DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 08/24/2025 has been entered.
Response to Amendment
The Amendment filed on October 24, 2025 has been entered. Claim 1 was amended. As a result, claims 1-20 are pending, of which claims 1, and 8 are in independent form.
Applicant’s arguments regarding the claim 1 does not obviate the claim rejection under 35 U.S.C. 112 (a), therefore Examiner maintains the 35 U.S.C. 112 (a) rejection.
Response to Arguments
Applicant’s arguments with respect to claim(s) are rejected, under 35 USC 103(a), have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter.
On page 5 of remarks, Applicant asserts that claim 1 has been amended by removing “first specified location” and “second specified location”. The amendment has been entered but does not resolve the written description or obviousness issues. The specification still fails to explain what the claimed “instructions” are and how they perform validation and downloading.
Dr. Brogioli’s declaration was reviewed and his expertise was acknowledged, but his statements are general and do not address the missing disclosure or prior art findings. The declaration, therefore does not overcome the 112(a) or 103 rejections.
Rejection of Claims 1-20 Under the Written Description Requirement
It is noted that Ariad Pharms v. Eli Lilly sets the correct test, whether the specification shows that the inventor processed the invention as of filling, however, the disclosure does not meet the test. The rejection is about lack of any algorithm regarding the “validation process” or “downloading” based on the agreement. Paragraph [0041] is merely states the trust is validated without showing any instructions (i.e. Specifically, in step 901 a process is carried out to validate that remote system 550 meets trust requirements specified in smart contract 200, a copy of which 600 may be stored locally in the remote system 550. Remote system 550 executes validating steps specified in the smart contract, either initiated by smart contract 200 or locally in copy 600. Once validated, in step 902 program 130 is transferred to the remote location 550 in encrypted form. Program 130 may be transferred from secure edge 160 or from a third party server). Therefore, the 112(a) rejection is maintained.
Moreover, the claims do not invoke § 112(f). The earlier MPEP citations only illustrates the general rule “If the specification does not provide a disclosure of sufficient corresponding structure, materials, or acts that perform the entire claimed function of a means- (or step-) plus- function limitation in a claim under 35 U.S.C. 112(f) or the sixth paragraph of pre-AIA 35 U.S.C. 112, "the applicant has in effect failed to particularly point out and distinctly claim the invention" as required by the 35 U.S.C. 112(b) [or the second paragraph of pre-AIA 35 U.S.C. 112].”. Therefore, the means-plus-function argument is irrelevant.
Paragraph [0038] describes only a utility that gathers “fingerprints” and determines a probability that execution occurs at an expected location “i.e. the collected information is then used by a verification program running at the secure edge 160 that uses the collected environmental “finger prints” to determine a probability that the environment where the python pickle object was executed is actually the location expected and that there are no additional unwanted (e.g. malicious) programs running at the remote location 550…”. It is noted that the expert opinion cannot supply missing disclosure and does not overcome the written-description deficiency.
On page 8 of remarks, Applicant argues that “As Dr. Brogioli explains, the present Application describes many "species" of "validating the execution environment". The issue is not the number of examples but the absence of any fully described implementation. Therefore, the 112(a) rejection is maintained.
Further, the paragraph [0038] describes “executable data is implemented as a python pickle object that auto executes when the pickle object is opened running a utility program that collects information on the local environment using standard Linux utilities such as traceroute, TOP, retrieving configuration files or directory structures, or using cat to collect memory and CPU related information. The collected information is then used by a verification program running at the secure edge 160 that uses the collected environmental “finger prints” to determine a probability that the environment where the python pickle object was executed is actually the location expected and that there are no additional unwanted (e.g. malicious) programs running at the remote location 550”. The passage describes data collection and return, not the algorithm or logic for determining validation. Implementing executable data as a python pickle object that auto executes when the pickle object is opened running a utility program that collects information on the local environment using standard Linux utilities such as traceroute, TOP, retrieving configuration files or directory structures, or using cat to collect memory and CPU related information… does not add missing implementation detail and does not overcome the written-description deficiency.
Vasudevan
Vasudevan actually supports the office’s position: a concrete technique must be disclosing for the claimed function. Applicant’s specific action provides no description for executing validation or downloading. Therefore, Possession is not shown.
Environment and Process
The examiner does not require explicit Linux commands, only disclosure showing how smart agreement performs the downloading or validation. Moreover, knowledge of tools like wget or ftp does not demonstrate that the inventor described their use within the claimed system. Dr. Brogioli’s statements does not relate written description.
