MULTI-PARTY MODEL TRAINING

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-11 is/are rejected under 35 U.S.C. 103 as being unpatentable over POLYCHRONIADOU et al., (US20220374544A1), in view of Collins et al., (US20180091583A1), further in view of Zheng et al., Non-Patent Literature (“Aggregation Service for Federated Learning: An Efficient, Secure, and More Resilient Realization”). Regarding claim 1: POLYCHRONIADOU teaches: A system for collaboration between systems of data owners to generate a model based on data from each data owner system without sharing data used to generate the model, ([0085], “Federated Learning enables a population of clients, working with a trusted server, to collaboratively learn a shared machine learning model while keeping each client's data within its own local systems.”) the system comprising: an aggregation system including one or more non-transitory computer readable storage devices configured to store a model and a plurality of model sets, each model set including one or more versions of a model, ([0085], “Federated Learning enables a population of clients, working with a trusted server (i.e., wherein aggregation system under the broadest reasonable interpretation (BRI) is interpreted as a trusted server), to collaboratively learn a shared machine learning model while keeping each client's data within its own local systems”…[0012], “The shared machine learning model may be configured to facilitate a secure multi-party computation of a function of all of the received encrypted user inputs (i.e., wherein model sets under the broadest reasonable interpretation (BRI) is interpreted as user inputs). The function may be configured to generate an updated version of the shared machine learning model such that each respective user only learns the updated version (i.e., wherein one or more versions of a model) of the shared machine learning model”) receive a request, from one of the data owner systems, to update the aggregated model to include model revisions in a model version in the model set associated with the requesting data owner system; provide the model revisions to the other of the data owner systems; ([0103], “Federated learning is an iterative algorithm that follows a simple, repetitive process. The server chooses some users to produce an updated model. Those users [data owner systems] train a model on their individual data, then send the model updates to the server [aggregated model]. The server aggregates the updates (i.e., wherein updates under the broadest reasonable interpretation is interpreted to be model revisions of the data owner systems) to construct a new global model and shares it with all users [provide the model revisions to the other of the data owner systems]”) in response to receiving approval from all the other data owner systems to update the aggregated model to include the model revisions, update the aggregated model with the model revisions and store the updated aggregated model; and provide the updated aggregated model to all of the data owner systems. ([0082], “in response to the verification of the signatures, each user generates and transmits a message indicating a mutual agreement (i.e., wherein approval from all data owner under the broadest reasonable interpretation (BRI) is interpreted as mutual agreement) with respect to a shared secret among the users. Each message is received by the secure multi-party computation for federated learning module”…[0086], “Federated learning allows users to share insights, such as, for example, the parameters of a trained model, from the data on their laptops or mobile devices without ever sharing the data itself. The federated learning process may include the following steps: 1) Users train a local model on their individual data; 2) each user sends their model weights to a trusted server; 3) the server computes an average-weight shared model (i.e., wherein update the aggregated model) 4) the shared model is returned to all of the users (i.e., wherein the updated aggregated model is shared to all data owner) and 5) users retrain a local model starting from the shared model.”) POLYCHRONIADOU does not explicitly teach: each model set associated with a data owner system, an aggregated model, and a plurality of computer readable instructions, and one or more processors configured to execute the plurality of computer readable instructions to receive information for a model associated with a first data set from a first data owner system, generate a model version based on the received information, store the model version in a first model set of the plurality of model sets, and control access to the first model set to prohibit access to the first model set of any data owner system except the first data owner system; receive information for a model associated with a second data set from a second data owner system, generate a model version based on the received information, store the model version in a second model set of the plurality of model sets, and control access to the second model set to prohibit access to the second model set of any data owner system except the second data owner system; Collins teaches: generate a model version based on the received information, store the model version in a first model set of the plurality of model sets, and ([0045], “Resource management service 240 may implement historical versioning of hierarchies in organizations, in some embodiments. Some services, such as billing service 254, may require the ability to query for historically versioned data, such as which account was the payer of the organization at the end of the previous month (as the current payer may be different due to a change to a hierarchy). In order to provide historical versions of hierarchies (including the policies applied and resource data objects arranged), historical versioning 340 [generate a model version] may store prior versions or track or record changes to hierarchies (i.e., wherein generate a model version under the broadest reasonable interpretation (BRI) is interpreted as the historical versioning to track or record changes). These prior versions or changes may be associated with particular points in time (e.g., by assigning timestamps). Historical versioning 340 may handle requests for policy lookups across particular ranges of time or at particular points in time. Historical versioning 340 may access the versioned data and return the appropriate policies for the specified time(s). Hierarchy versions may be stored [store the model version] as part of organization data objects 352 in hierarchical data store 350, in some embodiments.”) control access to the first model set to prohibit access to the first model set of any data owner system except the first data owner system; ([0034], “Provider network may also implement access management service 256 [control access], which may implement user authentication and access control procedures defined for different resources (e.g., instances, user accounts, data volumes, etc.) as described by policies applied to resource data objects in hierarchies at resource management service 240. For example, for a given network-based services request to access a particular compute instance, provider network 200 may implement components configured to ascertain whether the client associated with the access is authorized to configured or perform the requested task (i.e., wherein prohibit access under the broadest reasonable interpretation is interpreted as access is authorized or denied). Authorization may be determined such by, for example, evaluating an identity, password or other credential against credentials associated with the resources, or evaluating the requested access to the provider network 200 resource against an access control list for the particular resource (i.e., wherein authentication and authorization under the broadest reasonable interpretation (BRI) is interpreted as authenticate a data owner and allow authorization based on policies). For example, if a client does not have sufficient credentials to access the resource, the request may be rejected”) generate a model version based on the received information, store the model version in a second model set of the plurality of model sets, and ([0045], “Resource management service 240 may implement historical versioning of hierarchies in organizations, in some embodiments. Some services, such as billing service 254, may require the ability to query for historically versioned data, such as which account was the payer of the organization at the end of the previous month (as the current payer may be different due to a change to a hierarchy). In order to provide historical versions of hierarchies (including the policies applied and resource data objects arranged), historical versioning 340 [generate a model version] may