DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to the application 17/031282 filed on 09/04/2020.
Claims 1-20 have been examined and are pending in this application. 

Priority
The present application is a divisional of U.S. Application No. 16/048785, filed on 07/30/2018, now U.S. Patent No. 10824740.

Information Disclosure Statement
The information disclosure statement (IDS), submitted on 09/24/2020, is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Objections
Claims 16, 19 and 20 are objected to because of the following informalities: 
Claim 16 [line 2] the word “identitiy" should be revised to “identity” to have correct spelling.
Claim 19 [line 2] the word “virtulization" should be revised to “virtualization” to have correct spelling.
Claim 20 [line 1] the word “decentrralized" should be revised to “decentralized” to have correct spelling.
Appropriate correction is required.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person.


This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 1-15 and 17-18 are rejected under 35 U.S.C. 103 as being unpatentable over Soundararajan et al. (“Soundararajan,” US 2021/0203503) in view of Struttmann et al. (“Struttmann,” US 2018/0205552).

Regarding claim 1: Soundararajan discloses a method comprising:
sending a request from a given node in a decentralized system of nodes to a blockchain 5network (Soundararajan: ¶0019 the client device 102 can include a blockchain-based application 103 that interacts with the authorization facilitator system 106 to request information referred to by a blockchain 111 stored in a blockchain network 110), wherein the request is associated with a given policy file that defines a policy that applies to at least a nodes in the decentralized system of nodes (Soundararajan: ¶0019 the request for information can seek information in the distributed storage system 104 that can be associated with an authorization requirement where permissions have to be obtained from owners of the requested information);
receiving policy file retrieval metadata at the given node from the blockchain network in response to the request (Soundararajan: ¶0033 in response to a request from the client device 102 to access information in the distributed storage system 104, the smart contract manager 116 can access a selected smart contract of the smart contracts 119 in the smart contract database 118 [] the smart contract manager 116 is able to determine the authorization requirement (if any) for access of requested information), wherein the policy file retrieval metadata comprises address information associated with storage of the given policy file in a decentralized storage network (Soundararajan: ¶0036 as pieces of information are written to the distributed storage system 104 by owners of the pieces of information, the pieces of information can be tagged with identification information (in tags) that identifies the owners of the pieces of information, and privilege information indication the privilege levels required to access the respective pieces of information);
receiving the given policy file at the given node from the decentralized storage network (Soundararajan: ¶0050 the privilege level(s) can also be obtained from the tags associated with the pieces of the requested information retrieved from the distributed storage system 104); and
wherein the given node is implemented via at least one processing device comprising a processor coupled to a memory (Soundararajan: fig. 4; ¶0064 a processor 402 and a non-transitory storage medium 404).
Soundararajan does not explicitly disclose subset of nodes and sending the address information from the given node to the decentralized storage network.
However, Struttmann discloses subset of nodes (Struttmann: ¶0302 a subset of the nodes may store content and other nodes may serve as indices identifying those nodes); and 
10sending the address information from the given node to the decentralized storage network (Struttmann: ¶0122 sending a pointer to a node at which at least part of the document is stored to the translator 20; ¶0119 the translator 20 [] may maintain in memory an index that maps pointers to uniform resource identifiers of storage compute nodes 26).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Struttmann with the system/method of Soundararajan to include sending the address information from the given node to the decentralized storage network.
One would have been motivated to arrange the data in datastore in a manner that facilitates access based on an address of the data in the datastore or content of the data (Struttmann: ¶0003).

Regarding claim 2: Soundararajan in view of Struttmann discloses the method of claim 1.
Soundararajan further discloses wherein the address information comprises a content-based address generated for the given policy file (Soundararajan: ¶0055 an authorization token is a context-based authorization tokens that restricts access based on context, as represented by one or some combination of the following context parameters: a specified time and date range, a location, an identity of a client entity, or other contextual parameter).

Regarding claim 3: Soundararajan in view of Struttmann discloses the method of claim 2.
Struttmann further discloses wherein the policy file retrieval metadata comprises a key-value 20pair wherein the value of the key-value pair comprises the content-based address generated for the given policy file and the key of the key-value pair comprises a policy type associated with the policy file (Struttmann: ¶0037 the lower-trust database 14 is a key-value data store having a collection of key-value pairs in which data is stored; ¶0114 graphs may be encoded as a list of links between data elements, for example, in a key-value pair, or in a hierarchical data structure, such as in a hierarchical data serialization format, like JOSN or XML).
The motivation is the same that of claim 1 above.

Regarding claim 4: Soundararajan in view of Struttmann discloses the method of claim 3.
Soundararajan further discloses wherein the request sent by the given node to the blockchain 25network comprises the policy type associated with the given policy file (Soundararajan: fig. 4; ¶0016 an authorization requirement can specify that different categories of information have different privilege levels for which different authorizations are to be obtained. An authorization requirement can specify different types of requirements for approval of information access).

