DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is in response to the communication filed on 11/04/2020.
Claims 1-20 are pending for consideration.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 3-4, 8, 10, 12-13, 17 and 19 are rejected under 35 U.S.C. § 103 as being unpatentable over Kaliski, JR.; Burton S. (US 20140123301 A1, hereinafter Kaliski) in view of Triandopoulos; Nikolaos et al.  (US 10635824 B1, hereinafter Triandopoulos) and further in view of Salomon; Yacov et al. (US 20210319131 A1, hereinafter Salomon). 
	Regarding claim 1, Kaliski teaches a method of performing a domain name service (DNS) lookup comprising employing at least one hardware processor of a computer system to (¶2, methods and systems for preserving the privacy of queries for domain name information; ¶7, provide a way of preserving privacy during domain name lookup and other operations):
	formulate a private query comprising an encryption according to the domain name (¶46, preserving privacy of the domain name query by using tokenized domain name strings. The tokenized domain name may be submitted to the tokenized list holder; ¶61, prior to sending the domain name to the tokenizing authority 140, the user or registrant 110 may preprocess the domain name by blinding it using an appropriate homomorphism function on the input space of the tokenizing function; see also ¶62);
	in response to formulating the private query, transmit the private query to a nameserver configured to perform an encrypted lookup into the domain name database according to the private query ([0035], a DNS server containing nameserver information for a domain name registered through that registry 130, so that when a website is requested via the domain name in a URL, the proper nameserver will eventually respond to the request; ¶46, preserving privacy of the domain name query by using tokenized domain name strings. The tokenized domain name may be submitted to the tokenized list holder 150 via an intermediary, such as a privacy preserving domain name supporting registrar 120; see also ¶61), producing an encryption of a record (¶10, in response, the requested information may be returned which may be optionally encrypted in whole or in part with an encryption key based on the domain name; ¶33, a user requesting information about a domain name in the broadest sense. Such information may include, domain name record information); and
	in response to receiving a private reply comprising the encryption of the record from the nameserver (¶10, in response, the requested information may be returned which may be optionally encrypted in whole or in part with an encryption key based on the domain name), decrypt a content of the private reply according to a homomorphic decryption procedure (¶73, a user or the one or more registries 130 could obtain an encryption or decryption key by which to encrypt or decrypt encrypted data associated with a registered domain; ¶76, Using the decryption key, the domain related information is decrypted in step 840; see also ¶93).	Kaliski teaches the querying of a domain name server and domain name database using an encryption method such as homomorphism.  Kaliski does not explicitly disclose:	formulate a private query comprising an encryption of a hash index indicative of a location of a record within a database, the hash index encrypted according to a homomorphic encryption procedure, and wherein the hash index is determined according to the query.	 On the other hand, Triandopoulos teaches:
	formulate a private query comprising an encryption of a hash index indicative of a location of a record within a database (Triandopoulos col. 10 lines 61-67 to Triandopoulos col. 11 lines 1-18, a client C wants to query whether or not item x is in X, the client simply hashes x using each of the hash function to retrieve the bit indices for x. C then requests the k blocks containing the bit indices of x; Triandopoulos col. 14 lines 27-52, to maintain privacy, an additively homomorphic encryption scheme can be used as follows: The client can encrypt a binary value of 1 for each “real” index being queried and encrypt a binary value of 0 for any chaff such index, and provide these encrypted values to the server), the hash index encrypted according to a homomorphic encryption procedure (Triandopoulos col. 10 lines 61-67 to Triandopoulos col. 11 lines 1-38, a client C wants to query whether or not item x is in X, the client simply hashes x using each of the hash function to retrieve the bit indices for x. C then requests the k blocks containing the bit indices of x; col. 11, lines 20-67, col. 12 lines 1-67, Chaff values can be added to each request (i.e., request additional blocks of the Bloom filter) in order to hide which blocks the client input is mapped to; col. 13 lines 1-25, the client should query the same set of blocks each time … accordingly, if there are z fake items, then the client has z-anonymity in the universe U; Triandopoulos col. 14 lines 27-52, to maintain privacy, an additively homomorphic encryption scheme can be used as follows: The client can encrypt a binary value of 1 for each “real” index being queried and encrypt a binary value of 0 for any chaff such index, and provide these encrypted values to the server), and wherein the hash index is determined according to the query (Triandopoulos col. 10 lines 61-67 and Triandopoulos col. 11 lines 1-18, a client C wants to query whether or not item x is in X, the client simply hashes x using each of the hash function to retrieve the bit indices for x);