store prior versions or track or record changes to hierarchies (i.e., wherein generate a model version under the broadest reasonable interpretation (BRI) is interpreted as the historical versioning to track or record changes). These prior versions or changes may be associated with particular points in time (e.g., by assigning timestamps). Historical versioning 340 may handle requests for policy lookups across particular ranges of time or at particular points in time. Historical versioning 340 may access the versioned data and return the appropriate policies for the specified time(s). Hierarchy versions may be stored [store the model version] as part of organization data objects 352 in hierarchical data store 350, in some embodiments.”) control access to the second model set to prohibit access to the second model set of any data owner system except the second data owner system; ([0034], “Provider network may also implement access management service 256 [control access], which may implement user authentication and access control procedures defined for different resources (e.g., instances, user accounts, data volumes, etc.) as described by policies applied to resource data objects in hierarchies at resource management service 240. For example, for a given network-based services request to access a particular compute instance, provider network 200 may implement components configured to ascertain whether the client associated with the access is authorized to configured or perform the requested task (i.e., wherein prohibit access under the broadest reasonable interpretation is interpreted as access is authorized or denied). Authorization may be determined such by, for example, evaluating an identity, password or other credential against credentials associated with the resources, or evaluating the requested access to the provider network 200 resource against an access control list for the particular resource (i.e., wherein authentication and authorization under the broadest reasonable interpretation (BRI) is interpreted as authenticate a data owner and allow authorization based on policies). For example, if a client does not have sufficient credentials to access the resource, the request may be rejected”) Collins and POLYCHRONIADOU are both related to the same field of endeavor (i.e., multi-party systems). In view of the teachings of Collins it would have been obvious for a person of ordinary skill in the art to apply the teachings of Collins to POLYCHRONIADOU before the effective filing date of the claimed invention in order to improve the efficiency of secure aggregated models in distributed multi-party systems (Collins, [0016], “For example, management decisions regarding various resources in a distributed system often involves defining and enforcing the permitted actions, configurations, controls or any other definition of behaviors for the system resources. Security policies, such as access rights or permitted actions for system resources, for instance, may be defined and enforced for users of the system resources. When making decisions to change the permitted actions, configurations, controls or any other definition of behaviors for the system resources in a distributed system,”) Zheng teaches: each model set associated with a data owner system, an aggregated model, and a plurality of computer readable instructions, and one or more processors configured to execute the plurality of computer readable instructions to receive information for a model associated with a first data set from a first data owner system, (Section 3.1, “Federated learning enables multiple data owners to jointly solve an optimization problem which could be formulated as: min S s=1 1 S · L(w,Ds), where S is the number of data owners [data owner system], L(w,Ds) is a loss function capturing how well the parameters w (treated as a flattened vector) model the local dataset Ds. During the learning procedure, each data owner only shares a locally trained model [model set] update. The model updates (i.e., wherein model updated under the broadest reasonable interpretation (BRI) is interpreted as information for a model associated from the model set) are typically aggregated by a server and used to update the global model [aggregated model]. This is an iterative procedure and runs in multiple rounds. Each round proceeds through the following steps: (1) A fraction of the data owners (say K data owners) is selected by the server and a current global model w is sent to these data owners. (2) Each selected data owner then performs training over its local dataset, for which any optimizers could be used, though stochastic gradient descent (SGD) is the most popular one. With SGD, the k th selected data owner (i.e., wherein selected owner under the broadest reasonable interpretation (BRI) includes first data owner etc.) updates the local model.”) receive information for a model associated with a second data set from a second data owner system, (Section 3.1, “Federated learning enables multiple data owners to jointly solve an optimization problem which could be formulated as: min S s=1 1 S · L(w,Ds), where S is the number of data owners [data owner system] (i.e., wherein second data owner system), L(w,Ds) is a loss function capturing how well the parameters w (treated as a flattened vector) model the local dataset Ds. During the learning procedure, each data owner only shares a locally trained model [model set] update. The model updates (i.e., wherein model updated under the broadest reasonable interpretation (BRI) is interpreted as information for a model associated from the model set) are typically aggregated by a server and used to update the global model.”) Zheng and POLYCHRONIADOU are both related to the same field of endeavor (i.e., federated learning). In view of the teachings of Zheng it would have been obvious for a person of ordinary skill in the art to apply the teachings of Zheng to POLYCHRONIADOU before the effective filing date of the claimed invention in order to improve the efficiency of secure aggregated models in distributed multi-party systems (Zheng, Introduction, “Federated learning has rapidly emerged as a fascinating machine learning paradigm [1] which allows models to be trained on data dispersed over a number of mobile devices while each client can keep its dataset locally. Clients never share the raw datasets, and instead only periodically share model updates locally trained with their datasets, which are then aggregated by a coordinating server to produce a global model. Federated learning thus promises reaping the benefits of harnessing rich data from diverse sources to train high quality models, without clients being worried about the security and privacy risks of centralizing their raw data to a single place for training as in conventional practice.”) Regarding claim 2: POLYCHRONIADOU, as modified by Collins and Zheng, teach the system of claim 1. POLYCHRONIADOU, as modified by Collins, does not explicitly teach: further comprising the first data owner system, wherein the first data owner system includes: one or more computer readable storage devices configured to store an aggregated model received from the aggregation system, store a first data set for generating information for the model associated with the first data owner system, and store a plurality of computer readable instructions, and one or more processors configured to execute the plurality of computer readable instructions to generate the information for the model associated with the first data owner system based on the first data set, and provide the information for the model associated with the first data owner system to the aggregation system. Zheng further teaches: further comprising the first data owner system, wherein the first data owner system includes: one or more computer readable storage devices configured to store an aggregated model received from the aggregation system, store a first data set for generating information for the model associated with the first data owner system, and store a plurality of computer readable instructions, and one or more processors configured to execute the plurality of computer readable instructions to generate the information for the model associated with the first data owner system based on the first data set, and provide the information for the model associated with the first data owner system to the aggregation system. (Section 3.1, “Federated learning enables multiple data owners to jointly solve an optimization problem which could be formulated as: min S s=1 1 S · L(w,Ds), where S is the number of data owners [data owner system]), L(w,Ds) is a loss function capturing how well the parameters w (treated as a flattened vector) model the local dataset Ds. During the learning procedure, each data owner only shares a locally