DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In communications filed on 07/28/2022. Claims 1-2, and 16-17 are amended. Claims 1-24 are pending in this examination.
 In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.   This examination is in response to US Patent Application No. 16/516,910.

Response to Arguments
Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims.  See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). 

The Applicant respectfully submits on pages 8-11 of remarks filed on 07/28/2022 regarding claims 1, and 16, that the claims are amended to more clearly recite features that are not disclosed or otherwise suggested by Litsios and Clark, individually or by any proper combination. Applicant 

The Applicant respectfully submits on pages 8-11 of remarks filed on 07/28/2022 various amendment and arguments to independent claims
Applicant has submitted various amendment and argument for claims 1, and 16. However, Examiner respectfully disagree with applicant argument on pages 8-11 of remarks filed on 07/25/2022. LITSIOS in his application discloses shared program instructions define (a)a privacy model comprising privacy restrictions for the first and second database users, respectively, to the data records stored in the database system memory, wherein the privacy restrictions restrict the first database user's access to a first subset of data records and the second database user's access to a second subset of data records, and (b)an authorization model comprising a first set of authorizations that permit the first database user to execute a first portion of the shared program instructions to modify the  first subset of the data records consistent with the first database user's privacy restrictions and a second set of authorizations that permit the second database user to execute at least a portion of the shared program instructions to modify the  second subset of the data records consistent with the second database user's privacy restrictions[¶64,  Fig. 1 is an illustrated example of a computer system 100 for shared execution of one or more processes, comprising program code 130 for the one or more processes that comprises one or more code segments 142, 144, 146 that are shared between a first sharing node 102 and a second sharing node 104 and a third sharing node 106, and wherein the one or more code segments are executable by one or more executing nodes. In this example the executing nodes are the same as the sharing nodes 102, 104, 106. There is a distributed ledger 152, 154, 156 that provides a record of valid code segments of the program code; wherein the execution of at least one of the valid code segments is authorized by the first and second sharing nodes 102, 104 for execution by one of the one or more executing node], and[¶6, a distributed ledger that provides a record of valid code segments of the program code; wherein the execution of at least one of the valid code segments is authorized by the first and second sharing nodes for execution by one of the one or more executing node], and [¶¶13-14, In some examples, a sharing node may request one or more other node to perform an action. In some examples, the request comprises an authorization for performing a requested action… In some examples of the computer system, an authorization by a particular sharing node, that is not an executing node, includes permission to an executing node to execute a shared code segment on behalf of the particular sharing node.], and [¶74, the distributed ledger provides data storage, data distribution, privacy, security and enables transactions. In this disclosure, the distributed ledger has a global synchronization log (can be equated to database) that stores public data associated with private data. The private data is stored in one or more private data stores (can be equated to private data database) separate from the global synchronization log. The private data in the one or more private data stores are not accessible to an unauthorized node (or participant associated with the node) (equated to restricting access). A node can verify the public data (can be equated to public data database) available on the global synchronization log based on the corresponding private data available to the node in the one or more private data stores. Alternatively, attestation or proof of verification may be performed by one node and sent to another node], and [¶89, In some examples, the system may restrict providing the identification results of the query to nodes that are stakeholders to the specified code segment. For example, the system may restrict the results to the sharing nodes that authorize the specified code segment and/or the executing node(s) that execute the specified code segment. This may be useful to maintain privacy of the nodes that are involved…], and [¶1, the present disclosure relates to a computer system, comprising a plurality of nodes for shared execution of one or more process. The disclosure also relates to a computer implemented method for performing shared execution], and [¶6]. 

determine whether the transaction conforms to the privacy restrictions of the first or second database user and the set of authorizations of the first or second database user
[¶6, a distributed ledger that provides a record of valid code segments of the program code; wherein the execution of at least one of the valid code segments is authorized by the first and second sharing nodes for execution by one of the one or more executing node], and [¶¶13-14, In some examples, a sharing node may request one or more other node to perform an action. In some examples, the request comprises an authorization for performing a requested action… In some examples of the computer system, an authorization by a particular sharing node, that is not an executing node, includes permission to an executing node to execute a shared code segment on behalf of the particular sharing node.], and [¶74, the distributed ledger provides data storage, data distribution, privacy, security and enables transactions. In this disclosure, the distributed ledger has a global synchronization log (can be equated to database) that stores public data associated with private data. The private data is stored in one or more private data stores (can be equated to private data database) separate from the global synchronization log. The private data in the one or more private data stores are not accessible to an unauthorized node (or participant associated with the node) (equated to restricting access). A node can verify the public data (can be equated to public data database) available on the global synchronization log based on the corresponding private data available to the node in the one or more private data stores. Alternatively, attestation or proof of verification may be performed by one node and sent to another node], and [¶89, In some examples, the system may restrict providing the identification results of the query to nodes that are stakeholders to the specified code segment. For example, the system may restrict the results to the sharing nodes that authorize the specified code segment and/or the executing node(s) that execute the specified code segment. This may be useful to maintain privacy of the nodes that are involved…], and [¶20]. 

