Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to the Applicant Arguments filed on 09/30/2022.
Claims 1-16 have been examined and are pending. 
Response to Arguments
The objection of claims 3-4, 8-12, and 16 is withdrawn as the claims have been amended.
Applicant’s arguments on page 2-5 of the Pre-appeal filed on 09/30/2022, with respect to the rejection(s) of claim(s) 1 and 9 under 35 U.S.C. 103, have been fully considered and are persuasive. Therefore, the rejections have been withdrawn. However, upon further consideration, a new grounds of rejection is made in view of Wang (W.O 2019027445 A1),  Arora et al. (U.S. 20180349896 A1) and Kohli (U.S. 20180374094 A1)
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claims 1, 6-8, 9, 14-16 are rejected under 35 U.S.C. 103 as being unpatentable over Wang (W.O 2019027445 A1, Hereinafter “Wang”) in view of Arora et al. (U.S. 20180349896 A1, Hereinafter “Arora”) and Kohli (U.S. 20180374094 A1, Hereinafter “Kohli”).
Regarding claim 1, Wang teaches a method for protection of data transfers for internet of things devices using a blockchain, comprising (Wang: [0073] Embodiments provide a method for securely sharing private data between a group of network-enabled devices.”):
receiving, by a receiver of a node in a blockchain network, a data message from an internet of things (IoT) device, the data message being formatted according to an IoT messaging protocol and including at least a device identifier associated with the IoT device and encrypted data (Wang: Para [0015], [0019] “Network nodes can include devices and servers capable of receiving and/or sending data.” [0020] “domain name servers 120 may further be connected to public blockchain 140, which may be a public database of immutable records that is distributed to several nodes” Para [0029-0034] teaches the IOT messaging protocol and the device identifier (public key) Para [0034] “Once the data message comprising the metadata and encrypted private data has been generated, the data message may be sent to the one or more nodes of the distributed database system”);
receiving, by the receiver of the node, a data request from an external device, the data request including at least an external identifier associated with the external device (Wang: Para[0036], [0045] External device (IOT device 102) “the second IOT device 102 may generate an access request for the private data submitted by first IOT device 101. The access request may comprise an identifier for first IOT device 101 and an identifier for second IOT device 102. In one embodiment, the identifiers may be the public keys and/or network addresses of the devices. Once the access request has been received by the one or more nodes of the distributed database system, the requested data may be located and retrieved.”);
verifying, by the node, permission of the external device to access the encrypted data based on at least the external identifier and the device identifier (Wang: Para [0037] “In an embodiment, the one or more nodes may compare the permissions data to the identifier of second IOT device 102.”); and 
transmitting, by the transmitter of the node, the encrypted data to the external device (Para [0037] “the one or more nodes may provide the encrypted private data and metadata thereof to second IOT device 102.”).
Wang does not explicitly teach generating, by a processor of the node in the blockchain network, a new block, including a block header and one or more data values, wherein the one or more data values includes the received data message, which includes (i) at least the device identifier associated with the IoT device from which the data message is received, and (ii) the encrypted data, and wherein the block header includes at least a timestamp, a block reference value, and a data reference value based on the one or more data values; transmitting, by a transmitter of the node in the blockchain network, the generated new block to a plurality of additional nodes in the blockchain network; 
However, in an analogous art, Arora teaches generating, by a processor of the node in the blockchain network, a new block (Arora: para[0048], “In step 326, the blockchain node 112 may receive the transaction request, which may include at least the destination address, the transfer amount, and the digital signature generated by the processing server 102. In step 328, the blockchain node 112 may validate the digital signature and the processing server's access to the associated funds, and may generate a new block for addition to the blockchain”), including a block header and one or more data values, wherein the one or more data values (transaction records) includes the received data message, which includes (i) at least the device identifier associated with the IoT device from which the data message is received, and (ii) the encrypted data (Arora: para [0023-0026], “The blockchain may be comprised of a plurality of blocks. Each block may be comprised of at least a block header and one or more transaction records. Each transaction record may be associated with a blockchain transaction and may include an amount being transferred and an address to which the amount was transferred, and may, in some cases, also include a source, which may be a blockchain address, a digital signature, and/or one or more identifiers identifying prior transaction records that serve as a source of the transferred amount”, “where such identifying information may include a device identifier associated with the recipient device 114 used for communication therewith”), and wherein the block header includes at least a timestamp, a block reference value, and a data reference value based on the one or more data values (Arora: para[0026], “Each block header in a block may be comprised of at least a timestamp, a block reference value, and a transaction reference value.”);
transmitting, by a transmitter of the node in the blockchain network, the generated new block to a plurality of additional nodes in the blockchain network (Arora: para[0048], “In step 330, the new block may be verified and posted to the blockchain, by being transmitted to all of the blockchain nodes 112 and made publicly accessible.”); 
Therefore, as Wang teaches a method for securely sharing private data between a group of network and includes the data message with the device information and the encrypted data, it would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, for the blockchain of Wang to have been update in the manner described in Arora to ensure that information cannot be altered, copied or otherwise manipulated due to the immutability that blockchain provides as suggested by Arora (para[0032]). 