trained model [model set] update. The model updates (i.e., wherein model updated under the broadest reasonable interpretation (BRI) is interpreted as information for a model associated from the model set) are typically aggregated by a server and used to update the global model [aggregated model]. This is an iterative procedure and runs in multiple rounds. Each round proceeds through the following steps: (1) A fraction of the data owners (say K data owners) is selected by the server and a current global model w is sent to these data owners. (2) Each selected data owner then performs training over its local dataset, for which any optimizers could be used, though stochastic gradient descent (SGD) is the most popular one. With SGD, the k th selected data owner (i.e., wherein selected owner under the broadest reasonable interpretation (BRI) includes first data owner etc.) updates the local model.”) The motivation for claim 2 is the same motivation for claim 1. Regarding claim 3: POLYCHRONIADOU, as modified by Collins and Zheng, teach the system of claim 2. POLYCHRONIADOU, as modified by Collins, does not explicitly teach: further comprising the second data owner system, wherein the second data owner system includes: one or more computer readable storage devices configured to store an aggregated model received from the aggregation system, store a second data set for generating information for the model associated with the second data owner system, and store a plurality of computer readable instructions, and one or more processors configured to execute the plurality of computer readable instructions to generate the information for the model associated with the second data owner system based on the second data set, and provide the information for the model associated with the second data owner system to the aggregation system. Zheng further teaches: further comprising the second data owner system, wherein the second data owner system includes: one or more computer readable storage devices configured to store an aggregated model received from the aggregation system, store a second data set for generating information for the model associated with the second data owner system, and store a plurality of computer readable instructions, and one or more processors configured to execute the plurality of computer readable instructions to generate the information for the model associated with the second data owner system based on the second data set, and provide the information for the model associated with the second data owner system to the aggregation system. (Section 3.1, “Federated learning enables multiple data owners to jointly solve an optimization problem which could be formulated as: min S s=1 1 S · L(w,Ds), where S is the number of data owners [data owner system] (i.e., wherein S under the broadest reasonable interpretation include the second data owner system), L(w,Ds) is a loss function capturing how well the parameters w (treated as a flattened vector) model the local dataset Ds. During the learning procedure, each data owner only shares a locally trained model [model set] update (i.e., wherein the second data owner system generate information about a second model set). The model updates (i.e., wherein model updated under the broadest reasonable interpretation (BRI) is interpreted as information for a model associated from the model set) are typically aggregated by a server and used to update the global model [aggregated model]. This is an iterative procedure and runs in multiple rounds. Each round proceeds through the following steps: (1) A fraction of the data owners (say K data owners) is selected by the server and a current global model w is sent to these data owners. (2) Each selected data owner then performs training over its local dataset, for which any optimizers could be used, though stochastic gradient descent (SGD) is the most popular one. With SGD, the k th selected data owner (i.e., wherein selected owner under the broadest reasonable interpretation (BRI) includes first data owner etc.) updates the local model.”) The motivation for claim 3 is the same motivation for claim 1. Regarding claim 4: POLYCHRONIADOU, as modified by Collins and Zheng, teach the system of claim 1. POLYCHRONIADOU further teaches: wherein the aggregated model is a machine learning model ([0103], “Federated learning is an iterative algorithm (i.e., wherein federated learning under the broadest reasonable interpretation is interpreted as machine learning model process) that follows a simple, repetitive process. The server chooses some users to produce an updated model. Those users train a model on their individual data, then send the model updates to the server. The server aggregates the updates to construct a new global model [aggregated model] and shares it with all users. In an exemplary embodiment, regressions is used as a local learning method, and each client update includes the weights of that regression. The server receives the weights from all clients at each iteration and computes the new global model using the average of the client updates for each weight.”) The motivation for claim 4 is the same motivation for claim 1. Regarding claim 5: POLYCHRONIADOU, as modified by Collins and Zheng, teach the system of claim 4. POLYCHRONIADOU further teaches: wherein the machine learning model includes a neural network, and the information received by the aggregation system includes nodal values of the neural network ([0103], “Federated learning is an iterative algorithm that follows a simple, repetitive process. The server chooses some users to produce an updated model. Those users train a model on their individual data, then send the model updates to the server. The server aggregates [aggregation system] the updates to construct a new global model and shares it with all users. In an exemplary embodiment, regressions is used as a local learning method, and each client update includes the weights of that regression. The server receives the weights (i.e., wherein nodal values under the broadest reasonable interpretation (BRI) is interpreted as weights) from all clients at each iteration and computes the new global model using the average of the client updates for each weight.”) The motivation for claim 5 is the same motivation for claim 1. Regarding claim 6: POLYCHRONIADOU, as modified by Collins and Zheng, teach the system of claim 1. POLYCHRONIADOU further teaches: wherein the one or more processors are configured to execute the plurality of computer readable instructions to generate and store a version of the aggregated model in the first model set, and change the version of the aggregated model in the first model set based on information received from the first data owner system ([0065], “The server devices 204(1)-204(n) hosts (i.e., wherein one or more processors) the databases 206(1)-206(n) that are configured to store public exchange data (i.e., wherein store a version under the broadest reasonable interpretation (BRI) is interpreted as the version exchanged (i.e., first model set)) and any other data that relates to providing a secure aggregation protocol for federated learning based on secure multi-party computation (i.e., wherein aggregation under the broadest reasonable interpretation (BRI) is the updating the model based on the information)”) The motivation for claim 6 is the same motivation for claim 1. Regarding claim 7: POLYCHRONIADOU, as modified by Collins and Zheng, teach the system of claim 1. POLYCHRONIADOU further teaches: wherein the information received from the first data owner system includes a first security code, and wherein the one or more processors are further configured to execute the plurality of computer readable instructions to associate the first security code with each model version in the first model set that is generated using the received information ([0017]-[0020], “Each received encrypted user input may be encrypted by using an encryption algorithm. The processor may be further configured to use a public key infrastructure (PKI) (i.e., wherein public key under the broadest reasonable interpretation (BRI) is interpreted as security code) to prevent a simulation of an arbitrary number of users (i.e., wherein a user is interpreted to include first data owner). The shared machine learning model may be configured to facilitate a secure multi-party computation of a function of all of the received encrypted user inputs. The function may be configured to generate an updated version of the shared machine learning model such that each respective user only learns the updated version of the shared machine learning model (i.e., wherein under the broadest reasonable interpretation the public key ‘security code’ is associated with the user hence, an updated version is part of the secure aggregation of user inputs)”) The