if the transaction passes step 2, commit the transaction and modify the first or second subset of data records consistent with the privacy and authorization models
[¶7, In this system, nodes are able to pre-agree in a verifiable manner to existing or new obligations they enter into. Code segments contain obligations and which may involve providing execution of code, or providing input/output to ensure code executes. Nodes are able commit data or code in a non-reputable fashion to the distributed ledger (utilizing for example Merkle proofs), while allowing the later selective revealing of that secret data or code where required. This enables system wide coordination of the execution of processes whereby nodes can act, and authorize, execution of shared code segments and verify execution of code], and [0013] In some examples, a sharing node may request one or more other node to perform an action. In some examples, the request comprises an authorization for performing a requested action. In another example, the request comprises a delegation to the other node for performing a requested action. In yet another example, the request comprises a commitment by the other node to perform a requested action. In yet another example, the ·request comprises a request for execution of one of the one or more code segments. In a further example, the request comprises an authorization to the other node to make a subsequent request. In another example, the request comprises a delegation to the other node to make a subsequent request. In a further example, the request comprises a commitment by the other node to make a subsequent request], and [¶¶17, 20, 26, 37-41, 87].

Clark discloses a database system comprising: a database system memory storing a database of data records [Abstract, the disclosure is directed to a multi-user database system. The multi-user database system includes at least one processor, at least one network interface coupled to the processor, an event table, an accounting table, and a session table. The network interface is configured to receive transactions from a plurality of users. The transactions include session maintenance transactions and data requests. The event table stores a data log of the session maintenance transactions. The accounting table stores data associated with the data requests. The session table is derived from the event table and the accounting table. The session table stores resource usage data associated with at least one user session.], and [¶¶2, 13, FIG.1].

Examiner Note: It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of LITSIOS which  discloses a distributed ledger that provides a record of valid code segments of the program code shared among the different nodes and wherein the one or more code segments are executable by one or more executing nodes( restricting  node accessing the shared program), the distributed ledger has a global synchronization log (can be equated to database) that stores public data associated with private data. The private data is stored in one or more private data stores (can be equated to private data database) separate from the global synchronization log. The private data in the one or more private data stores are not accessible to an unauthorized node (or participant associated with the node) (equated to restricting access to the data store), combing the LITSIOS teaching with Clark teaching which provides multi-user database can be implemented for tracking resource usage. Examiner maintains his rejection.




Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-24 are rejected under 35 U.S.C. 103 as being unpatentable over (AU2017904367) issued to LITSIOS James Benton hereinafter “LITSIOS” in view of US Patent No. (US2005/50010572) issued to Clark (cited in IDS filed on 07/08/2020).