Regarding claim 5: Soundararajan in view of Struttmann discloses the method of claim 1.
Soundararajan further discloses wherein the policy file defines one or more data protection and management rules associated with data stored by one or more nodes of the decentralized system of nodes (Soundararajan: ¶0036 as pieces of information are written to the distributed storage system 104 by owners of the pieces of information, the pieces of information can be tagged with identification information (in tags) that identifies the owners of the pieces of information, and privilege information indication the privilege levels required to access the respective pieces of information).

Regarding claim 6: Soundararajan in view of Struttmann discloses the method of claim 1.
Soundararajan further discloses obtaining at least one authenticating credential from an identity management system (Soundararajan: ¶0054 the owner systems 112-A and 112-B sends back authorization tokens to the client device 102. As used here, an "authorization token" (also referred to an "access token") includes a credential); and
providing the authenticating credential with the request sent to the blockchain network (Soundararajan: ¶0057 the client device 102 sends the received authorization tokens (at 218) to the authorization facilitator system 106).
Struttmann further discloses the address information sent to the decentralized storage network (Struttmann: ¶0122 sending a pointer to a node at which at least part of the document is stored to the translator 20; ¶0119 the translator 20 [] may maintain in memory an index that maps pointers to uniform resource identifiers of storage compute nodes 26).
The motivation is the same that of claim 1 above.

Regarding claim 7: Soundararajan in view of Struttmann discloses the method of claim 1.
Soundararajan further discloses an apparatus comprising at least one processing device, wherein the at least one processing device comprises a processor coupled to a memory configured to enable the given node to perform the steps of claim 1 (Soundararajan: fig. 4; ¶0064 a processor 402 and a non-transitory storage medium 404).

10 Regarding claim 8: Soundararajan discloses an article of manufacture comprising a non-transitory processor-readable storage medium having stored therein program code of one or more software programs, wherein the program code when executed by at least one processing device causes the given node to perform the steps of:
sending a request from a given node in a decentralized system of nodes to a blockchain 15network (Soundararajan: ¶0019 the client device 102 can include a blockchain-based application 103 that interacts with the authorization facilitator system 106 to request information referred to by a blockchain 111 stored in a blockchain network 110), wherein the request is associated with a given policy file that defines a policy that applies to at least a nodes in the decentralized system of nodes (Soundararajan: ¶0019 the request for information can seek information in the distributed storage system 104 that can be associated with an authorization requirement where permissions have to be obtained from owners of the requested information);
receiving policy file retrieval metadata at the given node from the blockchain network in response to the request (Soundararajan: ¶0033 in response to a request from the client device 102 to access information in the distributed storage system 104, the smart contract manager 116 can access a selected smart contract of the smart contracts 119 in the smart contract database 118 [] the smart contract manager 116 is able to determine the authorization requirement (if any) for access of requested information), wherein the policy file retrieval metadata comprises address information associated with storage of the given policy file in a decentralized storage network (Soundararajan: ¶0036 as pieces of information are written to the distributed storage system 104 by owners of the pieces of information, the pieces of information can be tagged with identification information (in tags) that identifies the owners of the pieces of information, and privilege information indication the privilege levels required to access the respective pieces of information);
20receiving the given policy file at the given node from the decentralized storage network (Soundararajan: ¶0050 the privilege level(s) can also be obtained from the tags associated with the pieces of the requested information retrieved from the distributed storage system 104);
wherein the given node is implemented via at least one processing device comprising a processor coupled to a memory (Soundararajan: fig. 4; ¶0064 a processor 402 and a non-transitory storage medium 404).
Soundararajan does not explicitly disclose subset of nodes and sending the address information from the given node to the decentralized storage network.
However, Struttmann discloses subset of nodes (Struttmann: ¶0302 a subset of the nodes may store content and other nodes may serve as indices identifying those nodes); and
sending the address information from the given node to the decentralized storage network (Struttmann: ¶0122 sending a pointer to a node at which at least part of the document is stored to the translator 20; ¶0119 the translator 20 [] may maintain in memory an index that maps pointers to uniform resource identifiers of storage compute nodes 26).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Struttmann with the system/method of Soundararajan to include sending the address information from the given node to the decentralized storage network.
One would have been motivated to arrange the data in datastore in a manner that facilitates access based on an address of the data in the datastore or content of the data (Struttmann: ¶0003).

Regarding claims 9-13: Claims 9-13 are similar in scope to claims 2-6, respectively, and are therefore rejected under similar rationale.