Wang in view of Arora does not explicitly teach confirming, by each additional node of the plurality of additional nodes in the blockchain network, the new block by verifying the block reference value and data reference value; receiving, by the node of the blockchain network, confirmation of the new block from each additional node of the plurality of additional nodes; upon receiving confirmation of the new block, transmitting, by the transmitter of the node in the blockchain network, the new block to all of the blockchain nodes in the blockchain network for addition to the blockchain
However, in an analogous art, Kohli teaches confirming, by each additional node of the plurality of additional nodes in the blockchain network, the new block by verifying the block reference value and data reference value (Kohli: para [0017], [0023], [0035] “the validation module 218 may be configured to validate digital signatures to authenticate the source of updated enrollment information, validate newly generated blocks (e.g., by confirming reference values)”); 
receiving, by the node of the blockchain network, confirmation of the new block from each additional node of the plurality of additional nodes (para [0047], “receiving, by the receiving device of the computing node, an indication of successful validation of the generated new block from at least one of the plurality of blockchain nodes.”); 
upon receiving confirmation of the new block, transmitting, by the transmitter of the node in the blockchain network, the new block to all of the blockchain nodes in the blockchain network for addition to the blockchain (Kohli: para [0023], “Once validation is completed, the newly generated block may be added to the blockchain and provisioned to all of the nodes in the blockchain network 104”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, for the blockchain of the modified Wang to have been update in the manner described in Kohli to prevent tempering and ensure accurate and immutable stored data as suggested by Kohli (para[0026]). 
Regarding claim 6, Wang in view of Arora and Kohli teaches the independent claim 1. Arora teaches wherein the data message further includes a digital signature (Arora:  Para [0048] “the blockchain node 112 may receive the transaction request, which may include at least the destination address, the transfer amount, and the digital signature generated by the processing server 102.”).
Regarding claim 7, Wang in view of Arora and Kohli teaches the dependent claim 6. Arora teaches validating, by the processor of the node, the digital signature prior to generating the new block (Arora: Para [0048], “In step 328, the blockchain node 112 may validate the digital signature and the processing server's access to the associated funds”).
Regarding claim 8, Wang in view of Arora and Kohli teaches the dependent claim 7.  Arora teaches storing, in a memory of the node, a public key of a cryptographic key pair associated with the device identifier (Arora: Para, [0038], “ The memory 206 may be configured to store one or more cryptographic key pairs, each key pair comprising at least a private key and a corresponding public key. ... The memory 206 may also be configured to store any additional data that may be used by the processing server 102 in performing the functions discussed herein, communication data for communicating with blockchain nodes 112 and other computing devices, key generation algorithms, digital signature generation algorithms, etc.”, para[0019], “The cryptographic key pair may be comprised of a private key and a corresponding public key, which may be generated by the sender device 110 or other device and provisioned thereto using standard key generation techniques.”).
