DETAILED ACTION

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is in reply to applicant’s Arguments/Remarks posted on 08/10/2022 (hereafter Remarks). Claims 2, 3, 4, and 6 are canceled. Claim 5 is converted to an independent claim. Claims 1 and 5 are pending for consideration.

Response to Arguments
Based on Applicant’s arguments presented in the Remarks rejection under 112d is withdrawn. Other Applicant's arguments in Remarks have been fully considered but they are moot in view of new ground of rejection. 

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1 and 5 are rejected under 35 U.S.C. 103 as being unpatentable over Savanah et al. (US 2019/0163883 A1) (hereafter Savanah), in view of Poon et al. (US 2016/0180343) (hereafter Poon), in view of Buldas et al. (US 2014/0245020), and in view of Kurani et al. (US 10298396) (hereafter Kurani).

Regarding claim 1 Savanah teaches: A method of establishing user identity, the method comprising the steps of (Savanah, in Para. [0007] discloses “The token thus serves as an identifier that allows the real-world item to be referenced from the blockchain.” Savanah, in Para. [0031] discloses “FIG. 6 illustrates a flow chart of a computer implemented method for determining an identifier indicative of the location of a computer software using a distributed hash table” Savanah, in Para. [0014] discloses “the term "user" may be used to refer to a computer-based resourced.”):
 [a user forwarding verification data and a digital signature associated with the verification data to a server;] (Poon)
 [the server checking the digital signature against a public key of the user;] (Poon) 
an operator validating the identity of the user based on the verification data, creating a document verification audit trail in response thereto, and instructing the server to create a blockchain identity entry (Examiner note: operations including data verification are met by formation of meta data within method 100 comprising determination of verification data, signature, keys, and related hash values) (Savanah, in Para. [0105] discloses “The method 100 further includes determining 150 a metadata (M) that comprises the second hash value (H2). Determining 150 a metadata (M) may comprise receiving the metadata (M) from a user, node or data store. The metadata (M) may be included in, for example, in one or more of the 15 places available for the public keys in a P2SH multi-signature first redeem script (RSI) of a transaction on the P2P distributed ledger 14.”);
the server creating a cryptographic hash of the verification data (Examiner note: the verification data comprise license, as stated on p.2, in 2d paragraph; a hash value is generated by a cryptographic process, therefore a cryptographic hash is met by a hash) (Savanah in Para. [0073] discloses “the identifier of the licence may comprise a cryptographic hash of the contents of the licence.”),
and instructing a blockchain smart contract to generate a unique identifier associated with the user and to associate the cryptographic hash of the verification data with the unique identifier; the server encrypting a package of the verification data with the public key of the user (Examiner note: as noted above, the verification data are met by formation of meta data within methods 100 to 800)  (Savanah in Para. [0006] discloses “One area of current research is the use of the blockchain for the implementation of "smart contracts". Savanah in Para. [0110] discloses “The metadata (M) may include the information in a number of ways. In one example, the contents of the information may be included. In a further example, a cryptographic hash of the information may be included.”)
[and returning [[a]] the encrypted package of the verification data to the user] (Buldas)
[without retaining the verification data on the server;] (Kurani) 
and subsequently, the user making a request to a service provider to use a service;  in response, the service provider checking the blockchain smart contract to determine if the identity of the user has been validated (Savanah in Para. [0104] discloses “The first user 23 or second user 24, via the first node 3, second node 7 or another node not otherwise illustrated, may provide any participating node of the DHT 13 a request message such as get(key).”)
sending a blockchain transaction and payment to the blockchain smart contract (Savanah in Para. [0006] discloses “One area of current research is the use of the blockchain for the implementation of "smart contracts".)
once the blockchain transactions is complete and the payment successful, the server instructing the user to send the package of the verification data to the service provider; (Examiner note: as noted above, the verification data are met by formation of meta data within methods 100 to 800) (Savanah in Para. [0064] discloses “The method 100 further includes sending 140, over a communications network 5, the data (Dl), the first hash value (Hl) and the second hash value (H2) to an entry on a distributed hash table 13” Savanah in Para. [0064] discloses “The method 100 also includes determining 150 a metadata (M) that is based on the second hash value (H2) for inclusion on the peer-to-peer distributed ledger 14. In one example, the metadata (M) may be included in a first redeem script (RSI) for inclusion on the peer-to-peer distributed ledger 14.” Savanah in Para. [0066] discloses “The method 600 as illustrated by FIG. 7 verifies ownership of computer software and is performed after the method described above”)
in response to said instructing the user sending the package of the verification data from the user to a service provider (Examiner note: as noted above, server and/or service provider is met by node 3 or 7) (Savanah in Para. [0055] discloses “FIG. 2 illustrates a system 1 that includes a first node 3 that is in communication with, over a communications network 5, a second node 7. The first node 3 has an associated first processing device 21 and the second node 5 has an associated second processing device 27. Examples of the first and second nodes 3, 7 include an electronic device, such as a computer, tablet computer, mobile communication device, computer server etc.”)
