DETAILED ACTION

Claims 1-20 are examined.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The Information Disclosure Statement(s) submitted by applicant on 07/28/2022 has/have been considered. The submission is in compliance with the provisions of 37 CFR § 1.97. Form PTO-1449 signed and attached hereto.

	Notice of Pre-AIA  or AIA  Status

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Wood et al. (US Patent Application No. 20190065764) (Hereinafter Wood) in view of Bayon  et al. (US Patent Application No. 20200387623) (Hereinafter Bayon).

As per claim 1, Wood discloses a system comprising: 
at least one processor (fig 1, para 31); and 
memory coupled to the at least one processor, the memory comprising computer executable instructions that, when executed by the at least one processor, performs a method comprising (fig 1, para 31): 
receiving at least one encrypted token (para 5, encrypting secret data); 
requesting at least one decryption key associated with the at least one encrypted token (para 5, user to retrieve the decryption keys) ; 
based on at least one smart contract (para 5, smart contract), receiving the at least one decryption key(para 5, user to retrieve the decryption keys) ; 
applying the at least one decryption key to the at least one encrypted token (para 5, user to retrieve the decryption keys are used to decrypt the secret); 
receiving at least one decrypted token (fig 2-4,para 16, decrypted secret, and decrypting the encrypted file at the client based on the decrypted secret); 
processing the at least one decrypted token (para 16, decrypt the encrypted document by decrypting the secret key and using the decrypted secret key to decrypt the document); and
transmitting results from the processing of the at least one decrypted token to at least one owner of the at least one encrypted token (para 16, decrypt the encrypted document by decrypting the secret key and using the decrypted secret key to decrypt the document, para 83, obtaining the results). Wood does not explicitly disclose encrypting token and decrypting token, that is well known in the art. For example, Bayon discloses encrypting token (para 50, encrypting the salted information as network token) and decrypting the encrypted token (para 61, decrypt (and, in some embodiments, de-salt) network token). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Wood and Bayon. The motivation would have been to build the network that provide endpoint security solutions (both hardware and software based).  The Examiner notes that this motivation applies to all dependent and/or otherwise subsequently addressed claims.

As per claim 2, claim is rejected  for the same reasons and motivation as claim 1, above. In addition, Bayon discloses  wherein the at least one encrypted token is encrypted with at least one salt and at least one 256-bit encryption algorithm (para 50, Token 267 may be generated using asymmetrical encryption).

As per claim 3, claim is rejected  for the same reasons and motivation as claim 1, above. In addition, Wood discloses, wherein the at least one decryption key is stored on at least one permissioned blockchain (para 4, The blockchain stores metadata, rules, and permissions for each secret document; secret keys used to access the documents are distributed among the key servers that form the Secret Store; and documents are stored in an encrypted form in the distributed content-addressable storage. Validators (blockchain maintainers) enforce the rules and permissions and record transactions associated with storing, accessing, and retrieving the secret documents).

As per claim 4, claim is rejected  for the same reasons and motivation as claim 1, above. In addition, Wood discloses wherein the at least one smart contract comprises at least one rule governing access to the at least one decryption key (para 4,5, a user to retrieve the decryption keys, Secret Store key servers ensure that the user has permission to retrieve the document).

As per claim 5, claim is rejected  for the same reasons and motivation as claim 1, above. In addition, Wood discloses wherein the at least one rule temporally restricts access to the at least one decryption key(fig 1, For a user to retrieve the decryption keys, Secret Store key servers ensure that the user has permission to retrieve the document, para 4, discloses enforces rules).

As per claim 6, claim is rejected  for the same reasons and motivation as claim 1, above. In addition, Wood discloses wherein the at least one rule restricts access to the at least one decryption key based on a classification of the at least one encrypted token (fig 1, For a user to retrieve the decryption keys, Secret Store key servers ensure that the user has permission to retrieve the document, para 4, discloses enforces rules).

As per claim 7, claim is rejected  for the same reasons and motivation as claim 1, above. In addition, Wood discloses wherein processing the at least one decrypted token comprises applying trusted source data matching to the at least one decrypted token (fig 1, para 29, provide data storage and trust distribution).

As per claim 8, claim is rejected  for the same reasons and motivation as claim 1, above. In addition, Wood discloses further comprising receiving at least one revocation notification, revoking access to the at least one decryption key  (para 4,5, 30, the blockchain stores rules and permissions for accessing documents).

