user (Padmanabhan [0197] “an individual may utilize a user computing device 899 such as the one shown to search the blockchain for all profiles associated with their Universal ID which is unique to that individual within the host organization 110”; [0223, 0234] “processing logic authenticates the user device and retrieving a user profile from the blockchain based on the authentication of the user device…the blockchain asset is identified via a blockchain asset identifier or a Universal ID unique within the blockchain”; authenticates Universal ID which acts as proxy role that substitutes regular individual profile login, which comprise the function of gaining access/permission for login that was needed to be performed by the requesting user); determining that function permission verification succeeds in a case that the function permissions corresponding to the proxy role tokens comprise the function (Padmanabhan [0208] “two user profiles which are not associated with a common universal ID may be linked to a common universal ID”; [0223, 0234] “processing logic authenticates the user device and retrieving a user profile from the blockchain based on the authentication of the user device…the blockchain asset is identified via a blockchain asset identifier or a Universal ID unique within the blockchain”).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALBERT SHIH whose telephone number is (571)272-5631. The examiner can normally be reached Monday-Friday 8:00am - 4:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Nickerson can be reached on 469-295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/A.K.S/Examiner, Art Unit 4173   
/ABU S SHOLEMAN/Primary Examiner, Art Unit 2496