	in response to formulating the private query (Triandopoulos col. 10 lines 61-67 and col. 11 lines 1-18, a client C wants to query whether or not item x is in X; Triandopoulos col. 14 lines 27-52, to maintain privacy, an additively homomorphic encryption scheme can be used, provide these encrypted values to the server), transmit the private query to a server configured to perform an encrypted lookup into the database according to the private query (Triandopoulos col. 10 lines 61-67 and Triandopoulos col. 11 lines 1-18, a client C wants to query whether or not item x is in X; Triandopoulos col. 14 lines 27-52, to maintain privacy, an additively homomorphic encryption scheme can be used, provide these encrypted values to the server, for each queried Bloom-filter bit b (corresponding to some index i), the server computes b*c.sub.b, where c.sub.b is the unique ciphertext to be used as mask for the bit b in index i and which was provided by the client to the server as part of the query), producing an encryption of the record (Triandopoulos col. 10 lines 61-67 and col. 11 lines 1-18, the server computes b*c.sub.b, client only requires k decryptions for the response); and
	in response to receiving a private reply comprising the encryption of the record from the server (Triandopoulos col. 6 lines 22-33, The client C receives a response 125 from the server S during step 120 based on the transformation of the data element x. FIGS. 2 through 7, the response and/or the determination are based on a result of at least one aggregation 135 of a plurality of values that depend on the data element x and at least one item in the data set X;  Triandopoulos col. 10 lines 61-67 and col. 11 lines 1-18, col. 14 lines 28-52, the server computes b*c.sub.b, client only requires k decryptions for the response), decrypt a content of the private reply according to a homomorphic decryption procedure (Triandopoulos col. 10 lines 61-67 and col. 11 lines 1-18, col. 14 lines 28-52, the server computes b*c.sub.b, client only requires k decryptions for the response; Triandopoulos abstract, a result of at least one aggregation of a plurality of values that depend on the at least one data element and one or more items in the data set; Triandopoulos col. 10 lines 61-67 and Triandopoulos col. 11 lines 1-18, additively homomorphic encryption scheme can be used).	It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Triandopoulos, which teaches querying a database using homomorphic hashing of a query input to produce an index to locate a query result record, into the teaching of Kaliski, which teaches using a domain name for a query, a domain name database and a name server, to result in the aforementioned limitations of the claimed invention.
	One of ordinary skilled would be motivated to do so as it is a simple substitution of one known element for another to obtain predictable result, see MPEP 2143 (I) (B). Kaliski teaches using homomorphic encryption for privacy protection (see ¶61-¶62 of Kaliski) when querying a domain name server. However, Kaliski does not explicitly mention the use homomorphic encryption that encrypts a hashing of an index that indicates the location of the domain name record on the name server, as recited in the claim, see MPEP 2143 (I) (B)(1). Triandopoulos teaches query a database server using homomorphic encryption that encrypts a hashing of an index that indicates the location of the domain name record on the database server, see MPEP 2143 (I) (B)(2).  Since both references teach features that are directed to analogous art, such as, querying with privacy preservation, using homomorphic encryption technique, the results of the substitution using Triandopoulos’ method of homomorphic encryption in place of Kaliski’s homomorphic encryption, would have been predictable for one of ordinary skill in the art, see MPEP 2143 (I) (B)(3).  As a result, it is a simple substitution of one known element for another to obtain predictable result and would be obvious to an ordinary skilled in the art, see also In re Fout, 675 F.2d 297, 213 USPQ 532 (CCPA 1982). Furthermore, using index for record location can improve efficiency for location a searched value.	Kalisi in view of Triandopoulos teaches the querying of domain name, but does not explicitly mention the querying process is in response to the condition discussed in following limitations that Salomon teaches:	in response to receiving query (Salomon ¶44, receive a query including a request for data), determine whether a privacy condition is satisfied according to the query (Salomon ¶45, identify a differential privacy mechanism applicable to the query, the data, or both; Salomon [0063] In some cases, the noisification function may be associated with a level of noise, and the noisification component 655 may determine the level of noise for the noisification function based on a preference of an owner of the data, a user identifier associated with the query, an analytics operation associated with the query, or a combination thereof);