Regarding claim 1, LITSIOS discloses shared program instructions define (a)a privacy model comprising privacy restrictions for the first and second database users, respectively, to the data records stored in the database system memory, wherein the privacy restrictions restrict the first database user's access to a first subset of data records and the second database user's access to a second subset of data records, and (b)an authorization model comprising a first set of authorizations that permit the first database user to execute a first portion of the shared program instructions to modify the  first subset of the data records consistent with the first database user's privacy restrictions and a second set of authorizations that permit the second database user to execute at least a portion of the shared program instructions to modify the  second subset of the data records consistent with the second database user's privacy restrictions[¶64,  Fig. 1 is an illustrated example of a computer system 100 for shared execution of one or more processes, comprising program code 130 for the one or more processes that comprises one or more code segments 142, 144, 146 that are shared between a first sharing node 102 and a second sharing node 104 and a third sharing node 106, and wherein the one or more code segments are executable by one or more executing nodes. In this example the executing nodes are the same as the sharing nodes 102, 104, 106. There is a distributed ledger 152, 154, 156 that provides a record of valid code segments of the program code; wherein the execution of at least one of the valid code segments is authorized by the first and second sharing nodes 102, 104 for execution by one of the one or more executing node], and[¶6, a distributed ledger that provides a record of valid code segments of the program code; wherein the execution of at least one of the valid code segments is authorized by the first and second sharing nodes for execution by one of the one or more executing node], and [¶¶13-14, In some examples, a sharing node may request one or more other node to perform an action. In some examples, the request comprises an authorization for performing a requested action… In some examples of the computer system, an authorization by a particular sharing node, that is not an executing node, includes permission to an executing node to execute a shared code segment on behalf of the particular sharing node.], and [¶74, the distributed ledger provides data storage, data distribution, privacy, security and enables transactions. In this disclosure, the distributed ledger has a global synchronization log (can be equated to database) that stores public data associated with private data. The private data is stored in one or more private data stores (can be equated to private data database) separate from the global synchronization log. The private data in the one or more private data stores are not accessible to an unauthorized node (or participant associated with the node) (equated to restricting access). A node can verify the public data (can be equated to public data database) available on the global synchronization log based on the corresponding private data available to the node in the one or more private data stores. Alternatively, attestation or proof of verification may be performed by one node and sent to another node], and [¶89, In some examples, the system may restrict providing the identification results of the query to nodes that are stakeholders to the specified code segment. For example, the system may restrict the results to the sharing nodes that authorize the specified code segment and/or the executing node(s) that execute the specified code segment. This may be useful to maintain privacy of the nodes that are involved…], and [¶1, the present disclosure relates to a computer system, comprising a plurality of nodes for shared execution of one or more process. The disclosure also relates to a computer implemented method for performing shared execution], and [¶6]; and 
	at least a first database server including a processor configured to execute the shared program instructions, wherein the shared program instructions, when executed by the processor [¶74, the distributed ledger provides data storage, data distribution, privacy, security and enables transactions. In this disclosure, the distributed ledger has a global synchronization 1 log that stores public data associated with private data], and [¶6, a computer system for shared execution of one or more processes, comprising: program code for the one or more processes that comprises one or more code segments that are shared between a first sharing node and a second sharing node, and wherein the one or more code segments are executable by one or more executing nodes; a distributed ledger that provides a record of valid code segments of the program code; wherein the execution of at. least one of the valid code segments is authorized by the first and second sharing nodes for execution by one of the one or more executing node], and [¶¶8-9, 22]; and  
process a transaction submitted by the first or second database user
[¶6,  A computer system for shared execution of one or more processes, comprising: program code for the one or more processes that comprises one or more code segments that are shared between a first sharing node and a second sharing node, and wherein the one or more code segments are executable by one or more executing nodes; a distributed ledger that provides a record of valid code segments of the program code; wherein the execution of at least one of the valid code segments is authorized by the first and second sharing nodes for execution by one of the one or more executing node], and [¶8, wherein the execution of at least one of the code segments is authorized by the first and second sharing nodes for execution by one of the one or more executing nodes. In some examples, the distributed ledger provides a record of valid code segments of the program code], and [¶65, Fig. 1 shows an example illustration of the system 100. The program code 130 is a set of instructions for a computer, such as program code for performing transactions. The execution Of the program code is distributable in that rather than the code being executed on a single computer or node, and multiple nodes may take control of the execution], and [¶74, the distributed ledger provides data storage, data distribution, privacy, security and enables transactions], and [¶79, the distributed ledger is a blockcha1n where transactions are added to the ledger in blocks which are linked to previous blocks all the way to the original genesis block]; and 
determine whether the transaction conforms to the privacy restrictions of the first or second database user and the set of authorizations of the first or second database user
[¶6, a distributed ledger that provides a record of valid code segments of the program code; wherein the execution of at least one of the valid code segments is authorized by the first and second sharing nodes for execution by one of the one or more executing node], and [¶¶13-14, In some examples, a sharing node may request one or more other node to perform an action. In some examples, the request comprises an authorization for performing a requested action… In some examples of the computer system, an authorization by a particular sharing node, that is not an executing node, includes permission to an executing node to execute a shared code segment on behalf of the particular sharing node.], and [¶74, the distributed ledger provides data storage, data distribution, privacy, security and enables transactions. In this disclosure, the distributed ledger has a global synchronization log (can be equated to database) that stores public data associated with private data. The private data is stored in one or more private data stores (can be equated to private data database) separate from the global synchronization log. The private data in the one or more private data stores are not accessible to an unauthorized node (or participant associated with the node) (equated to restricting access). A node can verify the public data (can be equated to public data database) available on the global synchronization log based on the corresponding private data available to the node in the one or more private data stores. Alternatively, attestation or proof of verification may be performed by one node and sent to another node], and [¶89, In some examples, the system may restrict providing the identification results of the query to nodes that are stakeholders to the specified code segment. For example, the system may restrict the results to the sharing nodes that authorize the specified code segment and/or the executing node(s) that execute the specified code segment. This may be useful to maintain privacy of the nodes that are involved…], and [¶20]. 