Regarding claim 9, Wang teaches a system of protection of data transfers for internet of things devices using a blockchain, comprising (Wang: [0027] FIG. 1 “shows a system for exchanging private data between devices”):
a blockchain network (Wang: [0027] FIG. 1 “In addition, domain name servers 120 may further be connected to public blockchain 140, which may be a public database of immutable records that is distributed to several nodes.”):
an internet of thing (IOT) device (fig.1, para [0027] IOT Device 101):
an external device (fig. 1, IOT Device 102); and
a node in the blockchain network, where the node includes (fig.1, para [0027] “System 100 may comprise domain name servers 120 connected to one or more nodes of a distributed database system, such as first node 131 , second node 132, and nth node 133. The one or more nodes may be capable of communicating over a network”):
a receiver configured to receive a data message from the IoT device, the data message being formatted according to an IoT messaging protocol and including at least a device identifier associated with the IoT device and encrypted data (Wang: Para [0015], [0019] “Network nodes can include devices and servers capable of receiving and/or sending data.” [0020] “domain name servers 120 may further be connected to public blockchain 140, which may be a public database of immutable records that is distributed to several nodes” Para [0029-0034] teaches the IOT messaging protocol and the device identifier (public key) Para [0034] “Once the data message comprising the metadata and encrypted private data has been generated, the data message may be sent to the one or more nodes of the distributed database system”);
the receiver is further configured to receive a data request from an external device, the data request including at least an external identifier associated with the external device (Wang: Para [0036], [0045] External device (IOT device 102) “the second IOT device 102 may generate an access request for the private data submitted by first IOT device 101. The access request may comprise an identifier for first IOT device 101 and an identifier for second IOT device 102. In one embodiment, the identifiers may be the public keys and/or network addresses of the devices. Once the access request has been received by the one or more nodes of the distributed database system, the requested data may be located and retrieved.”);
the node is configured to verify permission of the external device to access the encrypted data based on at least the external identifier and the device identifier (Wang: Para [0037] “In an embodiment, the one or more nodes may compare the permissions data to the identifier of second IOT device 102.”); and 
the transmitter is further configured to transmit the encrypted data to the external device (Para [0037] “the one or more nodes may provide the encrypted private data and metadata thereof to second IOT device 102.”).
Wang does not explicitly teach a processor configured to generate a new block including a block header and one or more data values, wherein the one or more data values includes the received data message, which includes (i) at least the device identifier associated with the IOT device from which the data message is received, and (ii) the encrypted data, and wherein the block header includes including at least a timestamp, a block reference value, and a data reference value based on the one or more data values, and a transmitter configured to transmit the generated new block to a plurality of one or more additional nodes in the blockchain network.
However, in an analogous art, Arora teaches a processor configured to generate a new block (Arora: para[0048], “In step 326, the blockchain node 112 may receive the transaction request, which may include at least the destination address, the transfer amount, and the digital signature generated by the processing server 102. In step 328, the blockchain node 112 may validate the digital signature and the processing server's access to the associated funds, and may generate a new block for addition to the blockchain”), including a block header and one or more data values, wherein the one or more data values includes the received data message, which includes (i) at least the device identifier associated with the IOT device from which the data message is received, and (ii) the encrypted data (Arora: para [0023-0026], “The blockchain may be comprised of a plurality of blocks. Each block may be comprised of at least a block header and one or more transaction records. Each transaction record may be associated with a blockchain transaction and may include an amount being transferred and an address to which the amount was transferred, and may, in some cases, also include a source, which may be a blockchain address, a digital signature, and/or one or more identifiers identifying prior transaction records that serve as a source of the transferred amount”, “where such identifying information may include a device identifier associated with the recipient device 114 used for communication therewith”), and wherein the block header includes at least a timestamp, a block reference value, and a data reference value based on the one or more data values (Arora: para[0026], “Each block header in a block may be comprised of at least a timestamp, a block reference value, and a transaction reference value.”); and
a transmitter configured to transmit the generated new block to a plurality of one or more additional nodes in the blockchain network (Arora: para[0048], “In step 330, the new block may be verified and posted to the blockchain, by being transmitted to all of the blockchain nodes 112 and made publicly accessible.”); 
Therefore, as Wang teaches a method for securely sharing private data between a group of network and includes the data message with the device information and the encrypted data, it would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, for the blockchain of Wang to have been update in the manner described in Arora to ensure that information cannot be altered, copied or otherwise manipulated due to the immutability that blockchain provides as suggested by Arora (para[0032]). 
