Identity Information Processing Method, Device, and System

§102 §103 §112

DETAILED ACTION Continued Examination Under 37 CFR 1.114 A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on January 5, 2026 has been entered. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments Claims 1-20 are currently pending. Claims 1, 7-9, and 15-16 were amended. Claim Rejections – 35 U.S.C. § 102 Applicant argues on pp. 10 of the REMARKS, filed on December 10, 2025, that “Camenisch does not disclose collective signing of multiple credential items”. Specifically, Applicant contends that [0058] and [0061] of Camenisch are directed to signing “each credential individually using the issuer’s private key” (see pg. 11 of the REMARKS). However, the Examiner respectfully disagrees. The rejection does not rely on the credential 356 itself to be the “first credential information” recited in independent claims 1, 9, and 16. Instead, the credential 356 corresponds to the obtained “first set” that comprises of user attributes (“pieces of first encrypted information”) and UIDs (“plurality of pieces of first credential information”). The credential 356 is a set of information/content, rather than a singular item. All UIDs in the credential 356 are collectively signed (“…the issuer 302 digitally signs the user's attributes 358 and the UID 360 with its private key 314 to generate a new credential 356” [Camenisch, ¶0061]). Furthermore, more than one UID can exist in the credential: “A credential 356 can contain multiple UIDs 360…” [Camenisch, ¶0060]. It is noted that the broadest reasonable interpretation (BRI) to “first credential information” is applied. Neither the specifications or claims provide an explicit definition to what “first credential information” can and/or cannot be. Hence, a unique identifier (UID) is reasonably viewed as credential information as it utilized to manage the credential itself (“…which can be used to revoke, audit and verify if the credential can be considered improperly issued” [Camenisch, ¶0060]). Thus, Camenisch teaches “collectively signing” the “plurality of pieces of first credential information”. Claim Rejections – 35 U.S.C. § 103 The arguments for claims 2, 13, and 17 rely on arguments provided to their respective parent claims 1, 9, and 16 as discussed earlier. Therefore, the above response is also applicable to the arguments for claims 2, 13, and 17. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claim 8 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claim 8 recites the limitation "the first signature information". There is insufficient antecedent basis for this limitation in the claim. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims 1, 3-12, 14-16, and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over US 2019/0020480 to Camenisch et al. (hereinafter, “Camenisch’480”) in view of US 2010/0063932 to Camenisch et al. (hereinafter, “Camenisch’932”). As per claim 1: Camenisch’480 discloses: A method implemented by a terminal device (a computer-implemented method [Camenisch’480, ¶0003]; a computer system 12 utilized by a user 304 (i.e., a “terminal device”) [Camenisch’480, ¶0058, 0080; Fig. 11]), wherein the method comprises: obtaining, from a credential issuing device, a first set corresponding to a plurality of pieces of first user information, wherein the first set comprises a first encrypted information set comprising a plurality of pieces of first encrypted information and a first credential information set comprising signature information generated by collectively signing a plurality of pieces of first credential information (“At step 362, the issuer 302 digitally signs the user's attributes 358 and the UID 360 with its private key 314 to generate a new credential 356…At step 370 the issuer 302 issues the credential 356 to the user 304.”; furthermore, each identity certificate or credentials 356 incorporate one or more user attributes that are encrypted [Camenisch’480, ¶0048, 0058, 0061; Fig. 7]; and UIDs: “A credential 356 can contain multiple UIDs 360…” [Camenisch’480, ¶0060]); selecting, based on a service requirement, a subset of the first user information as target user information of a user (a presentation policy specifies what attributes or predicates over attributes and from which credentials need to be disclosed by the user [Camenisch’480, ¶0048]); determining, based on the first encrypted information set and the first credential information set, a target verification set corresponding to target user information of a user, wherein the target verification set comprises first target user information in the plurality of pieces of first user information and first target credential information that corresponds to the target user information and that is in the plurality of pieces of first credential information (“At step 407 the user 304 generates an unlinkable presentation token 408, which is a zero-knowledge proof that the UID(s) 360 from the credential 356 is contained in the accumulator 328, i.e. was legitimately issued, and that the credential 356 was not revoked, i.e. the UID 360 is not contained in the published revocation information 342.”; the token 408 is generated in response to a service provider (SP) challenging the user for a zero-knowledge proof that one of the user’s attributes meets a required standard for access to a service [Camenisch’480, ¶0062; Fig. 8]); and providing the target verification set to a credential verification device (“Thus, at step 410 the user 304 sends to the SP 306 the token 408, which is a cryptographic