DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
1.The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
2. Applicant’s arguments filed on  08/22/2022 with respect to 102  rejection have been considered but are moot based on the the new ground of rejection.

3. Applicant argues that the primary reference Ramachandran do not discloses the new limitation of claim 1 which recites: “ identify authorized bits of an initial seed that are uniquely allocated to a block stored in a distributed ledger accessed by the plurality of nodes, wherein the block corresponds to the node and the authorized bits are to be modified only by the node “.

4. Examiner would like to point out that the new secondary reference Van DijK (8,752,156).
  in Col.9, lines.18-28 teaches  the above claimed limitation (see the rejection below).


Claim Rejections - 35 USC § 103
5. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

6. Claim(s) are 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Ramachandran (US Pub.No.2018/0316492) in view of  Van DijK (US Pat.No.8,752,156).


7. Regarding claims 1, 10, 19 Ramachandran teaches a network node system, a method and a non-transitory computer readable medium comprising: a processor configured to identify authorized bits of an initial seed which are uniquely allocated to a block stored in a distributed ledger accessed by a plurality of nodes (abstract teaches encrypting data on a blockchain network. The system comprises at least one injector coupled to a node on the blockchain, a controller coupled to the injector, and a generator coupled to the controller. The injector intercepts messages bound for the blockchain and encrypts data in the messages using encryption information received from the controller. The controller acquires encryption information from the generator, which generates encryption keys and derives encryption information from those encryption keys. The encryption information may be divided into multiple parts and distributed between a plurality of injectors. As a result, to assemble an encryption key for encrypting or decrypting data, an injector will have to cooperate with other injectors to acquire sufficient encryption information to re-assemble the encryption key. Para:0019 teaches the system comprising a generator having a seeder, wherein the seeder is configured to generate random numbers and the generator is configured to generate an encryption key using the random numbers, and wherein the generator is operable to transmit encryption information based on the encryption key. 
Para:0082 and Para:0105 teaches the injector 60 receives or intercepts an inbound message that contains a payload that is to be encrypted or an outbound message that contains a payload that is to be decrypted. The injector 60 may then verify that the request is authentic and that the requestor is authorized to encrypt or decrypt the data at that node 2);

modify the identified authorized bits of the initial seed, encrypt the modified authorized bits using an encryption key of the node, and store the encrypted authorized bits in a block of the distributed ledger which includes a block of authorized bits updated by at least one other node, wherein a final seed is capable of being assembled using authorized bits modified by the node and other authorized bits modified by the at least one of the plurality of nodes stored in the distributed ledger (Para:0065 teaches the generator 20 may be configured to back up its memory 28 to an external device, such as a hard disk, memory card, DVD, smart card, or other type of removable media. Such backups may be triggered by various events, such as when the generator 20 changes states. A state change may be associated with the addition of participants on the blockchain, generating new encryption keys, or generating new key shares. The information backed up may include any subset of or all of the data stored in memory 28. In a preferred embodiment, the generator 20 backs up at least the encryption keys stored in memory 28. After each backup, the generator 20 may delete some or all of its data stored in memory 28. Para:0086-0087 teaches the injector 60 can then monitor communications inbound to and outbound from the node. When the injector 60 detects a message that requires encryption or decryption, the injector 60 extracts the data portion of the message, completes the encryption of decryption, injects the encrypted/decrypted data back into the message, and passes it to the node or the requestor.
Para:0105-0111 and Para:0093 teaches the encryption process may require the injector 60 to cooperate with other injectors in the system 10 to obtain at least k key shares to enable encryption of the data. The injectors 60 are communicatively coupled to one another to accomplish this process, which may be referred to as obtaining quorum. The requirement of quorum is often imposed when multiple parties share an encryption key that is used to encrypt data that is shared between the parties. In general terms, the quorum process requires the injector 60 to contact other injectors and request that they provide their key shares so that at least k key shares are available to reassemble the encryption key. The different processes for obtaining quorum. The encryption key can then be assembled from the at least k key shares and be used to encrypt or decrypt data).;