Regarding claim 14: Soundararajan discloses a decentralized system comprising:
a plurality of nodes, wherein at least a portion of the nodes are cloud nodes in a multi-cloud 20computing environment (Soundararajan: ¶0025 the computing nodes of the authorization facilitator system 106 include request processing nodes 120 and blockchain nodes 122 [] the blockchain nodes 122 can be part of another system separate from the authorization facilitator system 106. The blockchain nodes 122 are part of the blockchain network 110);
a decentralized storage network accessible by at least a nodes of the decentralized system of nodes (Soundararajan: ¶0015 the distributed storage system may contain different categories of information that can be associated with different privilege levels relating to which client entities can access the different categories of information) and configured to store one or more policy files that define one or more policies associated with data protection and management of data processed by the plurality of nodes (Soundararajan: ¶0036 as pieces of information are written to the distributed storage system 104 [] the pieces of information can be tagged with identification information (in tags) that identifies [] privilege information indication the privilege levels required to access the respective pieces of information);
a blockchain network accessible by at least a nodes of the decentralized system 25of nodes (Soundararajan: ¶0013 a blockchain network includes "nodes" (referred to as blockchain nodes, full nodes, or blockchain full nodes) that can process requests to access the information) and configured to store policy file retrieval metadata for obtaining the one or more policy files from the decentralized storage network (Soundararajan: ¶0031 a smart contract 119 provides logic and rules executed by computing device(s) for a blockchain to automate terms of a contract among multiple entities. A smart contract can include blockchain addresses of the parties of the smart contract, information relating to terms of the smart contract, and other information); and
an identity management system for providing authenticating credentials to nodes communicating with the blockchain network and the decentralized storage network (Soundararajan: ¶0057 the client device 102 sends the received authorization tokens (at 218) to the authorization facilitator system 106);
wherein the decentralized system is implemented by a set of processing devices, each comprising a processor and a memory (Soundararajan: fig. 4; ¶0064 a processor 402 and a non-transitory storage medium 404).
Soundararajan does not explicitly disclose subset of nodes.
However, Struttmann discloses subset of nodes (Struttmann: ¶0302 a subset of the nodes may store content and other nodes may serve as indices identifying those nodes).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Struttmann with the system/method of Soundararajan to include subset of nodes.
One would have been motivated to using a tree structure to segment and distribute records across one or more decentralized, acyclic graphs of cryptographic hash pointers (Struttmann: ¶0002).

Regarding claim 15: Claim 15 is similar in scope to claim 3, and is therefore rejected under similar rationale.
 
Regarding claim 17: Soundararajan in view of Struttmann discloses the decentralized system of claim 14.
Soundararajan further discloses wherein the multi-cloud computing environment comprises at least one private cloud (Soundararajan: ¶0069 storage can be located [] in a private [] cloud).

15 Regarding claim 18: Soundararajan in view of Struttmann discloses the decentralized system of claim 14.
Soundararajan further discloses wherein the multi-cloud computing environment comprises at least one public cloud (Soundararajan: ¶0069 storage can be located [] in a [] public cloud).


Claims 16 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Soundararajan et al. (“Soundararajan,” US 2021/0203503) in view of Struttmann et al. (“Struttmann,” US 2018/0205552) and Alexander et al. (“Alexander,” US 2017/0171197).

Regarding claim 16: Soundararajan in view of Struttmann discloses the decentralized system of claim 14.
Soundararajan in view of Struttmann does not explicitly disclose wherein the authenticating credentials each 10comprises a certificate digitally signed by the identitiy management system.
However, Alexander discloses wherein the authenticating credentials each 10comprises a certificate digitally signed by the identitiy management system (Alexander: ¶0040 the public certificate 418 may be a digitally signed certificate bearing a seal of verification by the verification system 430).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Alexander with the system/method of Soundararajan and Struttmann to include a certificate digitally signed by the identitiy management system.
One would have been motivated to establishing a secure communication channel with the hosting system (Alexander: ¶0046).

Regarding claim 19: Soundararajan in view of Struttmann discloses the decentralized system of claim 14.
However, Alexander discloses wherein the multi-cloud computing environment comprises one of virtual machines and container implemented using a virtulization 20infrastructure (Alexander: ¶0022 the hosting system 10 may provide several features to the client(s), such as facilitating a client to provision a virtual server and sharing the virtual server with another virtual machine, which may be provisioned by the same or a different client).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Alexander with the system/method of Soundararajan and Struttmann to include one of virtual machines and container implemented using a virtulization 20infrastructure.
One would have been motivated to establishing the secure communication with the hypervisor (Alexander: ¶0048).

Regarding claim 20: Soundararajan in view of Struttmann and Alexander discloses the decentrralized system of claim 19.
Alexander further discloses wherein the virtualization infrastructure comprises one or more hypervisors (Alexander: ¶0024 the hypervisor 12 is a virtual machine monitor (VMM), which may be software, firmware, or hardware that creates and runs virtual machines).
The motivation is the same that of claim 19 above.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Fahimeh Mohammadi whose telephone number is (571)270-7857. The examiner can normally be reached Monday - Friday 9:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on 5712705002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/FAHIMEH MOHAMMADI/ Examiner, Art Unit 2439                                                                                                                                                                                                        
/KARI L SCHMIDT/Primary Examiner, Art Unit 2439