Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
1.	This action is responsive to:  an original application filed on 12 April 2022 with acknowledgement that this application is a continuation of application 16/879,606 now patent 11,334,432 which is a continuation of 15/973,479 now patent 10,715,312, which a continuation of several earlier filed patented and allowed applications with an earliest priority date established by a provisional application filed 8 May 2017.
2.	Claims 1-19 are currently pending.  Claims 1, 10, and 19, are independent claims. 
3.	The IDS submitted on 12 April 2022 has been considered. 
Double Patenting
4.	The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.  A statutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and  In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. 
Effective January 1, 1994, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 3.73(b).
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/forms/.
 The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. 
 An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, please refer to - http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp

5.	Claims 1-19 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1-9 of application 15/973,479 now patent 10,715,312.  Although the conflicting claims are not identical, they are not patent-ably distinct from each other because all the elements/features of claimed method for blockchain-based authentication exist in the patented application in similar or different names, essentially performing the same tasks.  Note the pending application is directed to a method for blockchain-based authentication with certificates and challenges, the patented application also is directed to a method for blockchain-based authentication with certificates and challenges.  Below is a table showing the patented claims against the pending claims.  Note the patented application’s claim 1 appears to have more details.  
PATENTED APPLICATION 11,334,432
PENDING APPLICATION
CLAIM 1
CLAIM 1
A processor implemented method for blockchain-based authentication, the method comprising: 

receiving, by a first device, a command on behalf of a user linked to a user device to perform an action from a second device, 

wherein: the first device is associated with a first trust certificate signed by the user device based on a user private key associated with the user on a blockchain; 

the first trust certificate indicates that the user device trusts the first device to perform the action on behalf of the user; 

the second device is associated with a second trust certificate signed by the user device based on the user private key associated with the user on the blockchain; 

and the second trust certificate indicates the user device trusts the second device to send the command to the first device on behalf of the user; 

receiving the second trust certificate from the second device, wherein the second trust certificate comprises a public key of the second device which is associated with a user public key of the user device; 

and in response to receiving the command and the second trust certificate: communicating a cryptographic challenge using the public key of the second device to the second device; 

receiving a response to the cryptographic challenge from the second device; checking, using the public key of the second device, whether the response matches with a predetermined correct response or not; 

and authenticating the second device and executing the command received from the second device only if the response matches with the predetermined correct response.
A processor implemented method for blockchain-based authentication, the method comprising: 

receiving, by a first device, a command on behalf of a user linked to a user device to perform an action from a second device, 

wherein: the first device is associated with a first trust certificate signed by the user device based on a user private key associated with the user on a blockchain; 





the second device is associated with a second trust certificate signed by the user device based on the user private key associated with the user on the blockchain; 






and receiving the second trust certificate from the second device, wherein the second trust certificate comprises a public key of the second device which is associated with a user public key of the user device; 

and in response to receiving the command and the second trust certificate: communicating a cryptographic challenge using the public key of the second device to the second device; 

receiving a response to the cryptographic challenge from the second device; checking, using the public key of the second device, whether the response matches with a predetermined correct response or not; 

and authenticating the second device and executing the command received from the second device in response to the response matching with the predetermined correct response.


Claim Rejections - 35 USC § 101
6.	35 U.S.C. 101 reads as follows: 
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

7.	Claim 19 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  Independent claim 19 is directed to “A computer program product”, these claims are rejected under 101 because computer program product can be interpreted as a signal or a computer program, which is non-statutory subject matter.  
		In order to overcome the 101 rejection, the Examiner recommends that the language of the claim be modified to include "non-transitory" or "computer readable device".

Claim Rejections – 35 USC § 103
8.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