if the transaction passes step 2, commit the transaction and modify the first or second subset of data records consistent with the privacy and authorization models
[¶7, In this system, nodes are able to pre-agree in a verifiable manner to existing or new obligations they enter into. Code segments contain obligations and which may involve providing execution of code, or providing input/output to ensure code executes. Nodes are able commit data or code in a non-reputable fashion to the distributed ledger (utilizing for example Merkle proofs), while allowing the later selective revealing of that secret data or code where required. This enables system wide coordination of the execution of processes whereby nodes can act, and authorize, execution of shared code segments and verify execution of code], and [0013] In some examples, a sharing node may request one or more other node to perform an action. In some examples, the request comprises an authorization for performing a requested action. In another example, the request comprises a delegation to the other node for performing a requested action. In yet another example, the request comprises a commitment by the other node to perform a requested action. In yet another example, the ·request comprises a request for execution of one of the one or more code segments. In a further example, the request comprises an authorization to the other node to make a subsequent request. In another example, the request comprises a delegation to the other node to make a subsequent request. In a further example, the request comprises a commitment by the other node to make a subsequent request], and [¶¶17, 20, 26, 37-41, 87].
LITSIOS does not explicitly disclose, however, Clark discloses a database system comprising: a database system memory storing a database of data records [Abstract, the disclosure is directed to a multi-user database system. The multi-user database system includes at least one processor, at least one network interface coupled to the processor, an event table, an accounting table, and a session table. The network interface is configured to receive transactions from a plurality of users. The transactions include session maintenance transactions and data requests. The event table stores a data log of the session maintenance transactions. The accounting table stores data associated with the data requests. The session table is derived from the event table and the accounting table. The session table stores resource usage data associated with at least one user session.], and [¶¶2, 13, FIG.1].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of LITSIOS with the teaching of Clark in order to implement a multi-user database systems and methods for resource usage tracking [Clark, ¶1].
Regarding claim 2, LITSIOS discloses, further comprising program instructions stored with the memory that, when executed, validate that the transaction includes a cryptographic authorization from the first or second database user consistent with the set of authorizations of the first or second database user [¶76-77, In one embodiment, the distributed ledger provides a record of the execution of code segments for the program code. In another embodiment the distributed ledger provides a · record of valid code segments of the program code. In either case, the data stored on the distributed ledger may include a hash value or a cryptographic hash function that produces the hash value, and wherein it is computationally infeasible to falsify the execution of the code segment or record an invalid code segment based on the hash value… The hashes as described above are one-way cryptographic functions which can be proven to validate execution or the validity of code segments. For example, the cryptographic hash function may be Secure Hash Algorithm 2 (SHA-2)].
Regarding claim 3 LITSIOS discloses, wherein the cryptographic authorization comprises the transaction being cryptographically signed by the first or second database user [¶89, In some examples, the system may restrict providing the identification results of the query to nodes that are stakeholders to the specified code segment. For example, the system may restrict the results to the sharing nodes that authorize the specified code segment and/or the executing node(s) that execute the specified code segment. This may be useful to maintain privacy of the nodes that are involved. In further examples, a larger set of nodes may have permission to receive results of the query, such as nodes that have permission from the sharing nodes and executing node(s) in the specified code segment. In some examples, privacy may be maintained by encryption of at least part of the data in the specified code segment so that only specified nodes can access information about one or more other nodes associated with the specified code segment].