	in response to determining whether the privacy condition is satisfied, [perform a privacy query] (Salomon ¶45, transform the query to include a noisification function based on the differential privacy mechanism; Salomon ¶46, the server 405 may determine a level of noise for the noisification function based on a preference of the owner of the data, a user identifier associated with the query (e.g., for a user operating the user device 415), an analytics operation associated with the query, or a combination thereof, injecting the noise directly into ciphertext using homomorphic encryption techniques; send the transformed query to the database; Salomon [0063] In some cases, the noisification function may be associated with a level of noise, and the noisification component 655 may determine the level of noise for the noisification function based on a preference of an owner of the data, a user identifier associated with the query, an analytics operation associated with the query, or a combination thereof; see also Salomon fig. 4).
	It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Salomon, which teaches determining based on a query, a level noise level such as using homomorphic encryption technique corresponding to privacy to perform private query on a query, into the teaching of Kalisi in view of Triandopoulos to result in the aforementioned limitations of the claimed invention.
	One of ordinary skilled would be motivated to do so as incorporating Salomon’s teaching would help ensure a particular amount of protection from malicious users attempting unauthorized access, thus preventing leakage of private data because this is a result of adding “determining whether a privacy condition is satisfied and performing a privacy query”. In addition, both references teach features that are directed to analogous art, such as, querying with privacy preservation.
	Regarding claim 3, Kalisi in view of Triandopoulos and Salomon teaches the method of claim 1 (see discussion above), wherein the domain name comprises a sequence of tokens (Kaliski ¶43, spilt the domain name into two or more distinct segments or pieces, and tokenize those pieces independently. For example, the domain name "ExampleName.com" could be spilt into two strings "ExampleName" and "com." Each of these strings in turn may be tokenized separately. Thus, the information being tokenized can either be a fully qualified domain name (FQDN) such as "ExampleName.com" or a portion of a FQDN such as a label "ExampleName" or some other portion such as "Example"; ¶46, tokenized domain string (or strings if the tokenization process optionally developed variants by splitting or other means), determine whether a match occurs between the tokenized domain string and the tokenized list), and	determining whether a selected token of the sequence of tokens matches any member of a reference list of tokens (Kaliski ¶46, tokenized domain string (or strings if the tokenization process optionally developed variants by splitting or other means), determine whether a match occurs between the tokenized domain string and the tokenized list).

	Regarding claim 4, Kalisi in view of Triandopoulos and Salomon teaches the method of claim 3, wherein the selected token comprises a domain token or a prefix token (Kaliski ¶43, spilt the domain name into two or more distinct segments or pieces, and tokenize those pieces independently. For example, the domain name "ExampleName.com" could be spilt into two strings "ExampleName" and "com." Each of these strings in turn may be tokenized separately. Thus, the information being tokenized can either be a fully qualified domain name (FQDN) such as "ExampleName.com" or a portion of a FQDN such as a label "ExampleName" or some other portion such as "Example").	Regarding claim 8, Kalisi in view of Triandopoulos and Salomon teaches the method of claim 1, wherein the record comprises an internet protocol (IP) address (Kaliski ¶10, the domain name related request is a request for information pertaining to the domain name, such as an IP address, name server data, WHOIS data, and the like. In response, the requested information may be returned).	Regarding claims 10 and 19, the claims are rejected for the same reasons as that of claim 1, respectively, because the claims 10 and 19 recite essentially the same limitations as that of claim 1, respectively.	Regarding claims 12-13 and 17, the claims are rejected for the same reasons as that of claims 3-4 and 8, respectively, because the claims 12-13 and 17 recite essentially the same limitations as that of claims 3-4 and 8, respectively.