Ramachandran teaches all the above claimed limitations but does not expressly teach identify authorized bits of an initial seed that are uniquely allocated to a block stored in a distributed ledger accessed by the plurality of nodes, wherein the block corresponds to the node and the authorized bits are to be modified only by the node 

  Van Dijik teaches identify authorized bits of an initial seed that are uniquely allocated to a block stored in a distributed ledger accessed by the plurality of nodes, wherein the block corresponds to the node and the authorized bits are to be modified only by the node (Col.9, lines.18-28 teaches modifying the seed bits).

Therefore, to would have been obvious to one of the ordinary skills in the art before the effective filing date of the invention was filed to modify Ramachandran to include the distributed ledger transactions include information for managing payment for access to the files; and receiving and mining the distributed ledger transactions from the server, as taught by Van Dijik such a setup would be difficult to modify or tamper the data using blockchain transaction.

8. Regarding claims 2, 11, 20 Ramachandran teaches the network node, the method and the non-transitory computer readable medium, wherein the processor is configured to receive encryption keys of each of a plurality of nodes that have modified authorized bits of the initial seed and stored the modified bits on the distributed ledger (Para:0016 teaches encrypting blockchain data comprising a generator operable to generate an encryption key and to derive n key shares from the encryption key, wherein at least k key shares are required to assemble the encryption key and k is less than or equal to n; a controller communicatively coupled to the generator, wherein the controller is operable to receive a set of the n key shares; and a plurality of injectors, each having a persistent memory, the plurality of injectors comprising: a first injector communicatively coupled to a blockchain network and to the controller, wherein the first injector is operable to receive a first message inbound for the blockchain and to identify a data portion of the message, and wherein the first injector is operable to receive a first portion of the set of n key shares, wherein the first portion is less than k; and a second injector communicatively coupled to the blockchain network, to the controller, and to the first injector, wherein the second injector is operable to receive a second portion of the set of n key shares, wherein said second portion is less than k, wherein the first injector is operable to request that the second injector transmit the second portion and operable to encrypt the data portion using the first and second portions of the set of n key shares, wherein the encrypted data portion is injected into the blockchain, and wherein each of the plurality of injectors can read the encrypted data portion, and wherein each of the plurality of injectors stores less than k of said set of n key shares in said persistent memory.
 Para:0065 teaches the generator 20 may be configured to back up its memory 28 to an external device, such as a hard disk, memory card, DVD, smart card, or other type of removable media. Such backups may be triggered by various events, such as when the generator 20 changes states. A state change may be associated with the addition of participants on the blockchain, generating new encryption keys, or generating new key shares. The information backed up may include any subset of or all of the data stored in memory 28. In a preferred embodiment, the generator 20 backs up at least the encryption keys stored in memory 28. After each backup, the generator 20 may delete some or all of its data stored in memory 28).

9. Regarding claims 3, 12 Ramachandran teaches the network node and the method, wherein the processor is configured to decrypt encrypted authorized bits modified by each of the plurality of nodes stored in the distributed ledger based on the receipt of the encryption keys (Para:0063 teaches the generator 20 includes memory 28, the generator 20 may also store the new encryption key, the key shares, or other encryption information in memory 28. In a preferred embodiment, the generator 20 stores the encryption key in memory 28 but deletes (or does not store) the encryption keys or other encryption information derived from the key. Subsequently, if the generator 20 receives a request to provide key shares associated with an already-created encryption key, the generator 20 retrieves the encryption key from memory 28 and repeats the process for generating a new set of key shares. The new key shares are equally capable as the original key shares of being used by the injectors 60 to encrypt and decrypt data. The new key shares may then be redistributed to the appropriate controller(s) 40, at which point any remaining old key shares are destroyed because they cannot be used with old key shares.
Para:0082 teaches each item of encryption information may be stored in memory 66 with other information pertinent to the encryption information, such as the identity of the entity that is associated with the encryption information, the identity of users authorized to use the encryption information, the time of creation of the encryption information, and the duration of validity for the encryption information. Some of the information stored in memory 66 (particularly the key shares) may itself be encrypted, or the entire memory 66 may be encrypted. In embodiments where the key shares (or other encryption information) are maintained in an encrypted format, the injector 60 may be the only component that decrypts the key shares. Thus, the key shares may be stored in memory 66 in an encrypted format, but when the injector 60 prepares to encrypt or decrypt a blockchain payload, the injector 60 decrypts the key share in a secure memory location).