Assertions that a POSITA could easily add missing instructions or that prior actions lacked a 112(a) rejection do not establish compliance. Written description depends on what the inventor disclosed, not what is obvious or known. Because the specification still lacks of steps validation and downloading, the 112 (a) is maintained. The specification provides only high-level statements of results without any algotithm , structures or instructions showing possession of the claimed “validation process” or “downloading by agreement”. Therefore, the rejection under 35 USC § 112(a) is maintained.
Further, in regards to the recited claim limitation "instructions contained in the agreement to validate the execution environment ..." and "executing validating steps specified in the agreement. ..." in paragraphs 0035, 0038, and 0041, although the specification refers generally to “validating the execution environment”, the disclosure does not describe how the validation is actually performed and nor does it specify steps or algorithms that carry out the validation.
Dr Brogioli’s declaration has been carefully considered; however, it does not overcome the rejection under 35 U.S.C 112(a). The specification fails to provide sufficient written-description for the claimed “validation” feature. A declaration cannot cure missing disclosure in the original application.
Although the specification repeatedly states "instructions" in the smart agreement/contract to perform validation, the disclosure does not identify what those instructions actually are. As a result, a POSITA cannot determine what specific instructions exist and how they validate the execution environment.
The examiner acknowledges that claim 8 recites "A computer implemented method executed by a secure machine for securely executing a program subject to conditions specified in an agreement, comprising: receiving a request from a user machine to execute the program and in response obtaining instructions from the agreement; executing validation process by executing validating steps specified in the agreement to validate that the secure machine meets trust requirements specified in the agreement; obtaining validation approval and in response downloading the program from a service provider server onto the secure machine; downloading data from the user machine onto the secure machine; running the program using the data on the secure machine; transmitting output of the data from the secure machine to the user machine; and, deleting the program and the data from the secure machine.". In regards to the recited claim limitation " executing validation process by executing validating steps specified in the agreement ..." in paragraphs 0035, 0038, and 0041, although the specification refers generally to “executing validation process”, the disclosure does not describe how the validation is actually performed and nor does it specify steps or algorithms that carry out the validation.
Dr Brogioli’s declaration has been carefully considered; however, it does not overcome the rejection under 35 U.S.C 112(a). The specification fails to provide sufficient written-description for the claimed “validation” feature. A declaration cannot cure missing disclosure in the original application.
Although the specification repeatedly states "instructions" in the smart agreement/contract to perform validation, the disclosure does not identify what those instructions actually are. As a result, a POSITA cannot determine what specific instructions exist and how they validate the execution environment. Therefore, the 112(a) rejection is maintained.
In view of Applicant’s argument regarding 112(a) rejection in reference to claim 8, Applicant’s argument is persuasive the examiner withdraws the rejection for the cited limitations “use instructions contained within the agreement to download the program from a first specified location in the service provider server;”, and “use instructions contained within the agreement to download data from a second specified location in the user machine”. However, claim 8 remains rejected under 112(a) for the same reasons.
Further, Applicant argues that “The Combined References Do Not Teach or Suggest all elements of Claim 1”. Applicant’s arguments, with respect to the rejection(s) of claim(s) 1 and 8 have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of Wei et al. US 20200167503 A1), hereinafter Wei in view of Schultz et al. (US 2020/0092364 A1) to teach the cited claim limitations. The same reasons apply to independent claims 2-7, and 9-20 at least virtue of their dependencies. Therefore, the examiner maintains the rejection under 35 USC § 103.
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.
Claims 1- 20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AlA), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AlA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.
Claim 1 recites the limitations “use instructions contained in the agreement to validate execution environment of the one or more processors;”, “the secure machine meets trust requirements specified in the agreement”, “use instructions contained within the agreement to download the program from the service provider server;”, and “use instructions contained within the agreement to download data from in the user machine;”. The full scope of the claim covers executing validation process. However, the specification does not have support such a full scope of the claim.
Note though that a claim will not be found inadequate on section 112(a) ground simply because the embodiments of the specification do not contain examples explicitly covering the full scope of the claim language. That is because the patent specification is written for a person of ordinary skill in the art, and such a person comes to the patent disclosure with the knowledge of what has come before. While a claim will not usually be limited to a particular species described in the specification, it is clear from the non-provisional specification in this application that the disclosed functions expressions are critical to the functioning of the claimed intentionally withheld from being provided. Applicant has not provided enough support in the specification as to what the validation process is and the instructions contained in the agreement to validate execution environment are not defined in the disclosure. Further, the disclosure does not describe how the validation is actually performed and nor does it specify steps or algorithms that carry out the validation. In addition, there is no indication in the specification that the program was downloaded from the service provider server. Moreover, the disclosure does not specify download data from the user machine.