Claims 2 and 11 are rejected under 35 U.S.C. § 103 as being unpatentable over Kaliski in view of Triandopoulos and further in view of Salomon and XIAO; Wei (US 20210203475 A1, hereinafter Xiao).
	Regarding claim 2, Kalisi in view of Triandopoulos and Salomon teaches the method of claim 1 (see discussion above), further comprising, in response to determining whether the privacy condition is satisfied (Salomon ¶45, transform the query to include a noisification function based on the differential privacy mechanism; Salomon ¶46, the server 405 may determine a level of noise for the noisification function based on a preference of the owner of the data, a user identifier associated with the query (e.g., for a user operating the user device 415), an analytics operation associated with the query, or a combination thereof, injecting the noise directly into ciphertext using homomorphic encryption techniques; send the transformed query to the database; see also Salomon ¶63).	formulate another query according to the domain name (Kaliski ¶46, preserving privacy of the domain name query by using tokenized domain name strings, submit a tokenized domain name, such as, for example, the tokenized domain name received from step 230, to a tokenized list holder 150, in cases where a match occurs, for example, the information corresponding to the domain name may be returned, such information being optionally encrypted using one or more encryption keys based on the domain name, as further described herein).	Kalisi in view of Triandopoulos and Salomon teaches the transforming of a query of a domain name to perform encryption of user data based on differential privacy mechanism, to perform various type of encryptions, such as homomorphic encryption (Salomon ¶12, multiple different homomorphic encryption techniques to support different functionality. When the system receives a statistical query for the user data, the system may identify a differential privacy mechanism applicable to the query, queried data, or both. Based on this identified differential privacy mechanism, the system may transform the query. The transformation may involve rewriting the query to target specific encrypted data).	Kalisi in view of Triandopoulos and Salomon does not explicitly disclose that if privacy condition is not satisfied, perform encryption using non-homomorphic encryption that Xiao teaches:	in response to determining whether the privacy condition is satisfied, if no, 	perform encryption according to a non-homomorphic encryption procedure (Xiao [0053], the local nodes may also determine the encryption algorithm used to encrypt the data according to the execution type, the execution types of the data to be disclosed with a delay are different, and the encryption algorithms used may be different, the homomorphic encryption algorithm is correspondingly selected according to the type of operation (such as addition and subtraction, multiplication and division). Usually, text data does not require specific calculation and process, and if the data to be disclosed with a delay is text data that does not need to be calculated, a non-homomorphic encryption algorithm such as an asymmetric encryption algorithm is selected).	It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Xiao, which teaches using different encryption techniques including homomorphic and non-homomorphic encryptions according to different execution type of data, into the teaching of Kalisi in view of Triandopoulos and Salomon, which teaches the query of domain name, based on a satisfied condition, transforming a query to perform respective encryption, including homomorphic encryption, to result in the aforementioned limitations of the claimed invention.
	One of ordinary skilled would be motivated to do so as incorporating Xiao’s teaching would help protect user data in other scenarios thus maintaining optimal security of the system during various scenarios. In addition, both references teach features that are directed to analogous art, such as, encryption of data using homomorphism.	Regarding claim 11, the claim is rejected for the same reasons as that of claim 2, because the claim 11 recites essentially the same limitations as that of claim 2.
Claims 5 and 14, are rejected under 35 U.S.C. § 103 as being unpatentable over Kalisi in view of Triandopoulos and further in view of Salomon and Osterweil; Eric et al.  (US 10999240 B1, hereinafter Osterweil).