encrypted with a public key of the service provider; and the service provider using that package to confirm the identity of the user by checking the contents of the package of the verification data against [[reference to]] the cryptographic hash of the blockchain smart contract (Savanah in Para. [0152] discloses “The method 600 further includes determining 620 a second public key (P2) associated with the second user (U2) from an entry stored on the DHT 13.” Savanah in Para. [0164] discloses “the method 600 may comprise encrypting the executable of the computer software.” Savanah in Para. [0006] discloses “Unlike a traditional contract which would be written in natural language, a smart contract is a machine executable program which comprises rules that can process inputs in order to produce results, which can then cause actions to be performed dependent upon those results”)
Savanah fails to explicitly teach: a user forwarding verification data and a digital signature associated with the verification data to a server;
the server checking the digital signature against a public key of the user;
Poon from the analogous technical field teaches: a user forwarding verification data and a digital signature associated with the verification data to a server (Poon, in Para, [0247] discloses “The digital signature is verified using a digital signature verification scheme (block 220) and it is determined if the verification is successful or not (block 222).” Poon, in Para, [0082] discloses “a second credential is received at the mobile device, which then sends the second credential and a mobile device ID to the server”); 
the server checking the digital signature against a public key of the user (Poon, in Para, [0295] discloses “retrieving a digital signature associated with the transaction data, the digital signature computed by signing the transaction data; verifying the digital signature using a public key” Poon, in Para, [0081] discloses “In analogy to a computer which comprises a memory in communication with a processor via a BUS, the present system comprises a mobile device in communication with a server/gateway over a network.”);
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Savanah, in view of the teaching of Poon which discloses data verification based on digital signature and public key verification scheme in order to improve security of Savanah verification method (Poon, [0081, 0082, 0247, 0295]).
Savanah, as modified by Poon, fails to explicitly teach: and returning the encrypted package of the verification data to the user
Buldas from the analogous technical field teaches: and returning [[a]] the encrypted package of the verification data to the user (Examiner note: verification data package is met by the signature vector 8000 and key-based signed certificate) (Buldas, in Para. [0112] discloses “The core may return the data signature vector 8000 to clients and/or other layers directly” Buldas, in Para. [0119] discloses “it would also be possible to implement an option, whenever a client submits an authentication registration request, to generate and return not only the data signature vector but also a key-based signed certificate, which may be issued by any higher layer system such as the current gateway, aggregator, or even core.”). 
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Savanah, as modified by Poon, in view of the teaching of Buldas which discloses returning the verification/authentication package to the client/user in order to better organize the verification process (Buldas, [0112, 0119]).
Savanah, as modified by Poon and Buldas fails to explicitly teach: without retaining the verification data on the server
Kurani from the analogous technical field teaches: without retaining the verification data on the server (Examiner note: Data packets in Kurani may be processed by a system comprising a processor communicating with the random access memory (RAM). It is understood that storage and deletion of numerical information in RAM (i.e., not retaining data in the memory upon completion the data processing) are standard well documented operations of a computer system and could not be considered as limitations.) (Kurani, in col. 4, ll. 27 – 30 discloses “The memory may be one or more devices (e.g., RAM, ROM, Flash memory, hard disk storage, etc.) for storing data and/or computer code for completing and/or facilitating the various processes described herein” Kurani, in col. 11, ll. 50 – 54 discloses “Such machine-readable media can be any available media that can be accessed by a general purpose or special purpose computer or other machine with a processor. By way of example, such machine-readable media can comprise RAM, ROM, EPROM, EEPROM, CD-ROM”). 
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Savanah, as modified by Poon and Buldas, in view of the teaching of Kurani which discloses processing the verification data without keeping the data on a server in order to better organize and accelerate the verification process (Kurani, [col. 4, ll. 27 – 30, col. 11, ll. 50 – 54]).

Regarding claim 5, claim 5 discloses a system that is substantially equivalent to the method of claim 1. Therefore, the arguments set forth above with respect to claim 1 are equally applicable to claim 5 and rejected for the same reasons.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.  
Any inquiry concerning this communication or earlier communications from the examiner should be directed to VLADIMIR IVANOVICH GAVRILENKO whose telephone number is (313)446-6530.  The examiner can normally be reached on Monday-Friday 7:30-4:30 EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on (571) 272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/VLADIMIR I. GAVRILENKO/Examiner, Art Unit 2431      

/TRANG T DOAN/Primary Examiner, Art Unit 2431