motivation for claim 7 is the same motivation for claim 1. Regarding claim 8: POLYCHRONIADOU, as modified by Collins and Zheng, teach the system of claim 7. POLYCHRONIADOU, as modified by Zheng, does not explicitly teach: wherein the one or more processors are further configured to execute the plurality of computer readable instructions to control access to the first data model set such that the second data owner system is prohibited from accessing and knowing of the existence of any model version in the first model set data unless permission is provided to the aggregation system by the first data owner system Collins further teaches: wherein the one or more processors are further configured to execute the plurality of computer readable instructions to control access to the first data model set such that the second data owner system is prohibited from accessing and knowing of the existence of any model version in the first model set data unless permission is provided to the aggregation system by the first data owner system ([0034], “Authorization may be determined such by, for example, evaluating an identity, password or other credential against credentials associated with the resources, or evaluating the requested access to the provider network 200 resource against an access control list (i.e., wherein access control list under the broadest reasonable interpretation (BRI) is interpreted as having access and or knowing of the existence (i.e., a need-to-know access) based on the polices/authorization of the user (i.e., second data owner access control list policies)) for the particular resource. For example, if a client does not have sufficient credentials to access the resource, the request may be rejected, for example by returning a response to the requesting client indicating an error condition.”) The motivation for claim 8 is the same motivation for claim 1. Regarding claim 9: POLYCHRONIADOU, as modified by Collins and Zheng, teach the system of claim 1. POLYCHRONIADOU, as modified by Zheng, does not explicitly teach: wherein the one or more processors are further configured to execute the plurality of computer readable instructions to receive information for a model associated with one or more other data sets from another data set owner system, generate a model version based on the received information, store the model version in another model set of the plurality of model sets, and control access to the another model set to prohibit access to the another model set of any data owner system except the another data owner system Collins further teaches: wherein the one or more processors are further configured to execute the plurality of computer readable instructions to receive information for a model associated with one or more other data sets from another data set owner system, generate a model version based on the received information, store the model version in another model set of the plurality of model sets, and control access to the another model set to prohibit access to the another model set of any data owner system except the another data owner system ([0034], “Authorization may be determined such by, for example, evaluating an identity, password or other credential against credentials associated with the resources, or evaluating the requested access to the provider network 200 resource against an access control list (i.e., wherein access control list under the broadest reasonable interpretation (BRI) is interpreted as having access and not based on the polices/authorization of the user (i.e., any data owner access control list policies)) for the particular resource. For example, if a client does not have sufficient credentials to access the resource, the request may be rejected, for example by returning a response to the requesting client indicating an error condition.”) The motivation for claim 9 is the same motivation for claim 1. Regarding claim 10: POLYCHRONIADOU, as modified by Collins and Zheng, teach the system of claim 1. POLYCHRONIADOU, as modified by Zheng, does not explicitly teach: wherein the one or more processors are further configured to execute the plurality of computer readable instructions to provide a trigger mechanism for initializing or starting a round of training to update the aggregated model based on one or more rules or criteria Collins further teaches: wherein the one or more processors are further configured to execute the plurality of computer readable instructions to provide a trigger mechanism for initializing or starting a round of training to update the aggregated model based on one or more rules or criteria ([0017], “For example, large scale distributed systems implementing thousands or hundreds of thousands of resources on behalf of thousands or hundreds of thousands of users, clients, or entities may make it difficult to discover, track, and obtain the approval of changes that may need to be made to a distributed system. Implementing multi-party updates for a distributed system as discussed below, however, may coordinate the proposal, approval, and performance of updates to a distributed system in a scalable, traceable, and automated fashion”…[0019], “Agreement manager 120 may send proposal notification(s) 122 to the identified approver(s) 130. In turn, approvers 130 may send a response indicating approval(s) or disapproval(s) 132 to agreement manager. Agreement manager 120 may evaluate the responses with respect to the authorization scheme. For example, if the authorization scheme [trigger mechanism] requires that 4 of 6 approver(s) 130 send an approval response (i.e., wherein trigger mechanism under the broadest reasonable interpretation (BRI) is interpreted as the authorization scheme is met (i.e., based on one or more rules or criteria)) then agreement manager 120 may determine whether 4 approval responses were received. If not, then agreement manager 120 may send a rejection of the proposed amendments (not illustrated). If, however the authorization scheme for the proposed update(s) 112 is satisfied, then agreement manager 120 may direct the approved update(s) 142 with respect to distributed system resources 140 [training to update the aggregated model]. For example, agreement manager 120 may send the API requests corresponding to the described updates (e.g., specified by a user in proposed updates 112) to initiate performance of the updates, or execute a script or executable data object to perform the updates”) The motivation for claim 10 is the same motivation for claim 1. Regarding claim 11: POLYCHRONIADOU, as modified by Collins and Zheng, teach the system of claim 1. POLYCHRONIADOU, as modified by Zheng, does not explicitly teach: wherein the approvals received from the other data owner systems are generated automatically by said other data owner systems based on one or more rules or criteria Collins further teaches: wherein the approvals received from the other data owner systems are generated automatically by said other data owner systems based on one or more rules or criteria ([0017], “Implementing multi-party updates for a distributed system as discussed below, however, may coordinate the proposal, approval, and performance of updates to a distributed system in a scalable, traceable, and automated fashion...[0019], Agreement manager 120 may send proposal notification(s) 122 to the identified approver(s) 130. In turn, approvers 130 may send a response indicating approval(s) or disapproval(s) 132 to agreement manager. Agreement manager 120 may evaluate the responses with respect to the authorization scheme (). For example, if the authorization scheme requires (i.e., wherein under the broadest reasonable interpretation (BRI) the authorization scheme is met (i.e., based on one or more rules or criteria)), that 4 of 6 approver(s) 130 send an approval response, then agreement manager 120 may determine whether 4 approval responses were received [approval from other data owner systems]. If not, then agreement manager 120 may send a rejection of the proposed amendments (not illustrated). If, however the authorization scheme for the proposed update(s) 112 is satisfied, then agreement manager 120 may direct the approved update(s) 142 with respect to distributed system resources 140.”) The motivation for claim 11 is the same motivation for claim 1. Claim(s) 12-18, 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over POLYCHRONIADOU et al., in view of Collins et al., further in view of Zheng et al. Regarding claim 12: POLYCHRONIADOU teaches: A computer-implemented method for collaborating between systems of data owners to generate a model based on data from each data owner system without sharing data used to generate the model, ([0085], “Federated Learning enables a population of clients, working with a trusted server, to collaboratively learn a shared