Wang in view of Arora does not explicitly teach a confirmation process of the new block occurs by the plurality of additional nodes verifying the block reference value and data reference value, wherein the receiver is further configured to receive confirmation of the new block from each additional node of the plurality of additional nodes, upon the receiver receiving confirmation of the new block, the transmitter is further configured to transmit the new block to all of the blockchain nodes in the blockchain network for addition to the blockchain.
However, in an analogous art, Kohli teaches a confirmation process of the new block occurs by the plurality of additional nodes verifying the block reference value and data reference value, wherein (Kohli: para [0017], [0035] “the validation module 218 may be configured to validate digital signatures to authenticate the source of updated enrollment information, validate newly generated blocks (e.g., by confirming reference values)”), 
the receiver is further configured to receive confirmation of the new block from each additional node of the plurality of additional nodes (para [0047], “receiving, by the receiving device of the computing node, an indication of successful validation of the generated new block from at least one of the plurality of blockchain nodes.”),
upon the receiver receiving confirmation of the new block, the transmitter is further configured to transmit the new block to all of the blockchain nodes in the blockchain network for addition to the blockchain (Kohli: para [0023], “Once validation is completed, the newly generated block may be added to the blockchain and provisioned to all of the nodes in the blockchain network 104”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, for the blockchain of the modified Wang to have been update in the manner described in Kohli to prevent tempering and ensure accurate and immutable stored data as suggested by Kohli (para[0026]). 
Regarding claim 14, claim 14 is rejected under the same rational as claim 6.
Regarding claim 15, claim 15 is rejected under the same rational as claim 7.
Regarding claim 16, claim 16 is rejected under the same rational as claim 8.
Claims 2 -3 and 10 -11 are rejected under 35 U.S.C. 103 as being unpatentable over Wang (W.O 2019027445 A1, Hereinafter “Wang”), in view of Arora et al. (U.S. 20180349896 A1, Hereinafter “Arora”), Kohli (U.S. 20180374094 A1, Hereinafter “Kohli”), and Georgiadis et al. (U.S 20180137512 A1, Hereinafter “Georgiadis”).
Regarding claim 2, Wang in view of Arora and Kohli teaches the independent claim 1.
Wang in view of Arora and Kohli does not explicitly teach wherein verifying permission of the external device includes transmitting, by the transmitter of the node, the external identifier and device identifier to an active directory system, and receiving, by the receiver of the node, a verification result from the active directory system, where the verification result indicates successful verification of the permission of the external device.
However, in an analogous art, Georgiadis teaches wherein verifying permission of the external device includes transmitting, by the transmitter of the node, the external identifier and device identifier to an active directory system (Para [0149-150] [0164] “the user device sends 404 the collected information, including one or more of the recipient identifier, information identifier, user credentials, and user answers and one or more of an electronic address or other identifier of the user device and an identifier of an application, to the verification system over a secure channel using a cryptographic system.”), and
receiving, by the receiver of the node, a verification result from the active directory system, where the verification result indicates successful verification of the permission of the external device (Para [0164] [0270]“The verification system forwards the consent or permission to the target device to enable execution of the software or access of the media. Alternatively, the information provider system sends the consent or permission directly to the target device and a notification of same to the verification system and optionally the user device.”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teaching of Georgiadis into the modified method of Wang to include the verification process as described in Georgiadis because it can enable secure, low-risk, and low-cost transaction mechanisms to exchange restricted information between devices as suggested by Georgiadis (Para. [0049]).
Regarding claim 3, Wang in view of Arora and Kohli teaches the independent claim 1.