	Regarding claim 5, Kalisi in view of Triandopoulos and Salomon teaches the method of claim 1, comprising determining whether the privacy condition is satisfied (see discussion above).	However, Kalisi in view of Triandopoulos and Salomon does not discuss the privacy condition is further according to an authority zone of the nameserver.	On the other hand, Osterweil teaches a privacy condition is according to an authority zone of the nameserver (Osterweil fig. 1, element 130(1); col. 7 lines 20-44, the policy statement restricts resolution to entities in the Pacific Time Zone, then the recursive resolver 150 could generate and transmit DNS queries 140 to only the subset of authoritative name servers 180 that are located in the Pacific Time Zone, the policy statement may specify any type of behavior in any technically feasible fashion; col. 14 lines 30-42, a client may specify security policies that maintain the privacy of the client). 	It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Osterweil, which teaches privacy policy associated with authority zone of a name server, into the teaching of Kalisi in view of Triandopoulos and Salomon, which teaches the query of domain name, based on a satisfied condition, to result in the aforementioned limitations of the claimed invention.
	One of ordinary skilled would be motivated to do so as incorporating Osterweil’s teaching would help providing fine grain protection of user privacy (into zone level) and further providing more flexibility with large and complex systems.  Doing so would help better manage large complex systems and not leave a gap in security do the complexity and size of the systems. In addition, both references teach features that are directed to analogous art, such as, domain name resolution and user privacy. 	Regarding claim 14, the claim is rejected for the same reasons as that of claim 5, because the claim 14 recites essentially the same limitations as that of claim 5.

Claims 6 and 15 are rejected under 35 U.S.C. § 103 as being unpatentable over Kalisi in view of Triandopoulos and further in view of Salomon and Osterweil and Arning et al. (US 20140373177 A1, hereinafter Arning).
	Regarding claim 6, Kalisi in view of Triandopoulos, Salomon and Osterweil teaches the method of claim 5, including determining that the privacy condition of nameserver (see discussion above).	Kalisi in view of Triandopoulos, Salomon and Osterweil does not explicitly disclose: determining that the privacy condition is not satisfied when the nameserver comprises a top level domain (TLD) nameserver.	On the other hand, Arning teaches determining that the privacy condition is not satisfied for common/public terms (Arning [0033], a search term that does not have an associated encrypted token is herein referred to as a common search term, i.e., the non-encrypted token corresponding to a common search term is typically identical to the search term itself; see also Arning ¶32, ¶34, ¶43-¶44 and ¶49).	Arning teaches a structure and algorithm for enabling query modification to allow non-encrypted query when an ordinary person find it not containing sensitive information, furthermore, it would also be obvious not to include this feature if it is not desired, see MPEP 2144.04 (II)(A).  TLDs with adult and location specific data can be sensitive and private data, see attached NPL for TLD from Wikipedia for more information.	It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Arning, which teaches query modification that enables common/public terms not to be encrypted, into the teaching of Kalisi in view of Triandopoulos and Salomon, which teaches the query of domain name, based on a satisfied condition, to result in the aforementioned limitations of the claimed invention.
	One of ordinary skilled would be motivated to do so as incorporating Arning’s teaching would help improve performance because homomorphic encryption is demanding in term of computation and data, as a result, reducing the need for using it when not necessary would help improve performance. In addition, both references teach features that are directed to analogous art, such as, domain name resolution and user privacy.	Regarding claim 15, the claim is rejected for the same reasons as that of claim 6, because the claim 15 recites essentially the same limitations as that of claim 6.

Claims 7 and 16 are rejected under 35 U.S.C. § 103 as being unpatentable over Kalisi in view of Triandopoulos and further in view of Salomon and BORZOV; Dmitry (US 20210288946 A1, hereinafter Borzov).
	Regarding claim 7, Kalisi in view of Triandopoulos and Salomon teaches the method of claim 1, including domain name database and databases connected to nameserver (see discussion above).	Kalisi in view of Triandopoulos and Salomon does not explicitly mention: wherein the private query further includes a bucket index identifying the domain name database from among a plurality of domain name databases connected to the nameserver.	On the other hand, Borzov teaches a query further includes a bucket index identifying a database from among a plurality of databases ([0133], the query includes the encrypted DO ID, the DO ID included in the query at 702 is encoded with information (e.g., fingerprint values as discussed above) identifying corresponding data chunks of the DO stored in each bucket, and the DO ID is further encoded with information (e.g., permutation token as discussed above) for ordering the corresponding data chunks in order to recover the DO; see also ¶145, ¶160; [Examiner remark: databases connected to name server is common knowledge in the art, with respect to DNS architecture, see Wikipedia for this information]).	It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Borzov, which teaches including fingerprint value in a query to identify data chunks in each bucket for identifying data object, into the teaching of Kalisi in view of Triandopoulos and Salomon, which teaches the query of domain name, with domain name databases connected to nameserver, to result in the aforementioned limitations of the claimed invention.