machine learning model while keeping each client's data within its own local systems.”) the method comprising: receiving, at an aggregation system, information for a model associated with a first data set from a first data owner system, ([0085], “Federated Learning enables a population of clients, working with a trusted server (i.e., wherein aggregation system under the broadest reasonable interpretation (BRI) is interpreted as a trusted server), to collaboratively learn a shared machine learning model while keeping each client's data within its own local systems”…[0012], “The shared machine learning model may be configured to facilitate a secure multi-party computation of a function of all of the received encrypted user inputs (i.e., wherein model sets under the broadest reasonable interpretation (BRI) is interpreted as user inputs, hence first data set from a first data owner system). receiving a request, from one of the data owner systems, to update the aggregated model to include model revisions in a model version in the model set associated with the requesting data owner system; providing the model revisions to the other of the data owner systems; ([0103], “Federated learning is an iterative algorithm that follows a simple, repetitive process. The server chooses some users to produce an updated model. Those users [data owner systems] train a model on their individual data, then send the model updates to the server [aggregated model]. The server aggregates the updates (i.e., wherein updates under the broadest reasonable interpretation is interpreted to be model revisions of the data owner systems) to construct a new global model and shares it with all users [provide the model revisions to the other of the data owner systems]”) in response to receiving approval from all the other data owner system to update the aggregated model to include the model revisions, updating the aggregated model with the model revisions and store the updated aggregated model; and providing access to the updated aggregated model to all of the data owner systems, ([0082], “in response to the verification of the signatures, each user generates and transmits a message indicating a mutual agreement (i.e., wherein approval from all data owner under the broadest reasonable interpretation (BRI) is interpreted as mutual agreement) with respect to a shared secret among the users. Each message is received by the secure multi-party computation for federated learning module”…[0086], “Federated learning allows users to share insights, such as, for example, the parameters of a trained model, from the data on their laptops or mobile devices without ever sharing the data itself. The federated learning process may include the following steps: 1) Users train a local model on their individual data; 2) each user sends their model weights to a trusted server; 3) the server computes an average-weight shared model (i.e., wherein update the aggregated model) 4) the shared model is returned to all of the users (i.e., wherein the updated aggregated model is shared to all data owner) and 5) users retrain a local model starting from the shared model.”) wherein the method is performed by one or more computer hardware processors executing a plurality of computer readable instructions stored on non-transitory computer memory ([0021], “a non-transitory computer readable storage medium storing instructions for learning a shared machine learning model while preserving privacy of individual participants is provided.”) POLYCHRONIADOU does not explicitly teach: generating a model version based on the received information, storing the model version in a first model set of a plurality of model sets, and controlling access to the first model set to prohibit access to the first model set of any data owner system except the first data owner system; generating a model version based on the received information, storing the model version in a second model set of the plurality of model sets, and controlling access to the second model set to prohibit access to the second model set of any data owner system except the second data owner system; receiving, at the aggregation system, information for a model associated with a second data set from a second data owner system, Collins teaches: generating a model version based on the received information, storing the model version in a first model set of a plurality of model sets, and ([0045], “Resource management service 240 may implement historical versioning of hierarchies in organizations, in some embodiments. Some services, such as billing service 254, may require the ability to query for historically versioned data, such as which account was the payer of the organization at the end of the previous month (as the current payer may be different due to a change to a hierarchy). In order to provide historical versions of hierarchies (including the policies applied and resource data objects arranged), historical versioning 340 [generate a model version] may store prior versions or track or record changes to hierarchies (i.e., wherein generate a model version under the broadest reasonable interpretation (BRI) is interpreted as the historical versioning to track or record changes). These prior versions or changes may be associated with particular points in time (e.g., by assigning timestamps). Historical versioning 340 may handle requests for policy lookups across particular ranges of time or at particular points in time. Historical versioning 340 may access the versioned data and return the appropriate policies for the specified time(s). Hierarchy versions may be stored [store the model version] as part of organization data objects 352 in hierarchical data store 350, in some embodiments.”) controlling access to the first model set to prohibit access to the first model set of any data owner system except the first data owner system; ([0034], “Provider network may also implement access management service 256 [control access], which may implement user authentication and access control procedures defined for different resources (e.g., instances, user accounts, data volumes, etc.) as described by policies applied to resource data objects in hierarchies at resource management service 240. For example, for a given network-based services request to access a particular compute instance, provider network 200 may implement components configured to ascertain whether the client associated with the access is authorized to configured or perform the requested task (i.e., wherein prohibit access under the broadest reasonable interpretation is interpreted as access is authorized or denied). Authorization may be determined such by, for example, evaluating an identity, password or other credential against credentials associated with the resources, or evaluating the requested access to the provider network 200 resource against an access control list for the particular resource (i.e., wherein authentication and authorization under the broadest reasonable interpretation (BRI) is interpreted as authenticate a data owner and allow authorization based on policies). For example, if a client does not have sufficient credentials to access the resource, the request may be rejected”) generating a model version based on the received information, storing the model version in a second model set of the plurality of model sets, and ([0045], “Resource management service 240 may implement historical versioning of hierarchies in organizations, in some embodiments. Some services, such as billing service 254, may require the ability to query for historically versioned data, such as which account was the payer of the organization at the end of the previous month (as the current payer may be different due to a change to a hierarchy). In order to provide historical versions of hierarchies (including the policies applied and resource data objects arranged), historical versioning 340 [generate a model version] may store prior versions or track or record changes to hierarchies (i.e., wherein generate a model version under the broadest reasonable interpretation (BRI) is interpreted as the historical versioning to track or record changes). These prior versions or changes may be associated with particular points in time (e.g., by assigning timestamps). Historical versioning 340 may handle requests for policy lookups across particular ranges of time or at particular points in time. Historical versioning 340 may access the versioned data and return the appropriate policies for the specified time(s). Hierarchy versions may be stored [store the model version] as part of organization data objects 352 in hierarchical data store 350, in some embodiments.”) controlling access to the second model set to prohibit access to the second model set of any data owner system except the second data owner