Regarding claim 4, LITSIOS does not explicitly disclose, however, Clark discloses, further comprising an evidence log and program instructions stored in the memory that, when executed by the processor: record an execution history of the shared program instructions;  38 record a request to submit the transaction; and/or record any cryptographic authorizations submitted along with the transaction [¶19, FIGS. 2-A, 2-B, and 2-C depict a data flow useful in accumulating information from an accounting table 204, an event log table 206, and a sessions information table 254 to create a session table 240 and a request table 246. As shown in FIG. 2-A, a history table 202 may be queried with the accounting table 204 to determine which entries in the accounting table 204 have not been previously processed. The history table 202 may include a listing of those entries within the accounting table 204 that have been previously processed. The accounting table 204 may be periodically purged. If the periodic purging occurs less frequently than the processing of the transaction data, the history table 202 provides a listing of those transactions in the accounting table 204 that had been previously processed. The history table 202 may be purged at the same time as the accounting table 204. The query is performed as shown in transaction 212 to select the current transactions and store them in the current transactions accounting table 214. Once the current accounting transactions table 214 has been used in the process below, the history table 202 may be updated with an update history transaction 210].
Regarding claim 5, LITSIOS does not explicitly disclose, however, Clark discloses,, further comprising an execution engine including program instructions that, when executed by the processor: validate that the privacy restrictions for the first or second database user and the first or second set of authorizations conform to respective global rules for the database system; and record evidence of validation of the privacy restrictions and authorizations in the evidence log [¶19, FIGS. 2-A, 2-B, and 2-C depict a data flow useful in accumulating information from an accounting table 204, an event log table 206, and a sessions information table 254 to create a session table 240 and a request table 246. As shown in FIG. 2-A, a history table 202 may be queried with the accounting table 204 to determine which entries in the accounting table 204 have not been previously processed. The history table 202 may include a listing of those entries within the accounting table 204 that have been previously processed. The accounting table 204 may be periodically purged. If the periodic purging occurs less frequently than the processing of the transaction data, the history table 202 provides a listing of those transactions in the accounting table 204 that had been previously processed. The history table 202 may be purged at the same time as the accounting table 204. The query is performed as shown in transaction 212 to select the current transactions and store them in the current transactions accounting table 214. Once the current accounting transactions table 214 has been used in the process below, the history table 202 may be updated with an update history transaction 210].
Regarding claim 6, LITSIOS does not explicitly disclose, however, Clark discloses, further comprising a transaction and concurrency engine having program instructions that, when executed by the processor, use a concurrency control protocol to process concurrent transactions submitted to the database system [¶27, with the summaries, session tables and request tables may be updated or new entries may be added. As shown in step 314, the session table may be updated with sessions that were previously opened and have new data. As shown in step 316, new sessions that were opened since the previous processing may be inserted into the sessions table. Similarly, the request table may update as shown in step 318 or new requests may be inserted in the request table as shown in step 320. These steps, 314, 316, 318 and 320 may be performed in various orders or simultaneously, depending upon the capabilities of the enterprise data warehouse system].
Regarding claim 7, LITSIOS does not explicitly disclose, however, Clark discloses, wherein the shared program instructions are, at least in part, stored procedures stored in the memory, and the system further comprises a procedural handler configured to: determine, from the transaction submitted by the first or second database user, one or more stored procedures suitable to process the transaction; and process, at least in part, the transaction by executing the one or more stored procedures [¶13] FIG. 1 depicts an exemplary embodiment of an enterprise data warehouse 100. The enterprise data warehouse 100 may have one or more processors 102, network interfaces 104, programs 106, an accounting database 108, an event log database 116, a session information database 112, a sessions database 114, a history database 116, a request database 118, and various temporary databases 120. A processor or multiple processors 102 may interpret and perform transactions with the various databases and tables. Multiple processors may allow parallel processing and faster performance].
Regarding claim 8, LITSIOS discloses, further comprising an execution engine configured to execute the shared program instructions and enforce the privacy and authorization models [¶89, In some examples, the system may restrict providing the identification results of the query to nodes that are stakeholders to the specified code segment. For example, the system may restrict the results to the sharing nodes that authorize the specified code segment and/or the executing node(s) that execute the specified code segment. This may be useful to maintain privacy of the nodes that are involved. In further examples, a larger set of nodes may have permission to receive results of the query, such as nodes that have permission from the sharing nodes and executing node(s) in the specified code segment. In some examples,
privacy may be maintained by encryption of at least part of the data in the specified code segment so that only specified nodes can access information about one or more other nodes associated with the specified code segment].