Wang in view of Arora and Kohli does not explicitly teach wherein verifying permission of the external device includes transmitting, by the transmitter of the node, the device identifier to an active directory system, receiving, by the receiver of the node, a list of identifiers associated with the device identifier from the active directory system, and verifying, by the processor of the node, that the external identifier is included in the received list of identifier.
However, in an analogous art, Georgiadis teaches wherein verifying permission of the external device includes transmitting, by the transmitter of the node, the device identifier to an active directory system (Para [0135] [272] fig. 10B “sends an attribute request and a blockchain address verification request from verifier 1020 (or information provider 636 or target device 102) to principal 1002 (or one of user or user device 102). The attribute request and blockchain address verification request typically includes a token and list of keys, each corresponding to a part of the principal's identity.”), 
receiving, by the receiver of the node, a list of identifiers associated with the device identifier from the active directory system (Para[0272] “the principal (or the user or user device) sends, by a public or private channel, her public electronic address, a signature of the token using the public electronic address and the private key, a list of attribute values corresponding to the received keys, and a list of secret salts used for hashing the keys and the values in a blockchain address verification reply from principal 1002”), and 
verifying, by the processor of the node, that the external identifier is included in the received list of identifier (Para [0272] “wherein verifier 1020 (or information provider 636 or target device 102) verifies the hashes of the secret salts and attributes.”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teaching of Georgiadis into the modified method of Wang to include the verification process as described in Georgiadis because it can enable secure, low-risk, and low-cost transaction mechanisms to exchange restricted information between devices as suggested by Georgiadis (Para. [0049]).
Regarding claim 10, claim 10 is rejected under the same rational as claim 2.
Regarding claim 11, claim 11 is rejected under the same rational as claim 3.
Claims 4-5 and 12-13 are rejected under 35 U.S.C. 103 as being unpatentable over Wang (W.O 2019027445 A1, Hereinafter “Wang”), in view of Arora et al. (U.S. 20180349896 A1, Hereinafter “Arora”), Kohli (U.S. 20180374094 A1, Hereinafter “Kohli”), and Padmanabhan (U.S 20200374106 A1, Hereinafter “Padmanabhan”).
Regarding claim 4, Wang in view of Arora and Kohli teaches the independent claim 1.
Wang in view of Arora and Kohli does not explicitly teach wherein verifying permission of the external device includes storing, in a memory of the node, a list of identifiers associated with the device identifier, and verifying, by the processor of the node, that the external identifier is included in the received list of identifiers.
However, in an analogous art, Padmanabhan teaches wherein verifying permission of the external device includes storing, in a memory of the node, a list of identifiers associated with the device identifier (Para [0531] fig. 11 A-C “store the data on the blockchain where the object and metadata will include the owning entity UUID or similar identifier and a set of indicators to identify the object, record, field or similar component of the data that is designated as private (Block 1103).”), and 
verifying, by the processor of the node, that the external identifier is included in the received list of identifiers (Para [0535] fig. 11C “after the private data is stored in the blockchain, then any node that seeks to service a request to access the protected data (Block 1131) makes an initial check of the UUID of the requestor and/or identification information of the requested data against the forgotten UUID/data list”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filing date of the claimed invention, for the verification process of Wang to have been update in the manner described in Padmanabhan in order to ensure secure data transfer as suggested by Padmanabhan (Para. [0340]).
Regarding claim 5,  Wang in view of Arora and Kohli and further in view of Padmanabhan teaches the dependent claim 4. Padmanabhan teaches wherein the list of identifiers is stored in an earlier block in a blockchain that includes the generated new block (Padmanabhan:  para [00533] “These encrypted shared secrets are stored as metadata for the associated transaction data upon consensus for committing the transaction to the blockchain”).
Regarding claim 12, claim 12 is rejected under the same rational as claim 4.
Regarding claim 13, claim 13 is rejected under the same rational as claim 5.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LYDIA L NOEL whose telephone number is (571)272-1628. The examiner can normally be reached Monday - Friday 9:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on (571) 272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/L.L.N./
Examiner, Art Unit 2437      

/BENJAMIN E LANIER/            Primary Examiner, Art Unit 2437