DETAILED ACTION
	The instant application having Application No. 17/138,697 filed on 12/30/2020 is presented for examination by the Examiner.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Objections
Claims 12, 14-15, 17-20 are objected to because of the following informalities:  	
Claim 12 recites “...media of claim 10..” which should be changed to “...media of claim  11..”  
Claims 14-15 and 17-20 are objected for the same rationale as claim 12 above. Appropriate correction is required.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1, 4-8, 10-11, 14-18 and 20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Lepoint (US 2019/0394020 A1-hereinafter Lepoint.)
Regarding claim 1, Lepoint discloses a method comprising:
obtaining policy information and a public key from a first trusted authority regarding an attribute of users to be verified (at least figure 3, steps 306, 308 and 310, [0033][0039][0050], public key and security policy are obtained from central party); 
generating a challenge query based on the public key, the policy information, and a verifier random value (at least figure 3, step 312, [0051], a encrypted document/ciphertext is generated based on the public key, the security policy and a data subgroup); 
sending the challenge query to a user to verify the attribute of the user (at least [0052], the encrypted document/ciphertext is sent to at least a user); 
receiving a response from the user that is responsive to the challenge query, the response based on the challenge query and a user-specific secret key obtained by the user from a second trusted authority, the user-specific secret key generated by the second trusted authority based on a general secret key corresponding to the public key and the attribute of the user (at least [0043]-[0045][0054]-[0056], a call to decrypt the encrypted document/ciphertext is received, the call is based on the encrypted document/ciphertext and a secret key (sk) obtained from key generation authority system (second trusted authority.) The sk is generated based on the master security key and security attribute applied to the data subgroup); and 
verifying the attribute of the user based on the response (at least [0056]-[0058], upon successful decryption of the encrypted document/ciphertext, it is determined that the attribute of the user is verified.)

Regarding claim 4, Lepoint discloses the method of claim 1. Lepoint also discloses the public key and the general secret key are generated using a Ciphertext-Policy Attribute-Based Encryption (CP-ABE) master secret key generation algorithm (at least [0028], Ciphertext-Policy Attribute Based Encryption (CP-ABE).)

Regarding claim 5, Lepoint discloses the method of claim 1. Lepoint also discloses generating the challenge query comprises generating the challenge query using a CP-ABE encryption scheme using the public key, the policy information, and the verifier random value as inputs (at least [0051], the encrypted document/ciphertext is generated based on the public key, security policy and a data subgroup.)

Regarding claim 6, Lepoint discloses the method of claim 5. Lepoint also discloses the response is generated by the user as a CP-ABE decryption operation performed on the challenge query using the user-specific secret key (at least [0054]-[0058], the decryption is performed using the secret key (sk).)

Regarding claim 7, Lepoint discloses the method of claim 1. Lepoint also discloses the verification validates the attribute of the user without other information of the user being discoverable (at least [0045][0054], no additional information is disclosed except the portion that is authorized.)

Regarding claim 8, Lepoint discloses the method of claim 1. Lepoint also discloses the challenge query and the response are indistinguishable from simulated challenge queries and simulated responses generated without the user-specific secret key (at least [0020][0045][0051]-[0052], the encrypted document/ciphertext and the decrypted document cannot be differentiated from simulated ones if the a specific user key sk is not used.)

Regarding claim 10, Lepoint discloses the method of claim 1. Lepoint also discloses the first trusted authority and the second trusted authority are the same entity (at least [0026], i.e.: the key generation authority system and the central party system are of the same selective access control (SAC) system.)

	Claim 11 is rejected for the same rationale as claim 1 above.
Claim 14 is rejected for the same rationale as claim 4 above.
Claim 15 is rejected for the same rationale as claim 5 above.
Claim 16 is rejected for the same rationale as claim 6 above.
Claim 17 is rejected for the same rationale as claim 7 above.
Claim 18 is rejected for the same rationale as claim 8 above.
Claim 20 is rejected for the same rationale as claim 10 above.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claims 2-3 and 12-13 are rejected under 35 U.S.C. 103 as being unpatentable over Lepoint and in view of Duccini et al. (US 10,547,457 B1-hereinafter Duccini.)
Regarding claim 2, Lepoint discloses the method of claim 1.
Lepoint does not explicitly disclose the policy information and the public key are published on a blockchain.
However, Duccini discloses publishing a signed digital certificate and policy information on a blockchain, the signed digital certificate including identity and public key of a user (at least column 1, line 63 - column 2, line 11.)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the feature discloses by Duccini into the method of Lepoint to enhance security and delivers cost savings with new efficiencies to the method.

Regarding claim 3, Lepoint and Duccini disclose the method of claim 2. Duccini also discloses a trusted authority is a distributed authority that validates postings to the blockchain (at least column 3, line 35-column 4, line 5, digital certificates posted are signed.)

Claims 12 & 13 are rejected for the same rationale as claims 2 & 3 above.

Claims 9 & 19 are rejected under 35 U.S.C. 103 as being unpatentable over Lepoint.
Regarding claim 9, Lepoint discloses the method of claim 1.
Lepoint does not explicitly disclose performing a second verification that fails, the second verification based on a second response that is generated based on repeated attempts to satisfy the challenge query, and further generated based on knowledge of a set of false user-specific secret keys that do not satisfy a policy associated with the policy information.
However, it is obvious if not inherent that if a second response that is generated based on a set of false user-specific secret key is used, then verification of the second response will fail in order to protect the integrity of the data while ensuring only entities with the correct credential/attribute are allow to view subsets of the data they are intended to see. 

Claim 19 is rejected for the same rationale as claim 9 above.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to PHY ANH TRAN VU whose telephone number is (571)270-7317. The examiner can normally be reached Monday-Friday 7 am-1 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T Arani can be reached on (571) 272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/PHY ANH T VU/Primary Examiner, Art Unit 2438