system; ([0034], “Provider network may also implement access management service 256 [control access], which may implement user authentication and access control procedures defined for different resources (e.g., instances, user accounts, data volumes, etc.) as described by policies applied to resource data objects in hierarchies at resource management service 240. For example, for a given network-based services request to access a particular compute instance, provider network 200 may implement components configured to ascertain whether the client associated with the access is authorized to configured or perform the requested task (i.e., wherein prohibit access under the broadest reasonable interpretation is interpreted as access is authorized or denied). Authorization may be determined such by, for example, evaluating an identity, password or other credential against credentials associated with the resources, or evaluating the requested access to the provider network 200 resource against an access control list for the particular resource (i.e., wherein authentication and authorization under the broadest reasonable interpretation (BRI) is interpreted as authenticate a data owner and allow authorization based on policies). For example, if a client does not have sufficient credentials to access the resource, the request may be rejected”) Collins and POLYCHRONIADOU are both related to the same field of endeavor (i.e., multi-party systems). In view of the teachings of Collins it would have been obvious for a person of ordinary skill in the art to apply the teachings of Collins to POLYCHRONIADOU before the effective filing date of the claimed invention in order to improve the efficiency of secure aggregated models in distributed multi-party systems (Collins, [0016], “For example, management decisions regarding various resources in a distributed system often involves defining and enforcing the permitted actions, configurations, controls or any other definition of behaviors for the system resources. Security policies, such as access rights or permitted actions for system resources, for instance, may be defined and enforced for users of the system resources. When making decisions to change the permitted actions, configurations, controls or any other definition of behaviors for the system resources in a distributed system,”) Zheng teaches: receiving, at the aggregation system, information for a model associated with a second data set from a second data owner system, (Section 3.1, “Federated learning enables multiple data owners to jointly solve an optimization problem which could be formulated as: min S s=1 1 S · L(w,Ds), where S is the number of data owners [data owner system] (i.e., wherein second data owner system), L(w,Ds) is a loss function capturing how well the parameters w (treated as a flattened vector) model the local dataset Ds. During the learning procedure, each data owner only shares a locally trained model [model set] update. The model updates (i.e., wherein model updated under the broadest reasonable interpretation (BRI) is interpreted as information for a model associated from the model set) are typically aggregated by a server and used to update the global model.”) Zheng and POLYCHRONIADOU are both related to the same field of endeavor (i.e., federated learning). In view of the teachings of Zheng it would have been obvious for a person of ordinary skill in the art to apply the teachings of Zheng to POLYCHRONIADOU before the effective filing date of the claimed invention in order to improve the efficiency of secure aggregated models in distributed multi-party systems (Zheng, Introduction, “Federated learning has rapidly emerged as a fascinating machine learning paradigm [1] which allows models to be trained on data dispersed over a number of mobile devices while each client can keep its dataset locally. Clients never share the raw datasets, and instead only periodically share model updates locally trained with their datasets, which are then aggregated by a coordinating server to produce a global model. Federated learning thus promises reaping the benefits of harnessing rich data from diverse sources to train high quality models, without clients being worried about the security and privacy risks of centralizing their raw data to a single place for training as in conventional practice.”) Regarding claim 13: POLYCHRONIADOU, as modified by Collins and Zheng, teach the method of claim 12. POLYCHRONIADOU further teaches: wherein the aggregated model is a machine learning model ([0103], “Federated learning is an iterative algorithm (i.e., wherein federated learning under the broadest reasonable interpretation is interpreted as machine learning model process) that follows a simple, repetitive process. The server chooses some users to produce an updated model. Those users train a model on their individual data, then send the model updates to the server. The server aggregates the updates to construct a new global model [aggregated model] and shares it with all users. In an exemplary embodiment, regressions is used as a local learning method, and each client update includes the weights of that regression. The server receives the weights from all clients at each iteration and computes the new global model using the average of the client updates for each weight.”) The motivation for claim 13 is the same motivation for claim 12. Regarding claim 14: POLYCHRONIADOU, as modified by Collins and Zheng, teach the method of claim 13. POLYCHRONIADOU further teaches: wherein the machine learning model includes a neural network, and the information received by the aggregation system includes nodal values of the neural network ([0103], “Federated learning is an iterative algorithm that follows a simple, repetitive process. The server chooses some users to produce an updated model. Those users train a model on their individual data, then send the model updates to the server. The server aggregates [aggregation system] the updates to construct a new global model and shares it with all users. In an exemplary embodiment, regressions is used as a local learning method, and each client update includes the weights of that regression. The server receives the weights (i.e., wherein nodal values under the broadest reasonable interpretation (BRI) is interpreted as weights) from all clients at each iteration and computes the new global model using the average of the client updates for each weight.”) The motivation for claim 14 is the same motivation for claim 12. Regarding claim 15: POLYCHRONIADOU, as modified by Collins and Zheng, teach the method of claim 12. POLYCHRONIADOU, as modified by Zheng, does not explicitly teach: wherein the model revisions includes software code revisions to the aggregated model Collins further teaches: wherein the model revisions includes software code revisions to the aggregated model ([0018], “The proposed updates may include any updates or changes to distributed system resources 140 (e.g., hardware resources, such as various processing, storage, and/or networking hardware) or virtual resources (e.g., instances, volumes, user accounts, or control policies) (i.e., wherein the updates is interpreted as revisions). The proposed updates 112 may be included in a request to agreement manager 120 as executable instructions (e.g., API requests or executable scripts, code [software code revisions], or other executable data objects)”) The motivation for claim 15 is the same motivation for claim 12. Regarding claim 16: POLYCHRONIADOU, as modified by Collins and Zheng, teach the method of claim 12. POLYCHRONIADOU further teaches: further comprising receiving, at the aggregation system, additional information from the first data owner system and revising the model version in the first model set based on the received information ([0065], “The server devices 204(1)-204(n) hosts the databases 206(1)-206(n) that are configured to store public exchange data (i.e., wherein a revising version under the broadest reasonable interpretation (BRI) is interpreted as the version exchanged to update the aggregated model (i.e., first model set)) and any other data that relates to providing a secure aggregation protocol for federated learning based on secure multi-party computation (i.e., wherein aggregation under the broadest reasonable interpretation (BRI) is the updating the model based on the information)”) The motivation for claim 16 is the same motivation for claim 12. Regarding claim 17: POLYCHRONIADOU, as modified by Collins and Zheng, teach the system of claim 12. POLYCHRONIADOU further teaches: wherein information received from the first data owner system is associated with a first security code, the method further comprising associating the first security code with each model version in the first model set that is generated using the received