Regarding claim 9, LITSIOS discloses, wherein the execution engine is configured to limit access to the data records in a manner consistent with the privacy model 
[¶74, The distributed ledger provides data storage, data distribution, privacy, security and enables transactions. In this disclosure, the distributed ledger has a global synchronization 1 log that stores public data associated with private data. The private data is stored in one or more private data stores separate from the global synchronization log. The private data in the one or more private data stores are not accessible to an unauthorized node (or participant associated with the node). A node can verify the public data available on the global synchronization log based on the corresponding private data available to the node in the one or more private data stores. Alternatively, attestation or proof of verification may be performed by one node and sent to another node], and [¶89, In some examples, the system may restrict providing the identification results of the query to nodes that are stakeholders to the specified code segment. For example, the system may restrict the results to the sharing nodes that authorize the specified code segment and/or the executing node(s) that execute the specified code segment. This may be useful to maintain privacy of the nodes that are involved. In further examples, a larger set of nodes may have permission to receive results of the query, such as nodes that have permission from the sharing nodes and executing node(s) in the specified code segment. In some examples,
privacy may be maintained by encryption of at least part of the data in the specified code segment so that only specified nodes can access information about one or more other nodes associated with the specified code segment].
Regarding claim 10, LITSIOS does not explicitly disclose, however, Clark discloses, wherein the execution engine is configured to execute the shared program instructions and, if specified by the shared program instructions, alter the privacy and authorization models consistent with the shared program instructions [¶43,  In one example of the computer system, the second program code further comprises program instructions that, when executed, determines all explicit and implicit cryptographic authorizations required for authorized execution of the one or more shared code segments and, if not all explicit and implicit cryptographic authorizations are present, does not authorize execution of the one or more shared code segments].
Regarding claim 11, LITSIOS does not explicitly disclose, however, Clark discloses, wherein the transaction is submitted by the second database user and the shared program instructions, when executed by the processor, change at least the first database user's access to the first subset of the data records [¶43,  In one example of the computer system, the second program code further comprises program instructions that, when executed, determines all explicit and implicit cryptographic authorizations required for authorized execution of the one or more shared code segments and, if not all explicit and implicit cryptographic authorizations are present, does not authorize execution of the one or more shared code segments].
Regarding claim 12, LITSIOS does not explicitly disclose, however, Clark discloses, wherein the transaction is submitted by the second database user and the shared program instructions, when executed by the processor, change at least the first database user's first set of authorizations that permit the first database user to manipulate the first subset of the data records [¶43,  In one example of the computer system, the second program code further comprises program instructions that, when executed, determines all explicit and implicit cryptographic authorizations required for authorized execution of the one or more shared code segments and, if not all explicit and implicit cryptographic authorizations are present, does not authorize execution of the one or more shared code segments].
Regarding claim 13, LITSIOS does not explicitly disclose, however, Clark discloses further comprising an evidence log and program instructions stored in the memory that, when executed by the processor: record an execution history of the shared program instructions; record a request to submit the transaction; and/or record any cryptographic authorizations submitted along with the transaction, wherein the shared program instructions, when executed by the processor, alter the privacy and authorization models only if certain data is present or not present in the evidence log or the transaction [¶25,  As shown in step 302, a current set of accounting transactions may be determined. The current set of accounting transactions may include transactions not previously processed. In one exemplary embodiment, the current set of transactions may be determined by comparing an accounting database with a history table]; and
Regarding claim 14, LITSIOS does not explicitly disclose, however, Clark discloses, wherein the shared program instructions, when executed by the processor, perform step 3 of claim 1 and commit the transaction only if certain data is present or not present in the evidence log or the transaction itself [¶25, As shown in step 302, a current set of accounting transactions may be determined. The current set of accounting transactions may include transactions not previously processed. In one exemplary embodiment, the current set of transactions may be determined by comparing an accounting database with a history table].