Claim 8 recites “executing validation process by collecting data to validate that the secure machine meets trust requirements specified in the agreement;”.
According to MPEP 2161.01, "computer-implemented functional claim language must still be evaluated for sufficient disclosure under the written description". And MPEP 2161.01(I) “generic claim language in the original disclosure does not satisfy the written description requirement if it fails to support the scope of the genus claimed. For computer- implemented inventions, the determination of the sufficiency of disclosure will require an inquiry into the sufficiency of both the disclosed hardware and the disclosed software due to the interrelationship and interdependence of computer hardware and software. The critical inquiry is whether the disclosure of the application relied upon reasonably conveys to those skilled in the art that the inventor had possession of the claimed subject matter as of the filing date.
In the instant application, the disclosure of the application relies on essential matter which fails to convey to those skilled in the art that the inventor had possession of the claimed subject matter as of the filing date. The instant application’s specification discloses in step 901 a process is carried out to validate that remote system 550 meets trust requirements specified in smart contract 200, a copy of which 600 may be stored locally in the remote system 550, see paragraph [0041]. The instant application’s specification fails to provide structure support for the claim limitations of “executing validation process by collecting data to validate that the secure machine meets trust requirements specified in the agreement;”. The disclosure does not describe how the validation is actually performed and nor does it specify steps or algorithms that carry out the validation.
Further, as noted with discussion of comparison of conventional examples. Thus, given the state of this technology, one of ordinary skill in the art would not have recognized that the inventor possessed the full scope of the claimed genus. As a result, there is no evidence in the non-provisional specification that the inventor had possession of all ways and genus of performing the function.
AS in MPEP 2161.01 “For instance, generic claim language in the original disclosure does not satisfy the written description requirement if it fails to support the scope of the genus claimed. Ariad, 598 F.3d at 1349-50, 94 USPQ2d at 1171 ("[A]n adequate written description of a claimed genus requires more than a generic statement of an invention’s boundaries.") (citing Eli Lilly, 119 F.3d at 1568, 43 USPQ2d at 1405-06); Enzo Biochem, Inc. v. Gen-Probe, Inc., 323 F.3d 956, 968, 63 USPQ2d 1609, 1616 (Fed. Cir. 2002) (holding that generic claim language appearing in ipsis verbis in the original specification did not satisfy the written description requirement because it failed to support the scope of the genus claimed); Fiers v. Revel, 984 F.2d 1164, 1170, 25 USPQ2d 1601, 1606 (Fed. Cir. 1993) (rejecting the argument that "only similar language in the specification or original claims is necessary to satisfy the written description requirement").”
“The Federal Circuit has explained that a specification cannot always support expansive claim language and satisfy the requirements of 35 U.S.C. 112 "merely by clearly describing one embodiment of the thing claimed." LizardTech v. Earth Resource Mapping, Inc., 424 F.3d 1336, 1346, 76 USPQ2d 1731, 1733 (Fed. Cir. 2005). The issue is whether a person skilled in the art would understand applicant to have invented, and been in possession of, the invention as broadly claimed. In LizardTech, claims to a generic method of making a seamless discrete wavelet transformation (DWT) were held invalid under 35 U.S.C.112, first paragraph, because the specification taught only one particular method for making a seamless DWT and there was no evidence that the specification contemplated a more generic method. "[T]he description of one method for creating a seamless DWT does not entitle the inventor . . . to claim any and
all means for achieving that objective." LizardTech, 424 F.3d at 1346, 76 USPQ2d at 1733.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-14, 17-20 are rejected under 35 U.S.C. 103 as being unpatentable over Wei et al. (US 2020/0167503 A1), hereinafter Wei in view of Schultz et al. (US 2020/0092364 A1), hereinafter Schultz.