proof certifying that the user fulfills all conditions, without showing the user's attributes.” [Camenisch’480, ¶0063; Fig. 8]). Camenisch’480 does not explicitly disclose the type of digital signature algorithm to sign the attributes and UID. However, Camenisch’932 discloses: using an aggregate signature algorithm (a credential is a Camenisch-Lysyanskaya signature on the credential values (c, e, s), wherein a given example aggregates two attributes in the signature [Camenisch’932, ¶0061]; in other words, multiple pieces of data can be collectively signed through a Camenisch-Lysyanskaya signature) Thus, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to try and implement any known digital signature algorithms for signing the contents of the credential in Camenisch’480. The Camenisch-Lysyanskaya was a known digital signature scheme for enabling anonymous credentials, which would have been desirable for Camenisch’480’s objective of preserving the privacy of users in a credential system. See [Camenisch’480, ¶0048]. As per claim 3: Camenisch’480 in view of Camenisch’932 disclose all limitations of claim 1. Furthermore, Camenisch’480 discloses: wherein obtaining the first set comprises initiating a data request to obtain the first set (various storage systems in the computer system 12 are available (the issued credential must be locally stored on the computer system in some inherent manner) [Camenisch’480, ¶0080]). As per claim 4: Camenisch’480 in view of Camenisch’932 disclose all limitations of claim 1. Furthermore, Camenisch’480 discloses: further comprising obtaining a second set corresponding to a plurality of pieces of second user information, wherein the second set comprises a second encrypted information set comprising a plurality of pieces of second encrypted information and a second credential information set comprising a plurality of pieces of second credential information (this limitation repeats the language of the “obtaining” step from parent claim 1, but replaces the term “first” with “second” – in other words, claim 4 can be interpreted as performing the same steps of claim 1 but for different information, i.e. “second”; [Camenisch’480, ¶0058] discloses a user 304 being able to request one or more identity credentials 356, each incorporating one or more user attributes 358, from the issuer 302; therefore, a “second set”, or the credentials 356, is obtainable with “a second…information set”, or the user attributes 358 and assigned UIDs [Camenisch’480, ¶0060-0061]). As per claim 5: Camenisch’480 in view of Camenisch’932 disclose all limitations of claim 4. Furthermore, Camenisch’480 discloses: further comprising determining, based on the second encrypted information set and the second credential information set, the target verification set, wherein the target verification set comprises second target user information in the plurality of pieces of second user information and second target credential information that corresponds to the second target user information and that is in the plurality of pieces of second credential information (this limitation repeats the language of the “determining” step from claim 1 in similar nature to claim 4 with the “obtaining” step; therefore the response in claim 4 is also incorporated herein; furthermore, the service provider has a presentation policy that specifies what attributes and from which credentials need to be disclosed by the user (to gain access to a service) [Camenisch’480, ¶0048]; when generating the presentation token 408 (“target verification set”), a zero-knowledge proof of the required user’s attributes is performed [Camenisch’480, ¶0062-0063]). As per claim 6: Camenisch’480 in view of Camenisch’932 disclose all limitations of claim 4. Furthermore, Camenisch’480 discloses: wherein determining the target verification set comprises determining, based on the first encrypted information set, the first credential information set, the second encrypted information set, and the second credential information set, the target verification set, and wherein the target verification set comprises the first target user information, the second target user information, the first target credential information, and the second target credential information (the service provider has a presentation policy “specifying what attributes or predicates over attributes and from which credentials need to be disclosed by the user” (i.e., the “first” and “second” sets) to gain access to a service [Camenisch’480, ¶0048]; when generating the presentation token 408 (“target verification set”), a zero-knowledge proof of the required user’s attributes is performed [Camenisch’480, ¶0062-0063]). As per claim 7: Camenisch’480 in view of Camenisch’932 disclose all limitations of claim 1. The motivation for incorporating Camenisch’932 in claim 1 is also applicable in claim 7. Therefore, Camenisch’932 discloses: wherein the aggregate signature algorithm comprises a camenisch-lysyanskaya (C-L) signature algorithm (a credential is a Camenisch-Lysyanskaya signature [Camenisch’932, ¶0061]). As per claim 8: Camenisch’480 in view of Camenisch’932 disclose all limitations of claim 7. Furthermore, Camenisch’480 discloses: further comprising providing the first credential information set and the first signature information to the credential verification device (“…the user 304 generates the token 408 by encrypting the UID 360 under the auditor's public key 331 and proving to the SP 306 in zero-knowledge that the encrypted UID 360 is signed inside the credential 356... Thus, at