As per claim 9, a method for securely managing access to a key using distributed ledger technology, comprising:
 receiving a request to create an encryption key (para 5, generate a new secret key), wherein the encryption key is associated with at least one token (para 5, generate a new secret key, that is used to encrypting secret); 
generating the encryption key (para 5, generate a new secret key); 
generating a decryption key associated with the encryption key (para 5, generate the secret key to encrypt secret and also retrieve the decryption keys to decrypt the secret); 
generating a salt (para 5, The hash of the encrypted document is stored in the Smart Contract, a salt is random data that is used as an additional input to a one-way function that hashes data, a password or passphrase); 
storing the encryption key, the decryption key, and the salt on a permissioned blockchain (fig 1-3, para 19, transmitting the blockchain transaction. para 4-7, the blockchain stores metadata, rules, and permissions for each secret, The blockchain stores metadata, rules, and permissions for each secret document; secret keys used to access the documents) ; 
transmitting the encryption key and the salt to an owner of the at least one token (para 5, The hash of the encrypted document is stored in the Smart Contract. The transactions create an audit trail of the user's actions on the blockchain. For a user to retrieve the decryption keys, Secret Store key servers ensure that the user has permission to retrieve the document); 
receiving at least one rule governing access to the decryption key (para 5, user to retrieve the decryption keys); and 
based on the at least one rule governing access to the decryption key, creating a smart contract on the permissioned blockchain  (para 4-5, The blockchain stores metadata, rules, and permissions for each secret document; secret keys used to access the documents are distributed among the key servers that form the Secret Store; and documents are stored in an encrypted form in the distributed content-addressable storage. Validators (blockchain maintainers) enforce the rules and permissions and record transactions associated with storing, accessing, and retrieving the secret documents, para 16, decrypt the encrypted document by decrypting the secret key and using the decrypted secret key to decrypt the document, para 83, obtaining the results). Wood does not explicitly disclose encrypting token, salted token,  and decrypting token, that is well known in the art. For example, Bayon discloses encrypting token (para 50, encrypting the salted information as network token), salted token (para 44, may use a salt to further increase the entropy of network token), and decrypting the encrypted token (para 61, decrypt (and, in some embodiments, de-salt) network token). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Wood and Bayon. The motivation would have been to build the network that provide endpoint security solutions (both hardware and software based)..

As per claim 10, claim is rejected same reasons as claims 9 and 2, above. 

As per claim 11, claim sis rejected for the same reasons and motivation as claim 9, above. In addition, Bayon discloses further comprising applying the salt to the at least one token to generate a salted token (para 44, may use a salt to further increase the entropy of network token) .

As per claim 12, claim sis rejected for the same reasons and motivation as claim 9, above. In addition, Bayon discloses further comprising applying the at least one encryption key to the salted token to generate an encrypted token  (para 50, encrypting the salted information as network token).

As per claim 13, claim sis rejected for the same reasons and motivation as claim 9, above. In addition, Wood discloses further comprising receiving at least one request to access the decryption key (para 5, user to retrieve the decryption keys).

As per claim 14, claim sis rejected for the same reasons and motivation as claim 9, above. In addition, Wood discloses further comprising querying the smart contract on the permissioned blockchain to analyze the at least one rule governing access to the decryption key (para 5, a transaction is sent to the Smart Contract to set the permissions of the document. The document is then encrypted using the secret key (given by the Secret Store), … The transactions create an audit trail of the user's actions on the blockchain. For a user to retrieve the decryption keys, Secret Store key servers ensure that the user has permission to retrieve the document).

As per claim 15, claim sis rejected for the same reasons and motivation as claim 9, above. In addition, Wood discloses based on the analysis of the at least one rule governing access to the decryption key, granting access to the decryption key (para 4, The blockchain stores metadata, rules, and permissions for each secret document; secret keys used to access the documents are distributed among the key servers that form the Secret Store; and documents are stored in an encrypted form in the distributed content-addressable storage. Validators (blockchain maintainers) enforce the rules and permissions and record transactions associated with storing, accessing, and retrieving the secret documents).

As per claim 16, claim sis rejected for the same reasons and motivation as claim 9, above. In addition, Wood discloses based on the analysis of the at least one rule governing access to the decryption key, denying access to the decryption key (para 4, The blockchain stores metadata, rules, and permissions for each secret document; secret keys used to access the documents are distributed among the key servers that form the Secret Store; and documents are stored in an encrypted form in the distributed content-addressable storage. Validators (blockchain maintainers) enforce the rules and permissions and record transactions associated with storing, accessing, and retrieving the secret documents).

As per claim 17, claim sis rejected for the same reasons and motivation as claim 9, above. In addition, Wood discloses wherein the at least one request to access the decryption key is stored on the permissioned blockchain (para 4, The blockchain stores metadata, rules, and permissions for each secret document; secret keys used to access the documents are distributed among the key servers that form the Secret Store; and documents are stored in an encrypted form in the distributed content-addressable storage. Validators (blockchain maintainers) enforce the rules and permissions and record transactions associated with storing, accessing, and retrieving the secret documents).

As per claim 18, claim sis rejected for the same reasons and motivation as claim 9, above. In addition, Wood discloses further comprising recording the access grant to the decryption key on the permissioned blockchain (para 4, The blockchain stores metadata, rules, and permissions for each secret document; secret keys used to access the documents are distributed among the key servers that form the Secret Store; and documents are stored in an encrypted form in the distributed content-addressable storage. Validators (blockchain maintainers) enforce the rules and permissions and record transactions associated with storing, accessing, and retrieving the secret documents).

As per claim 19, claim sis rejected for the same reasons and motivation as claim 9, above. In addition, Wood discloses further comprising recording the access denial to the decryption key on the permissioned blockchain (para 4, The blockchain stores metadata, rules, and permissions for each secret document; secret keys used to access the documents are distributed among the key servers that form the Secret Store; and documents are stored in an encrypted form in the distributed content-addressable storage. Validators (blockchain maintainers) enforce the rules and permissions and record transactions associated with storing, accessing, and retrieving the secret documents).

As per claim 20, claim is rejected for the same reason and motivation as claim 9, above.
Conclusion

Please see PTO-892 for the prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMAD A SIDDIQI whose telephone number is (571)272-3976. The examiner can normally be reached Monday-Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl G Colin can be reached on 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MOHAMMAD A SIDDIQI/
 Primary Examiner, Art Unit 2493