In regards to claim 1, Wei discloses a system for executing a program obtained from a service provider server using data obtained from a user machine, comprising (Wei, Para. 0132, in response to an invoking transaction initiated by a client with respect to a target smart contract, encrypted smart contract codes of the target smart contract stored in the distributed ledgers of the blockchain are obtained, and the encrypted smart contract codes of the target smart contract are transmitted to the trusted execution environment):
a non-transitory computer readable medium storing a plurality of instructions, which when executed, cause the one or more processors to, upon receiving instructions to execute the program, perform the steps (Wei, Para. 0144, it is formed by reading the corresponding computer program instructions in the non-volatile memory into the memory through the processor of the electronic device where it is located):
one or more processors (Wei, Para. 0144, it is formed by reading the corresponding computer program instructions in the non-volatile memory into the memory through the processor of the electronic device where it is located);
a storage storing an agreement therein (Wei, Para. 0022, obtaining encrypted contract codes of a target smart contract stored in the distributed ledgers of the blockchain); and
obtain the agreement from the storage (Wei, Para. 0022, obtaining encrypted contract codes of a target smart contract stored in the distributed ledgers of the blockchain);
decrypt the agreement (Wei, Para. 0022, executing the decrypted contract codes of the target smart contract in the trusted execution environment); use instructions contained in the agreement to validate execution environment of the one or more processors (Wei, Para. 0089, the user can construct an invoking transaction on the client for invoking the target smart contract, and transmit the transaction to a blockchain node device interlinked with the client, to initiate the invoking and execution of the target smart contract that has been deployed) and (Wei, Para. 0090, Upon receiving the invoking transaction transmitted by the client, the node device in the blockchain can still check whether the transaction is valid and whether the format is correct, and verify whether the signature of the transaction is valid, etc.. After all checks and verifications have been passed, the invoking transaction is executed in the trusted execution environment);
Wei does not explicitly disclose use instructions contained within the agreement to download the program from the service provider server;
use instructions contained within the agreement to download data from the user machine; run the program on the one or more processors using the data.
However, Schultz teaches use instructions contained within the agreement to download the program from the service provider server (Schultz, Para. 0064, At block 414, the processor 104 may select an asset from a ledger of the owner. At block 416, the processor 104 may execute a smart contract to determine a time frame of the asset use. At block 418, the processor 104 may execute a smart contract to download the asset. At block 420, the processor 104 may check if the asset is downloaded successfully. At block 422, the processor 104 may execute a smart contract to log an asset transfer transaction onto the blockchain in response to the successful download of the asset);
use instructions contained within the agreement to download data from the user machine (Schultz, Para. 0008, selecting, by the recipient node, an asset from a ledger of the owner, executing, by the recipient node, a smart contract to determine a time frame of the asset use, executing, by the recipient node, a smart contract to download the asset to the recipient node, checking, by the recipient node, if the asset is downloaded successfully, and in response to the successful download of the asset, executing, by the recipient node, a smart contract to log an asset transfer transaction onto the blockchain); run the program on the one or more processors using the data (Schultz, Para. 0069, the server 554 is a blockchain network peer component that holds a copy of the world state and a distributed ledger allowing clients 552 and 556 to query data on the world state as well as submit transactions into the blockchain network where, depending on the smart contract 530 and endorsement policy, endorsing peers will run the smart contracts 530).
Wei and Schultz are both considered to be analogous to the claim invention because they are in the same field of executing by a secure server for securely executing a program in the cloud services based on a contract, e.g., smart contract. Therefore, it would have been obvious to someone ordinary skill in the art before the effective filling date of the claimed invention to have modified Wei to incorporate the teachings of Schultz to include use instructions contained within the agreement to download the program from the service provider server (Schultz, Para. 0064); use instructions contained within the agreement to download data from the user machine (Schultz, Para. 0008); run the program on the one or more processors using the data (Schultz, Para. 0069). Doing so would aid each end user to have its own ledger copy to access. Multiple organizations (and peers) may be on-boarded on the blockchain network. The key organizations may serve as endorsing peers to validate the smart contract execution results, read-set and write-set. In other words, the blockchain inherent features provide for efficient implementation of a method for management of digital assets in blockchain networks (Schultz, Para. 0034).