	One of ordinary skilled would be motivated to do so as incorporating Borzov’s teaching would help improve efficiency because searching a specific bucket, which is smaller search area than the whole database, would reduce the lookup time (Borzov ¶167). In addition, both references teach features that are directed to analogous art, such as, query and data privacy (Borzov ¶6, ¶48). 	Regarding claim 16, the claim is rejected for the same reasons as that of claim 7, because the claim 16 recites essentially the same limitations as that of claim 7.

Claims 9 and 18 are rejected under 35 U.S.C. § 103 as being unpatentable over Kalisi in view of Triandopoulos and further in view of Salomon and Arnell; Simon Ian et al. (US 10666672 B2, hereinafter Arnell).	Regarding claim 9, Kalisi in view of Triandopoulos and Salomon teaches the method of claim 1.	Kalisi in view of Triandopoulos and Salomon does not explicitly disclose wherein the record comprises a security indicator indicative of whether accessing a domain represented by the domain name exposes a user to a computer security threat.	On the other hand, Arnell teaches a record comprises a security indicator indicative of whether accessing a domain represented by the domain name exposes a user to a computer security threat (col. 1 lines 63-67, to col. 2 lines 1-18, each query record may include, for example, the address of the client computing device from which the DNS query originated and the domain name being queried, e.g., “www.example.com.” DNS response packets obtained by the computing device may be correlated with query records, e.g., by matching the queried domain names of the query records with the queried domain names specified by the DNS response packets. When a match is identified, the query records may be updated, e.g., by adding the resolved address of the query domain name to the query record, Query records may be used, for example, for a variety of diagnostic and/or analytic purposes. In situations where a resolved IP address is identified as being malicious, query records may be used to identify which client device(s) queries the malicious domain. In some implementations, additional data may be obtained and stored in the query records. For example, the host associated with the client computing device from which a DNS query originated may be identified and stored in the query record, e.g., to identify potentially malicious hosts using multiple client computing devices).	It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Arnell, which teaches a query record containing DNS query information including the domain name and resolved address and additional information, that can be used to identify malicious domain, into the teaching of Kalisi in view of Triandopoulos and Salomon, which teaches the query of domain name, with domain name databases connected to nameserver, to result in the aforementioned limitations of the claimed invention.
	One of ordinary skilled would be motivated to do so as incorporating Arnell’s teaching would help improve security for user’s computing device by further providing indication of malicious information to users to avoid connect to the domain and also for further auditing the system to identify client machines that may be compromised. In addition, both references teach features that are directed to analogous art, such as, query DNS server. 	Regarding claim 18, the claim is rejected for the same reasons as that of claim 9, because the claim 11 recites essentially the same limitations as that of claim 9.
Claim 20 is rejected under 35 U.S.C. § 103 as being unpatentable over Kaliski, JR.; Burton S. (US 20140123301 A1, hereinafter Kaliski) in view of Triandopoulos; Nikolaos et al.  (US 10635824 B1, hereinafter Triandopoulos). 