10. Regarding claims 4, 13 Ramachandran teaches the network node and the method, wherein the processor is configured to generate the final seed based on the decrypted authorized bits (Para:0018 and abstract teaches encrypting data on a blockchain network. The system comprises at least one injector coupled to a node on the blockchain, a controller coupled to the injector, and a generator coupled to the controller. The injector intercepts messages bound for the blockchain and encrypts data in the messages using encryption information received from the controller. The controller acquires encryption information from the generator, which generates encryption keys and derives encryption information from those encryption keys. The encryption information may be divided into multiple parts and distributed between a plurality of injectors. As a result, to assemble an encryption key for encrypting or decrypting data, an injector will have to cooperate with other injectors to acquire sufficient encryption information to re-assemble the encryption key. Para:0082 teaches the injector 60 includes a memory 66 for storing and maintaining encryption information. Similar to the memory 66 associated with the controller 40, each item of encryption information may be stored in memory 66 with other information pertinent to the encryption information, such as the identity of the entity that is associated with the encryption information, the identity of users authorized to use the encryption information, the time of creation of the encryption information, and the duration of validity for the encryption information. Some of the information stored in memory 66 (particularly the key shares) may itself be encrypted, or the entire memory 66 may be encrypted. In embodiments where the key shares (or other encryption information) are maintained in an encrypted format, the injector 60 may be the only component that decrypts the key shares. Thus, the key shares may be stored in memory 66 in an encrypted format, but when the injector 60 prepares to encrypt or decrypt a blockchain payload, the injector 60 decrypts the key share in a secure memory location).

11. Regarding claims 5, 14 Ramachandran teaches the network node and the method, wherein the processor is further configured to transmit the encryption key of the node to the plurality of nodes to decrypt the authorized bits stored in the distributed ledger (Para:0059 and para:0093 teaches the generator 20 may include a key sharing module 26 that generates the encryption information that is shared with the controller 40. In a preferred embodiment, the key sharing module 26 uses Shamir's Secret Sharing Algorithm to generate “key shares” based on the encryption key, but other key sharing algorithms may be used to generate the key shares. In general terms, a key sharing algorithm derives n pieces of information from the encryption key, which are the key shares. The key shares are configured such that, if an entity knows or possess at least k of the key shares, it may use the key shares to assemble the encryption key, which may in turn be used to encrypt or decrypt data. But if an entity has k−1 (or fewer) key shares, it cannot assemble the encryption key nor may it encrypt or decrypt any data Shamir's Secret Sharing Algorithm, or a similar approach, is thus advantageous because no entity must possess the entire encryption key, an outsider cannot simply hack one message to obtain the information required to decrypt data, and the confidentiality of data is not compromised even if one or more (but less than k) key shares become compromised).