In regards to claim 2, the combination of Wei in view of Schultz teaches the system of claim 1, wherein the instructions are configured to cause the one or more processors to run the program (Schultz, Para. 0069, the server 554 is a blockchain network peer component that holds a copy of the world state and a distributed ledger allowing clients 552 and 556 to query data on the world state as well as submit transactions into the blockchain network where, depending on the smart contract 530 and endorsement policy, endorsing peers will run the smart contracts 530), using the data, contingent on validating the execution environment of the one or more processors (Wei, Para. 0090, Upon receiving the invoking transaction transmitted by the client, the node device in the blockchain can still check whether the transaction is valid and whether the format is correct, and verify whether the signature of the transaction is valid, etc.. After all checks and verifications have been passed, the invoking transaction is executed in the trusted execution environment). Therefore, it would have been obvious to someone ordinary skill in the art before the effective filling date of the claimed invention to have modified Wei to incorporate the teachings of Schultz to include wherein the instructions are configured to cause the one or more processors to run the program (Schultz, Para. 0069). Doing so would aid each end user to have its own ledger copy to access. Multiple organizations (and peers) may be on-boarded on the blockchain network. The key organizations may serve as endorsing peers to validate the smart contract execution results, read-set and write-set. In other words, the blockchain inherent features provide for efficient implementation of a method for management of digital assets in blockchain networks (Schultz, Para. 0034).
In regards to claim 3, the combination of Wei in view of Schultz teaches the system of claim 1, wherein the one or more processors validates the execution environment by performing the steps: collecting parameters concerning the execution environment and sending the parameters to the second specified location (Wei, Para. 0046, The value field is the value of the ether in Ethereum. The data field stores the method and parameter for invoking the smart contract. After the smart contract is invoked, the value of balance can change. Subsequently, a client can view the current value of balance through a blockchain node (such as node 6 in FIG. 2).
In regards to claim 4, the combination of Wei in view of Schultz teaches the system of claim 1, wherein an attribute of the agreement is stored to a blockchain (Wei, Para. 0132, encrypted smart contract codes of the target smart contract stored in the distributed ledgers of the blockchain are obtained, and the encrypted smart contract codes of the target smart contract are transmitted to the trusted execution environmen).
In regards to claim 5, the combination of Wei in view of Schultz teaches the system of claim 1, wherein the one or more processors further performs the step: transmit an output from the program and issues a report indicating that the output was transmitted (Schultz, Para. 0059, An event is emitted, to notify the client application that the transaction (invocation) has been immutably appended to the chain, as well as to notify whether the transaction was validated or invalidated). Therefore, it would have been obvious to someone ordinary skill in the art before the effective filling date of the claimed invention to have modified Wei to incorporate the teachings of Schultz to include transmit an output from the program and issues a report indicating that the output was transmitted (Schultz, Para. 0059). Doing so would aid each end user to have its own ledger copy to access. Multiple organizations (and peers) may be on-boarded on the blockchain network. The key organizations may serve as endorsing peers to validate the smart contract execution results, read-set and write-set. In other words, the blockchain inherent features provide for efficient implementation of a method for management of digital assets in blockchain networks (Schultz, Para. 0034).
In regards to claim 6, the combination of Wei in view of Schultz teaches the system of claim 5, wherein the one or more processors further performs the step: after sending the output deleting the program and the data (Wei, Para. 0025, a second returning module configured to, if the target smart contract is a managed smart contract, delete the execution result of the contract codes of the target smart contract, and return a prompt message of failure in invoking the target smart contract to the client).
In regards to claim 7, the combination of Wei in view of Schultz teaches the system of claim 6, wherein the one or more processors further performs the step: after deleting the program, sending delete indication to confirm the program was deleted (Wei, Para. 0025, a second returning module configured to, if the target smart contract is a managed smart contract, delete the execution result of the contract codes of the target smart contract, and return a prompt message of failure in invoking the target smart contract to the client).
In regards to claim 8, Wei discloses a computer implemented method executed by a secure machine for securely executing a program subject to conditions specified in an agreement, comprising (Wei, Para. 0132):
receiving a request from a user machine to execute the program and in response obtaining instructions from the agreement (Wei, Para. 0022, obtaining encrypted contract codes of a target smart contract stored in the distributed ledgers of the blockchain);
executing validation process by executing validating steps specified in the agreement to validate that the secure machine meets trust requirements specified in the agreement (Wei, Para. 0089, the user can construct an invoking transaction on the client for invoking the target smart contract, and transmit the transaction to a blockchain node device interlinked with the client, to initiate the invoking and execution of the target smart contract that has been deployed) and (Wei, Para. 0090, Upon receiving the invoking transaction transmitted by the client, the node device in the blockchain can still check whether the transaction is valid and whether the format is correct, and verify whether the signature of the transaction is valid, etc.. After all checks and verifications have been passed, the invoking transaction is executed in the trusted execution environment); and,
deleting the program and the data from the secure machine (Wei, Para. 0025, a second returning module configured to, if the target smart contract is a managed smart contract, delete the execution result of the contract codes of the target smart contract, and return a prompt message of failure in invoking the target smart contract to the client).