information ([0017]-[0020], “Each received encrypted user input may be encrypted by using an encryption algorithm. The processor may be further configured to use a public key infrastructure (PKI) (i.e., wherein public key under the broadest reasonable interpretation (BRI) is interpreted as security code) to prevent a simulation of an arbitrary number of users (i.e., wherein a user is interpreted to include first data owner). The shared machine learning model may be configured to facilitate a secure multi-party computation of a function of all of the received encrypted user inputs. The function may be configured to generate an updated version of the shared machine learning model such that each respective user only learns the updated version of the shared machine learning model (i.e., wherein under the broadest reasonable interpretation the public key ‘security code’ is associated with the user hence, an updated version is part of the secure aggregation of user inputs)”) The motivation for claim 17 is the same motivation for claim 12. Regarding claim 18: POLYCHRONIADOU, as modified by Collins and Zheng, teach the system of claim 12. POLYCHRONIADOU further teaches: wherein information received from the first data owner system includes data associated with a first security code, ([0017]-[0020], “Each received encrypted user input may be encrypted by using an encryption algorithm. The processor may be further configured to use a public key infrastructure (PKI) (i.e., wherein public key under the broadest reasonable interpretation (BRI) is interpreted as security code) to prevent a simulation of an arbitrary number of users (i.e., wherein a user is interpreted to include first data owner). POLYCHRONIADOU, as modified by Zheng does not explicitly teach: the method further comprising prohibiting any other data owner that is not associated with the first security code from accessing the data received from the first data owner Collins further teaches: the method further comprising prohibiting any other data owner that is not associated with the first security code from accessing the data received from the first data owner ([0034], “Authorization may be determined such by, for example, evaluating an identity, password or other credential against credentials associated (i.e., wherein security code under the broadest reasonable interpretation is interpreted as a credential to verify) with the resources, or evaluating the requested access to the provider network 200 resource against an access control list (i.e., wherein access control list under the broadest reasonable interpretation (BRI) is interpreted as having access based on the polices/authorization of the user) for the particular resource. The motivation for claim 18 is the same motivation for claim 12. Regarding claim 20: POLYCHRONIADOU, as modified by Collins and Zheng, teach the method of claim 17. POLYCHRONIADOU further teaches: wherein the aggregated model is a machine learning model ([0103], “Federated learning is an iterative algorithm (i.e., wherein federated learning under the broadest reasonable interpretation is interpreted as machine learning model process) that follows a simple, repetitive process. The server chooses some users to produce an updated model. Those users train a model on their individual data, then send the model updates to the server. The server aggregates the updates to construct a new global model [aggregated model] and shares it with all users. In an exemplary embodiment, regressions is used as a local learning method, and each client update includes the weights of that regression. The server receives the weights from all clients at each iteration and computes the new global model using the average of the client updates for each weight.”) The motivation for claim 20 is the same motivation for claim 12. Claim(s) 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over POLYCHRONIADOU et al., in view of Collins et al., further in view of Zheng et al. Regarding claim 19: POLYCHRONIADOU teaches: A computer-implemented method for collaborating between systems of data owners to generate a model based on data from each client without sharing data used to generate the model, ([0085], “Federated Learning enables a population of clients, working with a trusted server, to collaboratively learn a shared machine learning model while keeping each client's data within its own local systems.”) the method comprising: receiving at an aggregation system, from a first client, information associated with a first data set, ([0085], “Federated Learning enables a population of clients, working with a trusted server (i.e., wherein aggregation system under the broadest reasonable interpretation (BRI) is interpreted as a trusted server), to collaboratively learn a shared machine learning model while keeping each client's data within its own local systems”…[0012], “The shared machine learning model may be configured to facilitate a secure multi-party computation of a function of all of the received encrypted user inputs (i.e., wherein model sets under the broadest reasonable interpretation (BRI) is interpreted as user inputs, hence first data set from a first client). receiving a request from the first client, to update an aggregated model stored on the aggregation system based on the first version of the model; providing the first version to the second client; ([0103], “Federated learning is an iterative algorithm that follows a simple, repetitive process. The server chooses some users to produce an updated model. Those users [client] train a model on their individual data, then send the model updates to the server [aggregated model]. The server aggregates the updates (i.e., wherein updates under the broadest reasonable interpretation is interpreted to be model revisions of the client) to construct a new global model and shares it with all users [providing the model revision]”) in response to receiving approval from the second client to update the aggregated model, updating the aggregated model based on the first version of the model to form a revised aggregated model; and providing access to the revised aggregated model to the first and second clients, ([0082], “in response to the verification of the signatures, each user generates and transmits a message indicating a mutual agreement (i.e., wherein approval from all client under the broadest reasonable interpretation (BRI) is interpreted as mutual agreement) with respect to a shared secret among the users. Each message is received by the secure multi-party computation for federated learning module”…[0086], “Federated learning allows users to share insights, such as, for example, the parameters of a trained model, from the data on their laptops or mobile devices without ever sharing the data itself. The federated learning process may include the following steps: 1) Users train a local model on their individual data; 2) each user sends their model weights to a trusted server; 3) the server computes an average-weight shared model (i.e., wherein update the aggregated model) 4) the shared model is returned to all of the users (i.e., wherein the updated aggregated model is shared to all client) and 5) users retrain a local model starting from the shared model.”) on the aggregation system, as the starting point to make new versions of the aggregated model based on the first, wherein the method is performed by one or more computer hardware processors executing a plurality of computer readable instructions stored on non-transitory computer memory ([0021], “a non-transitory computer readable storage medium storing instructions for learning a shared machine learning model (i.e., wherein aggregation system) while preserving privacy of individual participants is provided.”) POLYCHRONIADOU does not explicitly teach: updating and storing a first version of a model based on the received information associated with the first data set, and controlling access to the first version of the model to prohibit access of any client except the first client; receiving at the aggregation system, from a second client, information associated with a second data set, updating and storing a second version of the model based on the received information associated with the second data set, and controlling access to the second version of the model to prohibit access of any client except the second client; Collins teaches: updating and storing a first version of a model based on the received information associated with the first data set, and ([0045], “Resource management service 240 may implement historical versioning of hierarchies in organizations, in some embodiments. Some services, such as billing service 254, may require the ability to query for historically versioned data, such as which account was the payer of the organization at the end of