12. Regarding claims 6,15 Ramachandran teaches the network node and the method, wherein the processor is further configured to generate a random sequence value based on the final seed value and store the generated random sequence value in a block of the distributed ledger (Para:0017 teaches receiving a message inbound for a blockchain network, the message containing a data portion; transmitting a request to a controller for a first portion of a set of n key shares, wherein the set of n key shares are derived from an encryption key and at least k key shares are required to assemble the encryption key, and wherein the first portion is less than k; obtaining from at least one of a plurality of injectors a second portion of the set of n key shares, wherein the second portion is less than k; assembling the encryption key using the first portion and the second portion; extracting the data portion from the message and encrypting the data portion using the encryption key; and injecting the encrypted data portion into the blockchain, wherein each of the plurality of injectors can read the encrypted data portion, and wherein each of the plurality of injectors stores less than k of the set of n key shares in the persistent memory. para:0019 and Para:0054 teaches a system for encrypting blockchain data comprising a generator having a seeder, wherein the seeder is configured to generate random numbers and the generator is configured to generate an encryption key using the random numbers, and wherein the generator is operable to transmit encryption information based on the encryption key).

13. Regarding claims 7,16 Ramachandran teaches the network node and the method, wherein the processor is further configured to receive a random sequence value from the organizing node (Para:0019 and Para:0054-0055 teaches a system for encrypting blockchain data is provided comprising a generator having a seeder, wherein the seeder is configured to generate random numbers and the generator is configured to generate an encryption key using the random numbers, and wherein the generator is operable to transmit encryption information based on the encryption key; a controller communicatively coupled to the generator, wherein the controller is operable to request the encryption information from the generator and operable to transmit at least a portion of the encryption information; and a first injector communicatively coupled to the controller and to a first node on a blockchain network, wherein the first injector receives a message inbound for the node, wherein the first injector is operable to request the at least portion of the encryption information, and wherein the first injector is operable to encrypt at least a portion of the message using the at least portion of the encryption information).

14. Regarding claims 8,17 Ramachandran teaches the network node and the method, wherein the processor is further configured to verify the random sequence value generated by the organizing node based on the generated random sequence value (Para:0019 and Para:0054-0055 teaches when the generator 20 receives a New Key Command, the generator 20 may take various actions before instructing the seeder 24 to generate the random numbers required for generating a new encryption key. In some embodiments, for example, the generator 20 may optionally provide certain parameters to an authorization module 34 to authenticate the request before taking further action. The authorization module 34 may in turn process the parameters to determine, for instance, whether the requesting network participant is authorized to use the system 10, whether the node is authorized on the blockchain, whether the controller 40 has properly authenticated the message, whether the command is valid, or any combination of the foregoing or other properties associated with the request. Provided that the authorization module 34 validates the request, it may provide an affirmative message that indicates that the generator 20 should continue with generating the new encryption key). 

15. Regarding claims 9, 18 Ramachandran teaches the network node and the method, wherein, wherein the processor is further configured to transmit a result of the verification to the organizing node (Para:0072 teaches When the controller 40 receives an Encryption Information Request, the controller 40 may take various actions before obtaining the encryption information necessary to respond to the injector's request. For instance, in embodiments with an authorization module 46, the controller 40 may supply parameters from the Encryption Information Request to the authorization module 46, which may verify that the command is authorized. The authorization module 46 may check, for example, whether the network participant attempting to input data is authorized to use the system 10, whether the node is authorized on the blockchain, whether the injector 60 has provided the proper parameters for requesting encryption information, or any combination of the foregoing or other properties associated with the request. Provided that the authorization module 46 validates the request, it may provide an affirmative message that indicates that the controller 40 should continue with providing the requested encryption information. 
Para:0088 teaches the authentication and authorization module 68 then processes that information to verify the identity of the sender and confirm that the sender has appropriate permissions to enter the data into the blockchain. Provided that the message is authenticated and authorized, the module may provide a confirmation to the injector 60.
Para:0106 teaches the injector 60 receives or intercepts an inbound message that contains a payload that is to be encrypted or an outbound message that contains a payload that is to be decrypted. At step 802, the injector 60 may then verify that the request is authentic and that the requestor is authorized to encrypt or decrypt the data at that node 2).


Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to DEREENA T CATTUNGAL whose telephone number is (571)270-0506. The examiner can normally be reached Mon-Fri: 7:30 AM-5 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DEREENA T CATTUNGAL/Primary Examiner, Art Unit 2431