Regarding claim 15, LITSIOS discloses, wherein the shared program instructions, when executed by the processor, commit both the transaction and evidence of its privacy and authorization validity simultaneously [¶7, In this system, nodes are able to pre-agree in a verifiable manner to existing or new 9bligations they enter into. Code segments contain obligations and which may involve providing execution of code, or providing input/output to ensure code executes. Nodes are able commit data or code in a non-reputable fashion to the distributed ledger (utilizing for example Merkle proofs), while allowing the later selective revealing of that secret data or code where required. This enables system wide coordination of the execution of processes whereby nodes can act, and authorize, execution of shared code segments and verify execution of code], and [¶13, in some examples, a sharing node may request one or more other node to perform an action. In some examples, the request comprises an authorization for performing a requested action. In another example, the request comprises a delegation to the other node for performing a requested action. In yet another example, the request comprises a commitment by the other node to perform a requested action. In yet another example, the ·request comprises a request for execution of one of the one or more code segments. In a further example, the request comprises an authorization to the other node to make a subsequent request. In another example, the request comprises a delegation to the other node to make a subsequent request. In a further example, the request comprises a commitment by the other node to make a subsequent request], and [¶¶17, 20, 26, 37-41, 87].
Regarding claim 16, this claim is interpreted and rejected for the same rational set forth in claim 1.
Regarding claim 17, this claim is interpreted and rejected for the same rational set forth in claim 2.
Regarding claim 18, LITSIOS does not explicitly disclose, however, Clark discloses, wherein the transaction includes a request to manipulate, consistent with the first set of authorizations, the first subset of data records in response to a condition, wherein step 16.b) comprises verifying occurrence of the condition and manipulating the first subset of data records consistent with the privacy and authorization models [¶25, As shown in step 302, a current set of accounting transactions may be determined. The current set of accounting transactions may include transactions not previously processed. In one exemplary embodiment, the current set of transactions may be determined by comparing an accounting database with a history table].
Regarding claim 19, LITSIOS does not explicitly disclose, however, Clark discloses wherein the condition includes determining whether a status of another transaction or a subset of the data records meets certain criteria [¶25, As shown in step 302, a current set of accounting transactions may be determined. The current set of accounting transactions may include transactions not previously processed. In one exemplary embodiment, the current set of transactions may be determined by comparing an accounting database with a history table].
Regarding claim 20, LITSIOS discloses, wherein the privacy model and/or authorization model specify one or more anticipated actions or results, as part of the submitted transaction [¶95, in many distributed systems, code is often executed by multiple nodes resulting in redundant executions of code. In contrast, in the present disclosure the code segments may be jointly executable. By this it is meant that the code segments can be executed by one of the executing nodes as well as more than one. In most cases a code segment would be executed, and the obligation to execute the code segment can be satisfied by the node that actually executes the code segment. In the typical example, the other executing nodes therefore do not have the obligation to execute the code segment as the code segment has already been
executed. In some example, the failure of a node to properly execute a code segment may be
rectified by another executing node (properly authorized) to execute the code segment. In,
alterative examples, the execution of a code segment by a single node does not satisfy the obligation to execute the code segment. For example, a code segment may require all the sharing nodes of the code segment to execute the code segment], and [¶99, Specified execution conditions can be more than just related to the execution of other code segments. In essence, a specified execution condition can be any condition that must be satisfied for the execution of a code segment. Conditions may be pre-conditions, which are satisfied prior to execution; contemporaneous conditions, which are satisfied during execution; and even post-conditions, where a code segment may be executed by an executing node, but considered to have been not executed if the execution post-condition is not satisfied], and [¶¶100-103, A sharing node may request other nodes to perform an action. The request may take various forms, but typically the request comprises an authorization, a delegation, a commitment by the other node or execution of one of the code segments], and [¶119, the execution of code segment 143. In this example, this authorization has an implied request for execution of the code segment 143 but as above, there could alternatively be a requirement for an explicit request for execution of the code segment 143. Code segment 143 is shared between the same nodes as code segment 142 (node 102 and node 106) but in this case the code segment 143 has a specified execution condition that the code segment 142 has been executed and authorized the execution of code segment 143. The executing node 104 checks to see whether code segment 143 can be executed, the executing node determines if the specified execution condition has been satisfied. In this case, the code segment 142 has been executed and authorized the execution of code segment 143, so the executing node 104 executes 712 the code segment]
Regarding claim 21, LITSIOS does not explicitly disclose, however, Clark discloses, wherein the database system further comprises an evidence log, the method further comprising: a) recording an execution history of the shared program instructions; b) recording a request to submit the transaction, and/or c) recording any cryptographic authorizations submitted along with the transaction [¶19, FIGS. 2-A, 2-B, and 2-C depict a data flow useful in accumulating information from an accounting table 204, an event log table 206, and a sessions information table 254 to create a session table 240 and a request table 246. As shown in FIG. 2-A, a history table 202 may be queried with the accounting table 204 to determine which entries in the accounting table 204 have not been previously processed. The history table 202 may include a listing of those entries within the accounting table 204 that have been previously processed. The accounting table 204 may be periodically purged. If the periodic purging occurs less frequently than the processing of the transaction data, the history table 202 provides a listing of those transactions in the accounting table 204 that had been previously processed. The history table 202 may be purged at the same time as the accounting table 204. The query is performed as shown in transaction 212 to select the current transactions and store them in the current transactions accounting table 214. Once the current accounting transactions table 214 has been used in the process below, the history table 202 may be updated with an update history transaction 210].