the previous month (as the current payer may be different due to a change to a hierarchy). In order to provide historical versions of hierarchies (including the policies applied and resource data objects arranged), historical versioning 340 [generate a model version] may store prior versions or track or record changes to hierarchies (i.e., wherein generate a model version under the broadest reasonable interpretation (BRI) is interpreted as the historical versioning to track or record changes). These prior versions or changes may be associated with particular points in time (e.g., by assigning timestamps). Historical versioning 340 may handle requests for policy lookups across particular ranges of time or at particular points in time. Historical versioning 340 may access the versioned data and return the appropriate policies for the specified time(s). Hierarchy versions may be stored [store the model version] as part of organization data objects 352 in hierarchical data store 350, in some embodiments.”) controlling access to the first version of the model to prohibit access of any client except the first client; ([0034], “Provider network may also implement access management service 256 [controlling access], which may implement user authentication and access control procedures defined for different resources (e.g., instances, user accounts, data volumes, etc.) as described by policies applied to resource data objects in hierarchies at resource management service 240. For example, for a given network-based services request to access a particular compute instance, provider network 200 may implement components configured to ascertain whether the client associated with the access is authorized to configured or perform the requested task (i.e., wherein prohibit access under the broadest reasonable interpretation is interpreted as access is authorized or denied). Authorization may be determined such by, for example, evaluating an identity, password or other credential against credentials associated with the resources, or evaluating the requested access to the provider network 200 resource (i.e., wherein access to versions/updates) against an access control list for the particular resource (i.e., wherein authentication and authorization under the broadest reasonable interpretation (BRI) is interpreted as authenticate a data owner and allow authorization based on policies). For example, if a client does not have sufficient credentials to access the resource, the request may be rejected”) updating and storing a second version of the model based on the received information associated with the second data set, and ([0045], “Resource management service 240 may implement historical versioning of hierarchies in organizations, in some embodiments. Some services, such as billing service 254, may require the ability to query for historically versioned data, such as which account was the payer of the organization at the end of the previous month (as the current payer may be different due to a change to a hierarchy). In order to provide historical versions of hierarchies (including the policies applied and resource data objects arranged), historical versioning 340 [model version] may store prior versions or track or record changes to hierarchies (i.e., wherein generate a model version under the broadest reasonable interpretation (BRI) is interpreted as the historical versioning to track or record changes, which can include second version). These prior versions or changes may be associated with particular points in time (e.g., by assigning timestamps). Historical versioning 340 may handle requests for policy lookups across particular ranges of time or at particular points in time. Historical versioning 340 may access the versioned data and return the appropriate policies for the specified time(s). Hierarchy versions may be stored [store the model version] as part of organization data objects 352 in hierarchical data store 350, in some embodiments.”) controlling access to the second version of the model to prohibit access of any client except the second client; ([0034], “Provider network may also implement access management service 256 [controlling access], which may implement user authentication and access control procedures defined for different resources (e.g., instances, user accounts, data volumes, etc.) as described by policies applied to resource data objects in hierarchies at resource management service 240. For example, for a given network-based services request to access a particular compute instance, provider network 200 may implement components configured to ascertain whether the client associated with the access is authorized to configured or perform the requested task (i.e., wherein prohibit access under the broadest reasonable interpretation is interpreted as access is authorized or denied). Authorization may be determined such by, for example, evaluating an identity, password or other credential against credentials associated with the resources, or evaluating the requested access to the provider network 200 resource against an access control list for the particular resource (i.e., wherein authentication and authorization under the broadest reasonable interpretation (BRI) is interpreted as authenticate a client and allow authorization based on policies). For example, if a client does not have sufficient credentials to access the resource, the request may be rejected”) Collins and POLYCHRONIADOU are both related to the same field of endeavor (i.e., multi-party systems). In view of the teachings of Collins it would have been obvious for a person of ordinary skill in the art to apply the teachings of Collins to POLYCHRONIADOU before the effective filing date of the claimed invention in order to improve the efficiency of secure aggregated models in distributed multi-party systems (Collins, [0016], “For example, management decisions regarding various resources in a distributed system often involves defining and enforcing the permitted actions, configurations, controls or any other definition of behaviors for the system resources. Security policies, such as access rights or permitted actions for system resources, for instance, may be defined and enforced for users of the system resources. When making decisions to change the permitted actions, configurations, controls or any other definition of behaviors for the system resources in a distributed system,”) Zheng teaches: receiving at the aggregation system, from a second client, information associated with a second data set, (Section 3.1, “Federated learning enables multiple data owners to jointly solve an optimization problem which could be formulated as: min S s=1 1 S · L(w,Ds), where S is the number of data owners [client] (i.e., wherein second client), L(w,Ds) is a loss function capturing how well the parameters w (treated as a flattened vector) model the local dataset Ds. During the learning procedure, each data owner only shares a locally trained model [model set] update. The model updates (i.e., wherein model updated under the broadest reasonable interpretation (BRI) is interpreted as information for a model associated from the model set) are typically aggregated by a server and used to update the global model.”) Zheng and POLYCHRONIADOU are both related to the same field of endeavor (i.e., federated learning). In view of the teachings of Zheng it would have been obvious for a person of ordinary skill in the art to apply the teachings of Zheng to POLYCHRONIADOU before the effective filing date of the claimed invention in order to improve the efficiency of secure aggregated models in distributed multi-party systems (Zheng, Introduction, “Federated learning has rapidly emerged as a fascinating machine learning paradigm [1] which allows models to be trained on data dispersed over a number of mobile devices while each client can keep its dataset locally. Clients never share the raw datasets, and instead only periodically share model updates locally trained with their datasets, which are then aggregated by a coordinating server to produce a global model. Federated learning thus promises reaping the benefits of harnessing rich data from diverse sources to train high quality models, without clients being worried about the security and privacy risks of centralizing their raw data to a single place for training as in conventional practice.”) Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to AMINA BENOURAIDA whose telephone number is (571)272-4340. The examiner can normally be reached Monday-Friday 8:30am-5pm ET.. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Michael J. Huntley can be reached at (303) 297-4307. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /AMINA MORENO BENOURAIDA/ Examiner, Art Unit 2129 /MICHAEL J HUNTLEY/Supervisory Patent Examiner, Art Unit 2129