	Regarding claim 20, Kaliski teaches a server computer system configured to engage in domain name service (DNS) transactions with a plurality of clients (¶2, methods and systems for preserving the privacy of queries for domain name information; ¶7, provide a way of preserving privacy during domain name lookup and other operations), the server computer system comprising at least one hardware processor configured to (¶31, one or more processors; ¶35, a DNS server containing nameserver information for a domain name):
	receive a private query from a client of the plurality of clients (¶7, the subject systems and methods can in one aspect allow users to query a domain name for its availability and associated information without revealing the domain name), the private query comprising an encryption of a domain name according to a homomorphic encryption procedure (¶46, preserving privacy of the domain name query by using tokenized domain name strings. The tokenized domain name may be submitted to the tokenized list holder; ¶61, prior to sending the domain name to the tokenizing authority 140, the user or registrant 110 may preprocess the domain name by blinding it using an appropriate homomorphism function on the input space of the tokenizing function; see also ¶62);
	in response to receiving the private query ([0046], submit a tokenized domain name to a tokenized list holder 150. The tokenized domain name may be submitted to the tokenized list holder 150 via an intermediary, such as a privacy preserving domain name supporting registrar 120, or submitted directly to the tokenized list holder 150. In step 310, the tokenized list holder 150 may receive the tokenized domain string (or strings if the tokenization process optionally developed variants by splitting or other means)), perform an encrypted lookup into the domain name database according to the private query ([0046], the tokenized list holder 150 may compare the tokenized domain string to the tokenized list. In step 330, the tokenized list holder 150 can determine whether a match occurs between the tokenized domain string and the tokenized list, the determination reached by the matching process is returned and passed along to the user, result can be transmitted to the potential registrant 110. In cases where a match occurs, for example, the information corresponding to the domain name may be returned, such information being optionally encrypted using one or more encryption keys based on the domain name, as further described herein), producing an encryption of the record (¶10, in response, the requested information may be returned which may be optionally encrypted in whole or in part with an encryption key based on the domain name; ¶33, a user requesting information about a domain name in the broadest sense. Such information may include, domain name record information; [0046], in cases where a match occurs, for example, the information corresponding to the domain name may be returned, such information being optionally encrypted using one or more encryption keys based on the domain name, as further described herein); and
	transmit a private reply comprising the encryption of the record to the client (¶10, in response, the requested information may be returned which may be optionally encrypted in whole or in part with an encryption key based on the domain name; ¶33, a user requesting information about a domain name in the broadest sense. Such information may include, domain name record information; [0046], result can be transmitted to the potential registrant 110. In cases where a match occurs, for example, the information corresponding to the domain name may be returned, such information being optionally encrypted using one or more encryption keys based on the domain name, as further described herein). 	Kaliski teaches the querying of a domain name server and domain name database using an encryption method such as homomorphism of the query string that is a domain name.  Kaliski does not explicitly disclose:	the private query comprising an encryption of a hash index indicative of a location of a record within a domain name database, the hash index encrypted according to a homomorphic encryption procedure, and wherein the hash index is determined according to a domain name.	 On the other hand, Triandopoulos teaches:
	receive a private query from a client of the plurality of clients (Triandopoulos col. 10 lines 61-67 and Triandopoulos col. 11 lines 1-18, a client C wants to query whether or not item x is in X; Triandopoulos col. 14 lines 27-52, to maintain privacy, an additively homomorphic encryption scheme can be used, provide these encrypted values to the server, for each queried Bloom-filter bit b (corresponding to some index i), the server computes b*c.sub.b, where c.sub.b is the unique ciphertext to be used as mask for the bit b in index i and which was provided by the client to the server as part of the query), the private query comprising an encryption of a hash index indicative of a location of a record within a database (Triandopoulos col. 10 lines 61-67 to Triandopoulos col. 11 lines 1-18, a client C wants to query whether or not item x is in X, the client simply hashes x using each of the hash function to retrieve the bit indices for x. C then requests the k blocks containing the bit indices of x; Triandopoulos col. 14 lines 27-52, to maintain privacy, an additively homomorphic encryption scheme can be used as follows: The client can encrypt a binary value of 1 for each “real” index being queried and encrypt a binary value of 0 for any chaff such index, and provide these encrypted values to the server), the hash index encrypted according to a