9.	Claims 1, 5-10, and 14-19, are rejected under 35 U.S.C. 103 as being unpatentable over Sprague et al U.S. Patent Application Publication No. 2016/0275461 (hereinafter '461) in view of Cusden et al. U.S. Patent Application Publication No. 2017/0344988 (hereinafter ‘988).
	As to independent claim 1, “A processor implemented method for blockchain-based authentication, the method comprising: receiving, by a first device a command in behalf of a user linked to a user device to perform an action from a second device” is taught in ‘461 the Abstract, paragraphs 4, and 18-19, note the second device (i.e. an unknown client/user device) is validated to the block chain before acceptance of a transaction and the server (i.e. first device) is instructed to propagate a transaction (i.e. perform an action);
	“the first device is associated with a first trust certificate signed by the user device based on a user private key associated with the user on a blockchain” is shown in ‘461 paragraphs 93-95;
	“the second device is associated with a second trust certificate signed by the user device based on the user private key associated with the user on the blockchain; and receiving the second trust certificate from the second device, wherein the second trust certificate comprises a public key of the second device associated with a user public key of the user device” is disclosed in ‘461 paragraphs 25, 39, 74, 92;
the following is not explicitly taught in ‘461:
	“and in response to receiving the command and the second trust certificate: communicating a cryptographic challenge using the public key of the second device to the second device; receiving a response to the cryptographic challenge from the second device;  checking, using the public key of the second device, whether the response matches with a predetermined correct response or not; and authenticating the second device and executing the command received from the second device only if the response matches with the predetermined correct response” however ‘988 teaches “As an example, a user may additionally or alternatively prove that it is the bearer of the private key used to sign the record by using the private key to decrypt the encrypted information and using the information as to provide a valid response to the challenge” receiving and responding to cryptographic challenges in order to verify block chain transactions in paragraph 23.
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention of an attestation of device integrity using the block chain taught in ‘461 to include a means to obtain and transmit a cryptographic challenge.  One of ordinary skill in the art would have been motivated to perform such a modification to so that blockchain based technologies can perform validation and are not reliant on third parties see ‘988 paragraphs 2-4.
	As to dependent claim 5, “The method of claim 1, wherein the user private key cannot be extracted out of a hardware-based cryptographic processor by one or more of: a device manufacturer, an operating system manufacturer, a user, and/or a manager of an open identity network” is taught in ‘461 paragraph 13.
	As to dependent claim 6, “The method  of claim 1, wherein the cryptographic challenge comprises a random value” is shown in ‘988 paragraph 23, note “In some embodiments, the smart contract may be generated such that the smart contract is configured to include encrypted information (e.g., an encrypted version of a secret, a salt, a hash of the secret and/or the salt or other data) that is encrypted using the public key (corresponding to the private key used to sign the record for which related proof is being sought)” a salt is a random value. 	
	As to dependent claim 7, “The method of claim 1, wherein the response to the cryptographic challenge from the second device comprises the cryptographic challenge encrypted with a private key of the second device” is disclosed in ‘988 paragraph 23.
	As to dependent claim 8, “The method of claim 1, wherein the response to the cryptographic challenge from the second device comprises the cryptographic challenge encrypted with a private key of the second device” is taught in ‘988 paragraph 23.
	As to dependent claim 9, “The method of claim 1, wherein the predetermined correct response comprises the cryptographic challenge” is shown in’988 paragraph 23.
	As to independent claim 10, this claim is directed to a system executing the method of claim 1; therefore, it is rejected along similar rationale.
	As to dependent claims 14-18, these claims contain substantially similar subject matter as claims 5-9; therefore, they are rejected along similar rationale.
	As to independent claim 19, this claim is directed to a computer program product executing the method of claim 1; therefore, it is rejected along similar rationale.

10.	Claims 2-4, 11-13, are rejected under 35 U.S.C. 103 as being unpatentable over Sprague et al U.S. Patent Application Publication No. 2016/0275461 (hereinafter '461) in view of Cusden et al. U.S. Patent Application Publication No. 2017/0344988 (hereinafter ‘988) in further view of Lu U.S. Patent Application Publication No. 2017/0180128 (hereinafter ‘128).
	As to dependent claim 2, the following is not explicitly taught in ‘461 and ‘988: “The method of claim 1, wherein the blockchain includes identity information associated with the user” however ‘128 teaches in the user provides identity documents which are incorporated into the block chain and public/private keys are provided to the user device in paragraphs 29-31, 37-43, and 64-66.
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention of a attestation of device integrity using the block chain taught in ‘461 and ‘988 to include a means to store identity information of a user utilizing devices executing a block chain transaction.  One of ordinary skill in the art would have been motivated to perform such a modification to protect against identity theft see ‘128 paragraphs 2-5.
	As to dependent claim 3, “The method of claim 2, wherein the identity information uniquely identifies the user” is taught in ‘128 paragraphs 29-31 and 37-38.
	As to dependent claim 4, “The method of claim 3, wherein the identity information comprises one or more of: a user's password, a biometric, and/or a PIN code” is taught in ‘128 paragraph 37.
	As to dependent claims 11-13, these claims contain substantially similar subject matter as claims 2-4; therefore, they are rejected along similar rationale.

Conclusion
11.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to ELLEN C TRAN whose telephone number is (571) 272-3842.  The examiner can normally be reached from M-F 9 AM to 6PM.
Examiner interviews are available via telephone and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, Applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
		If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeff Pwu can be reached at 571-272-6798.  The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ELLEN TRAN/Primary Examiner, Art Unit 2433                                                                                                                                                                                                        6 October 2022