Wei does not explicitly disclose obtaining validation approval and in response downloading the program from the service provider server onto the secure machine;
downloading data from the user machine onto the secure machine,
running the program using the data on the secure machine;
transmitting output of the data from the secure machine to the user machine;
However, Schultz teaches obtaining validation approval and in response downloading the program from the service provider server onto the secure machine (Schultz, Para. 0028, When a client sends the transaction to the peers specified in the endorsement policy, the transaction is executed to validate the transaction. After validation, the transactions enter an ordering phase in which a consensus protocol is used to produce an ordered sequence of endorsed transactions grouped into blocks);
downloading data from the user machine onto the secure machine (Schultz, Para. 0028, another type of node is a peer node which can receive client submitted transactions, commit the transactions and maintain a state and a copy of the ledger of blockchain transaction),
running the program using the data on the secure machine (Schultz, Para. 0069, the server 554 is a blockchain network peer component that holds a copy of the world state and a distributed ledger allowing clients 552 and 556 to query data on the world state as well as submit transactions into the blockchain network where, depending on the smart contract 530 and endorsement policy, endorsing peers will run the smart contracts 530);
transmitting output of the data from the secure machine to the user machine (Schultz, Para. 0059, An event is emitted, to notify the client application that the transaction (invocation) has been immutably appended to the chain, as well as to notify whether the transaction was validated or invalidated);
Wei and Schultz are both considered to be analogous to the claim invention because they are in the same field of executing by a secure server for securely executing a program in the cloud services based on a contract, e.g., smart contract. Therefore, it would have been obvious to someone ordinary skill in the art before the effective filling date of the claimed invention to have modified Wei to incorporate the teachings of Schultz to include obtaining validation approval and in response downloading the program from the service provider server onto the secure machine (Schultz, Para. 0028); downloading data from the user machine onto the secure machine (Schultz, Para. 0028), running the program using the data on the secure machine (Schultz, Para. 0069); transmitting output of the data from the secure machine to the user machine (Schultz, Para. 0059). Doing so would aid each end user to have its own ledger copy to access. Multiple organizations (and peers) may be on-boarded on the blockchain network. The key organizations may serve as endorsing peers to validate the smart contract execution results, read-set and write-set. In other words, the blockchain inherent features provide for efficient implementation of a method for management of digital assets in blockchain networks (Schultz, Para. 0034).
In regards to claim 9, the combination of Wei in view of Schultz teaches the method of claim 8, further comprising transmitting validation data to the user machine (Wei, Para. 0114, if asymmetric encryption method is applied, the public key in the root key can be transmitted to the user to be held by the user).
In regards to claim 10, the combination of Wei in view of Schultz teaches the method of claim 9, wherein the program is downloaded from a service provider machine (Schultz, Para. 0064, At block 414, the processor 104 may select an asset from a ledger of the owner. At block 416, the processor 104 may execute a smart contract to determine a time frame of the asset use. At block 418, the processor 104 may execute a smart contract to download the asset. At block 420, the processor 104 may check if the asset is downloaded successfully. At block 422, the processor 104 may execute a smart contract to log an asset transfer transaction onto the blockchain in response to the successful download of the asset). Therefore, it would have been obvious to someone ordinary skill in the art before the effective filling date of the claimed invention to have modified Wei to incorporate the teachings of Schultz to include wherein the program is downloaded from a service provider machine (Schultz, Para. 0064). Doing so would aid each end user to have its own ledger copy to access. Multiple organizations (and peers) may be on-boarded on the blockchain network. The key organizations may serve as endorsing peers to validate the smart contract execution results, read-set and write-set. In other words, the blockchain inherent features provide for efficient implementation of a method for management of digital assets in blockchain networks (Schultz, Para. 0034)
In regards to claim 11, the combination of Wei in view of Schultz teaches the method of claim 10, wherein executing validation process comprises collecting parameters concerning the secure machine and sending the parameters to the user machine (Wei, Para. 0046, The value field is the value of the ether in Ethereum. The data field stores the method and parameter for invoking the smart contract. After the smart contract is invoked, the value of balance can change. Subsequently, a client can view the current value of balance through a blockchain node (such as node 6 in FIG. 2).
In regards to claim 12, the combination of Wei in view of Schultz teaches the method of claim 10, wherein executing validation process comprises collecting parameters concerning the secure machine and sending the parameters to a validation machine (Wei, Para. 0082, the node device will fill the hash value of the smart contract codes in the creation transaction to the codehash field, and the creation transaction is packaged to a block and transmits it to other node devices in the blockchain, and stores it in distributed ledgers of the blockchain).