homomorphic encryption procedure (Triandopoulos col. 10 lines 61-67 to Triandopoulos col. 11 lines 1-38, a client C wants to query whether or not item x is in X, the client simply hashes x using each of the hash function to retrieve the bit indices for x. C then requests the k blocks containing the bit indices of x; col. 11, lines 20-67, col. 12 lines 1-67, Chaff values can be added to each request (i.e., request additional blocks of the Bloom filter) in order to hide which blocks the client input is mapped to; col. 13 lines 1-25, the client should query the same set of blocks each time … accordingly, if there are z fake items, then the client has z-anonymity in the universe U; Triandopoulos col. 14 lines 27-52, to maintain privacy, an additively homomorphic encryption scheme can be used as follows: The client can encrypt a binary value of 1 for each “real” index being queried and encrypt a binary value of 0 for any chaff such index, and provide these encrypted values to the server), and wherein the hash index is determined according to a query (Triandopoulos col. 10 lines 61-67 and Triandopoulos col. 11 lines 1-18, a client C wants to query whether or not item x is in X, the client simply hashes x using each of the hash function to retrieve the bit indices for x). 	in response to receiving the private query, perform an encrypted lookup into the database according to the private query (Triandopoulos col. 10 lines 61-67 and Triandopoulos col. 11 lines 1-18, a client C wants to query whether or not item x is in X; Triandopoulos col. 14 lines 27-52, to maintain privacy, an additively homomorphic encryption scheme can be used, provide these encrypted values to the server, for each queried Bloom-filter bit b (corresponding to some index i), the server computes b*c.sub.b, where c.sub.b is the unique ciphertext to be used as mask for the bit b in index i and which was provided by the client to the server as part of the query), producing an encryption of the record (Triandopoulos col. 10 lines 61-67 and col. 11 lines 1-18, col. 14 lines 28-52, the server computes b*c.sub.b, client only requires k decryptions for the response); and
	transmit a private reply comprising the encryption of the record to the client (Triandopoulos col. 6 lines 22-33, The client C receives a response 125 from the server S during step 120 based on the transformation of the data element x. The client C then determines whether the data element x is in the data set X during step 130 based on the response. In the various implementations discussed below in conjunction with FIGS. 2 through 7, the response and/or the determination are based on a result of at least one aggregation 135 of a plurality of values that depend on the data element x and at least one item in the data set X;  col. 10 lines 61-67 and col. 11 lines 1-18, col. 14 lines 28-52, the server computes b*c.sub.b, client only requires k decryptions for the response).	It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Triandopoulos, which teaches querying a database using homomorphic hashing of a query input to produce an index to locate a query result record, into the teaching of Kaliski, which teaches clients querying a name server with domain name database using a domain name, to result in the limitations of the claimed invention.
	One of ordinary skilled would be motivated to do so as it is a simple substitution of one known element for another to obtain predictable result, see MPEP 2143 (I) (B). Kaliski teaches using homomorphic encryption for privacy protection (see ¶61-¶62 of Kaliski) when querying a domain name server. However, Kaliski does not explicitly mention the use homomorphic encryption that encrypts a hashing of an index that indicates the location of the domain name record on the name server, as recited in the claim, see MPEP 2143 (I) (B)(1). Triandopoulos teaches query a database server using homomorphic encryption that encrypts a hashing of an index that indicates the location of the domain name record on the database server, see MPEP 2143 (I) (B)(2).  Since both references teach features that are directed to analogous art, such as, querying with privacy preservation, using homomorphic encryption technique, the results of the substitution using Triandopoulos’ method of homomorphic encryption in place of Kaliski’s homomorphic encryption, would have been predictable for one of ordinary skill in the art, see MPEP 2143 (I) (B)(3).  As a result, it is a simple substitution of one known element for another to obtain predictable result and would be obvious to an ordinary skilled in the art, see also In re Fout, 675 F.2d 297, 213 USPQ 532 (CCPA 1982). Furthermore, using index for record location can improve efficiency for location a searched value.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US 20140122476 A1- a tokenizing authority to obtain a tokenized query term that represents a query term, using the tokenized query term to perform a lookup against a tokenized term database.
US 20150039912 A1 - querying of secure databases containing full or partial data values stored using somewhat homomorphic, fully homomorphic, or other encryption scheme(s). 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Vy Huy Ho whose telephone number is (571) 272-3261.  The examiner can normally be reached on Monday - Friday 7:30 am-5:30 pm.
	Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
	If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A. Shiferaw can be reached on (571) 272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
	Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/V.H.H/
Examiner, Art Unit 2497
/MALCOLM CRIBBS/Primary Examiner, Art Unit 2497