step 410 the user 304 sends to the SP 306 the token 408, which is a cryptographic proof certifying that the user fulfills all conditions, without showing the user's attributes.” [Camenisch’480, ¶0062-0063). As per claim 9: Claim 9 is different from overall scope from claim 1. Claim 9 is directed to a terminal device performing a method corresponding to the method recited in claim 1. Therefore, the response provided for claim 1 (the user operating a computer system as the “terminal device”) is also applicable to claim 9. As per claim 10: Claim 10 incorporates all limitations of claim 9 and is a terminal device performing a method corresponding to the method recited in claim 4. Therefore, the response provided for claims 4 and 9 are applicable to claim 10. As per claim 11: Claim 11 incorporates all limitations of claim 10 and is a terminal device performing a method corresponding to the method recited in claim 5. Therefore, the response provided for claims 5 and 10 are applicable to claim 11. As per claim 12: Claim 12 incorporates all limitations of claim 10 and is a terminal device performing a method corresponding to the method recited in claim 6. Therefore, the response provided for claims 6 and 10 are applicable to claim 12. As per claim 14: Claim 14 incorporates all limitations of claim 9 and is a terminal device performing a method corresponding to the method recited in claim 3. Therefore, the response provided for claims 3 and 9 are applicable to claim 14. As per claim 15: Claim 15 incorporates all limitations of claim 9 and is a terminal device performing a method corresponding to the method recited in claim 7. Therefore, the response provided for claims 7 and 9 are applicable to claim 15. As per claim 16: Claim 16 is different from overall scope from claim 1. Claim 16 is directed to a computer program product comprising computer-executable instructions corresponding to the method recited in claim 1. Therefore, the response provided for claim 1 is also applicable to claim 16. As per claim 18: Claim 18 incorporates all limitations of claim 16 and is a computer program product comprising computer-executable instructions corresponding to the method recited in claim 3. Therefore, the response provided for claims 3 and 16 are applicable to claim 18. As per claim 19: Claim 19 incorporates all limitations of claim 16 and is a computer program product comprising computer-executable instructions corresponding to the method recited in claim 4. Therefore, the response provided for claims 4 and 16 are applicable to claim 19. As per claim 20: Claim 20 incorporates all limitations of claim 19 and is a computer program product comprising computer-executable instructions corresponding to the method recited in claim 5. Therefore, the response provided for claims 5 and 19 are applicable to claim 20. Claim 2, 13, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Camenisch’480 in view of Camenisch’932 and in further view of US 2019/0036932 to Bathen et al. (hereinafter, “Bathen”). As per claim 2: Camenisch’480 in view of Camenisch’932 disclose all limitations of claim 1. Camenisch’480 and Camenisch’932 do not explicitly disclose but Bathen discloses: wherein obtaining the first set comprises obtaining, using a first blockchain node corresponding to the terminal device, the first set from a second blockchain node corresponding to the credential issuing device (blockchain peer nodes participate in blockchain transactions [Bathen, ¶0026]; credential can be stored and retrieved from the blockchain by the peers [Bathen, ¶0028]). Thus, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to issue the credentials in Camenisch’480 into a node of a blockchain. The user would have retrieved the credentials when making access attempts to the service provider. A blockchain has advantages of being highly available, having high fault tolerance, and high redundancy [Bathen, ¶0020]. Furthermore, [Camenisch’480, ¶0051] even discloses the use of a blockchain for implementing a tamperproof log for establishing trust, thereby providing further motivation to implement the blockchain for other uses in Camenisch’480. As per claim 13: Claim 13 incorporates all limitations of claim 9 and is a terminal device performing a method corresponding to the method recited in claim 2. Therefore, the response provided for claims 2 and 9 are applicable to claim 13. As per claim 17: Claim 17 incorporates all limitations of claim 16 and is a computer program product comprising computer-executable instructions corresponding to the method recited in claim 2. Therefore, the response provided for claims 2 and 16 are applicable to claim 17. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Camenisch J, Groß T. Efficient attributes for anonymous credentials. ACM Transactions on Information and System Security (TISSEC). 2012 Mar 1; 15(1):1-30. (Discloses an extension of the Camenisch-Lysyanskaya anonymous credential system. See Abstract.) Camenisch J, Lysyanskaya A. A Signature Scheme with Efficient Protocols. SCN 2002, LNCS 2576, pp. 268-289. 2003. (Discloses the original Camenisch-Lysyanskaya digital signature scheme. See Abstract.) Any inquiry concerning this communication or earlier communications from the examiner should be directed to ROBERT B LEUNG whose telephone number is (571)270-1453. The examiner can normally be reached Mon - Thurs: 10am-7pm ET. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG KIM can be reached at 571-272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /ROBERT B LEUNG/Primary Examiner, Art Unit 2494