In regards to claim 13, the combination of Wei in view of Schultz teaches the method of claim 8, wherein obtaining instructions from the agreement comprises downloading the agreement from a validation machine and decrypting the agreement in the secure machine (Wei, Para. 0013, the node device being installed with a trusted execution environment. The apparatus includes: an obtaining module configured to, in response to an invoking transaction initiated by a client with respect to a target smart contract, obtain encrypted contract codes of a target smart contract stored in distributed ledgers of the blockchain, and transmit the encrypted contract codes of the target smart contract to the trusted execution environment; a determining module configured to obtain a smart contract management rule, and determine in the trusted execution environment whether the target smart contract is a managed smart contract based on the smart contract management rule; a decrypting module configured to, if the target smart contract is not a managed smart contract, extract a decryption key which is stored in the trusted execution environment and corresponding to the contract codes of the target smart contract, and based on the extracted decryption key, decrypt the contract codes of the target smart contract; and an executing module configured to execute the decrypted contract codes of the target smart contract in the trusted execution environment).
In regards to claim 14, the combination of Wei in view of Schultz teaches the method of claim 8, wherein obtaining instructions from the agreement comprises downloading the agreement from the user machine and decrypting the agreement in the secure machine (Wei, Para. 0013, the node device being installed with a trusted execution environment. The apparatus includes: an obtaining module configured to, in response to an invoking transaction initiated by a client with respect to a target smart contract, obtain encrypted contract codes of a target smart contract stored in distributed ledgers of the blockchain, and transmit the encrypted contract codes of the target smart contract to the trusted execution environment; a determining module configured to obtain a smart contract management rule, and determine in the trusted execution environment whether the target smart contract is a managed smart contract based on the smart contract management rule; a decrypting module configured to, if the target smart contract is not a managed smart contract, extract a decryption key which is stored in the trusted execution environment and corresponding to the contract codes of the target smart contract, and based on the extracted decryption key, decrypt the contract codes of the target smart contract; and an executing module configured to execute the decrypted contract codes of the target smart contract in the trusted execution environment).
In regards to claim 17, the combination of Wei in view of Schultz teaches the method of claim 16, further comprising writing the hashes of the data and the program to a log (Schultz, Para. 0031, a chain is a transaction log which is structured as hash-linked blocks, and each block contains a sequence of N transactions where N is equal to or greater than one. The block header includes a hash of the block's transactions, as well as a hash of the prior block's header. In this way, all transactions on the ledger may be sequenced and cryptographically linked together. Accordingly, it is not possible to tamper with the ledger data without breaking the hash links. A hash of a most recently added blockchain block represents every transaction on the chain that has come before it, making it possible to ensure that all peer nodes are in a consistent and trusted state. The chain may be stored on a peer node file system (i.e., local, attached storage, cloud, etc.), efficiently supporting the append-only nature of the blockchain workload). Therefore, it would have been obvious to someone ordinary skill in the art before the effective filling date of the claimed invention to have modified Wei to incorporate the teachings of Schultz to include further comprising writing the hashes of the data and the program to a log (Schultz, Para. 0031). Doing so would aid each end user to have its own ledger copy to access. Multiple organizations (and peers) may be on-boarded on the blockchain network. The key organizations may serve as endorsing peers to validate the smart contract execution results, read-set and write-set. In other words, the blockchain inherent features provide for efficient implementation of a method for management of digital assets in blockchain networks (Schultz, Para. 0034).
In regards to claim 18, the combination of Wei in view of Schultz teaches the method of claim 17, further comprising storing the log as a blockchain (Wei, Para. 0132, encrypted smart contract codes of the target smart contract stored in the distributed ledgers of the blockchain are obtained, and the encrypted smart contract codes of the target smart contract are transmitted to the trusted execution environmen).
In regards to claim 19, the combination of Wei in view of Schultz teaches the method of claim 8, further comprising obtaining a key from the agreement and using the key to decrypt the program (Wei, Para. 0013, the node device being installed with a trusted execution environment. The apparatus includes: an obtaining module configured to, in response to an invoking transaction initiated by a client with respect to a target smart contract, obtain encrypted contract codes of a target smart contract stored in distributed ledgers of the blockchain, and transmit the encrypted contract codes of the target smart contract to the trusted execution environment; a determining module configured to obtain a smart contract management rule, and determine in the trusted execution environment whether the target smart contract is a managed smart contract based on the smart contract management rule; a decrypting module configured to, if the target smart contract is not a managed smart contract, extract a decryption key which is stored in the trusted execution environment and corresponding to the contract codes of the target smart contract, and based on the extracted decryption key, decrypt the contract codes of the target smart contract; and an executing module configured to execute the decrypted contract codes of the target smart contract in the trusted execution environment).