Regarding claim 22, LITSIOS does not explicitly disclose, however, Clark discloses validating that the privacy restrictions for the first or second database users in the privacy model and the first or second set of authorizations in the authorization model conform to respective global rules for the database system; and recording evidence of validation of the privacy restrictions and authorizations in the evidence log[¶19, FIGS. 2-A, 2-B, and 2-C depict a data flow useful in accumulating information from an accounting table 204, an event log table 206, and a sessions information table 254 to create a session table 240 and a request table 246. As shown in FIG. 2-A, a history table 202 may be queried with the accounting table 204 to determine which entries in the accounting table 204 have not been previously processed. The history table 202 may include a listing of those entries within the accounting table 204 that have been previously processed. The accounting table 204 may be periodically purged. If the periodic purging occurs less frequently than the processing of the transaction data, the history table 202 provides a listing of those transactions in the accounting table 204 that had been previously processed. The history table 202 may be purged at the same time as the accounting table 204. The query is performed as shown in transaction 212 to select the current transactions and store them in the current transactions accounting table 214. Once the current accounting transactions table 214 has been used in the process below, the history table 202 may be updated with an update history transaction 210].
Regarding claim 23, this claim is interpreted and rejected for the same rational set forth in claim 6.
Regarding claim 24, this claim is interpreted and rejected for the same rational set forth in claim 7.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Shirole (US2019/0108361) [SECURE ACCESS TO MULTI-TENANT RELATIONAL DATA].
Gupta (US2017/0291295) [SYSTEM AND METHOD FOR FACILITATING PROGRAM SHARING].
Agrawal (US7243097) [Extending Relational Database Systems to Automatically Enforce Privacy Policies].
England (US7676498) [Method and Data Processing System for Managing User Roles].
Hay (US2020/0097680) [TECHNIQUES AND ARCHITECTURES FOR MANAGING PRIVACY INFORMATION AND PERMISSIONS ACROSS DISPARATE DATABASE TABLES].
Chizi (US2019/0166102) [SYSTEM FOR RETRIEVING PRIVACY-FILTERED INFORMATION FROM TRANSACTION DATA].
Chase (US2010/0191975) [ privacy-preserving communication].
WO2014/025809 [COMPUTERIZED METHOD AND SYSTEM FOR MANAGING SECURE CONTENT SHARING IN A NETWORKED SECURE COLLABORATIVE EXCHANGE ENVIRONMENT].
Maier (US2015/0256520) [ PROCESSING OF RESTRICTED DATA].
CN1647062A [ Application Program Sharing Security].
                                                                                                                                                                                                     Applicants are encouraged to take advantage of the After Final Consideration Pilot 2.0 (AFCP 2.0) which authorizes non-production time for consideration of responses filed after a final rejection. The purpose of the pilot is to compact prosecution of the case. The request must include 1) A signed AFCP request form (PTO/SB/434 or equivalent) that includes a statement that applicant is requesting consideration under the AFCP; 2) An amendment to at least one independent claim that does not broaden the scope of the independent claim in any aspect; and 3) A statement that applicant is willing and available to participate in any interview initiated by the examiner concerning the present response.  In the limited amount of non-production time if the examiner’s consideration of a proper AFCP 2.0 request and response does not result in a determination that all pending claims are in condition for allowance, the examiner will request an interview with the applicant to discuss the response. For more info, please visit http://www.uspto.gov/patent/initiatives/after-final-consideration-pilot-20                                                                                                             
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MOTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
                                                                                                                                                                             Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAHRIAR ZARRINEH whose telephone number is (571)272-1207. The examiner can normally be reached Monday-Friday, 8:30am-5:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge Ortiz-Criado can be reached on 571-272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SHAHRIAR ZARRINEH/Examiner, Art Unit 2496