In regards to claim 20, the combination of Wei in view of Schultz teaches the method of claim 8, wherein executing validation process comprises transferring a validation program from the user machine to the secure machine and executing the validation program in the secure machine (Schultz, Para. 0028, When a client sends the transaction to the peers specified in the endorsement policy, the transaction is executed to validate the transaction. After validation, the transactions enter an ordering phase in which a consensus protocol is used to produce an ordered sequence of endorsed transactions grouped into blocks). Therefore, it would have been obvious to someone ordinary skill in the art before the effective filling date of the claimed invention to have modified Wei to incorporate the teachings of Schultz to include wherein executing validation process comprises transferring a validation program from the user machine to the secure machine and executing the validation program in the secure machine (Schultz, Para. 0028). Doing so would aid each end user to have its own ledger copy to access. Multiple organizations (and peers) may be on-boarded on the blockchain network. The key organizations may serve as endorsing peers to validate the smart contract execution results, read-set and write-set. In other words, the blockchain inherent features provide for efficient implementation of a method for management of digital assets in blockchain networks (Schultz, Para. 0034).
Claim 15 is rejected under 35 U.S.C. 103 as being unpatentable over Wei et al. US 20200167503 A1), hereinafter Wei in view of Schultz et al. (US 2020/0092364 A1), hereinafter Schultz, and further in view of Bodegas Martinez et al. (US 2019/0303610 A1), hereinafter Bodegas Martinez.
In regards to claim 15, the combination of Wei and Schultz fails to teach the method of claim 8, further comprising de-identifying the data to remove identification of its origin.
However, Bodegas Martinez further comprising de-identifying the data to remove identification of its origin (Bodegas Martinez, Para. 0022, “de-identification” or “anonymization” refers to a process that removes any user identifiers or personally identifiable information from one or more records in a database)
Wei, Schultz, and Bodegas Martinez are all considered to be analogous to the claim invention because they are in the same field of executing by a secure server for securely executing a program in the cloud services based on a contract, e.g., smart contract. Therefore, it would have been obvious to someone ordinary skill in the art before the effective filling date of the claimed invention to have modified Wei and Schultz to incorporate the teachings of Bodegas Martinez to include further comprising de-identifying the data to remove identification of its origin (Bodegas Martinez, Para. 0022). Doing so would aid the anonymized records to be stored in a separate de-identified dataset as retained data. Suitable data analysis can then be performed on the retained data via, for instance, aggregation or pattern recognition, while data privacy is protected (Bodegas Martinez, Para. 0026).
Claim 16 is rejected under 35 U.S.C. 103 as being unpatentable over Wei et al. US 20200167503 A1), hereinafter Wei in view of Schultz et al. (US 2020/0092364 A1), hereinafter Schultz, and further in view of WONG (US 2001/0046307 A1), hereinafter WONG.
In regards to claim 16, the combination of Wei and Schultz fails to teach the method of claim 8, further comprising applying a watermark to the output with hashes of the data and the program.
However, WONG teaches further comprising applying a watermark to the output with hashes of the data and the program (WONG, abstract, the watermark insertion procedure computes a hash function and then combines the output of the hashed function of a modified image block).
Wei, Schultz, and WONG are all considered to be analogous to the claim invention because they are in the same field of executing by a secure server for securely executing a program in the cloud services based on a contract, e.g., smart contract. Therefore, it would have been obvious to someone ordinary skill in the art before the effective filling date of the claimed invention to have modified Wei and Schultz to incorporate the teachings of WONG to include further comprising applying a watermark to the output with hashes of the data and the program (WONG, abstract). Doing so would help to provide authentication that detects any change to the watermarked image for both a secret key and public key watermarking system (WONG, Para. 0011).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See PTO-892.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GITA FARAMARZI whose telephone number is (571)272-0248. The examiner can normally be reached Monday- Friday 9:00 am- 6:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge L. Ortiz-Criado can be reached at (571)272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/GITA FARAMARZI/Examiner, Art Unit 2496
/HARESH N PATEL/Primary Examiner, Art Unit 2496