Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This is a reply to the application filed on 1/25/2024, in which, claims 1-20 are pending. Claims 1, 11, and 18 are independent.
When making claim amendments, the applicant is encouraged to consider the references in their entireties, including those portions that have not been cited by the examiner and their equivalents as they may most broadly and appropriately apply to any particular anticipated claim amendments.
Information Disclosure Statement
The information disclosure statement (IDS) submitted is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Drawings
The drawings filed on 1/25/2024 are accepted.
Specification
The disclosure filed on 1/25/2024 is accepted.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claim(s) 1, 11, 18 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by US 20170140174 A1 (hereinafter ‘Lacey’).
As regards claim 1, Lacey (US 20170140174 A1) discloses: A method comprising: receiving, via a first user account of a group of user accounts of a personal data sharing platform, a first request for first personal data, the first request identifying first criteria related to the requested first personal data and second criteria related to characteristics that qualify user accounts for providing the first personal data; (Lacey: Figs. 1A-4, ¶7-¶13, ¶29-¶35, ¶37, ¶48-¶49, i.e., requesting entity provides multiple criteria in the request for accessing personal data from one or more clients)
evaluating encrypted personal data associated with the group of user accounts to identify a subset of the group of user accounts that satisfy the second criteria; and (Lacey: Figs. 1A-4, ¶7-¶13, ¶29-¶35, ¶37, ¶48-¶49, i.e., server evaluates the parameters request)
sending, to the subset of user accounts, second requests for personal data that satisfies the first criteria related to the requested first personal data. (Lacey: Figs. 1A-5, ¶7-¶13, ¶29-¶37, ¶48-¶61, server forwards the request to the client or clients that satisfy the request)
Claims 11 and 18 recite substantially the same features recited in claim 1 above and are rejected based on the aforementioned rationale discussed in the rejection.
As regards claim 2, Lacey discloses the method of claim 1, wherein the first criteria identifies one or more inquires for the requested first personal data. (Lacey: Figs. 1A-5, ¶7-¶13, ¶29-¶37, ¶48-¶61, criteria identifies the personal information requested)
Claims 12 and 19 recite substantially the same features recited in claim 2 above and are rejected based on the aforementioned rationale discussed in the rejection.
As regards claim 3, Lacey discloses the method of claim 1, further comprising: prior to receiving the first request for first personal data, receiving, via the first user account, a first previous request for second personal data, the first previous request identifying third criteria related to the second personal data; (Lacey: Figs. 1A-4, ¶7-¶13, ¶29-¶35, ¶37, ¶48-¶49, ¶92, ¶116, ¶196 i.e., previously requesting entity provides multiple criteria in the request for accessing personal data from one or more clients)
sending, to a plurality of user accounts, a second previous request for personal data that satisfy the third criteria related to the requested second personal data; and (Lacey: Figs. 1A-5, ¶7-¶13, ¶29-¶37, ¶48-¶61, ¶92, ¶116, ¶196, server forwards the request to the client or clients that satisfy the request)
receiving, from among the plurality of user accounts, previous responses to the second previous request from the group of user accounts, the previous responses comprising the encrypted personal data related to the third criteria. (Lacey: Figs. 1A-5, ¶7-¶13, ¶29-¶37, ¶48-¶61, ¶92, ¶116, ¶196, server forwards the request to the client or clients that satisfy the request and receives the response from the client/clients)
Claim 13 recites substantially the same features recited in claim 3 above and is rejected based on the aforementioned rationale discussed in the rejection.
As regards claim 4, Lacey discloses the method of claim 3, further comprising, responsive to receiving the first request for the first personal data, identifying, among the plurality of user accounts, the group of user accounts that provided the responses to the second previous request for personal data. (Lacey: Figs. 1A-5, ¶7-¶13, ¶29-¶37, ¶48-¶61, ¶92, ¶116, ¶196, i.e., the previously requested data stored at the server provided by the clients)
Claim 14 recites substantially the same features recited in claim 4 above and is rejected based on the aforementioned rationale discussed in the rejection
As regards claim 5, Lacey discloses the method of claim 1, wherein: the encrypted personal data is first encrypted personal data; and (Lacey: ¶35, ¶40, i.e., the info is encrypted) the method further comprises, responsive to sending the second requests for personal data, receiving responses to the second requests from one or more user accounts of the group of user accounts, wherein: the responses comprise second encrypted personal data related to third criteria, and the second encrypted personal data comprises one or more attribute identifiers and one or more encrypted data values corresponding to the one or more attribute identifiers. (Lacey: Figs. 1A-5, ¶7-¶13, ¶29-¶37, ¶48-¶61, server forwards the request to the client or clients that satisfy the request and receives the response from the client/clients)
Claim 15 recites substantially the same features recited in claim 5 above and is rejected based on the aforementioned rationale discussed in the rejection
As regards claim 6, Lacey discloses the method of claim 1, wherein evaluating the encrypted personal data associated with the group of user accounts to identify the subset of user accounts that satisfy the second criteria is performed without decrypting the encrypted personal data. (Lacey: ¶35, ¶40, ¶144, i.e., the server cannot decrypt the encrypted information)
Claims 16 and 20 recite substantially the same features recited in claim 6 above and are rejected based on the aforementioned rationale discussed in the rejection.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claim(s) 7-10, 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lacey in view of US 20210326478 A1 (hereinafter ‘Rind’).
As regards claim 7, Lacey discloses the method of claim 6, wherein evaluating the encrypted personal data associated with the group of user accounts to identify the subset of user accounts that satisfy the second criteria comprises, for each user account of the group of user accounts: (Lacey: Figs. 1A-5, ¶7-¶13, ¶29-¶37, ¶48-¶61, server forwards the request to the client or clients that satisfy the request) identifying respective encrypted personal data comprising a dataset, the dataset comprising a plurality of encrypted data values; (Lacey: ¶35, ¶40, ¶144)
However, Lacey does not but in analogous art, Rind (US 20210326478 A1) teaches: generating one or more hash values based on the second criteria, the one or hash values corresponding to respective encrypted data values of the plurality of encrypted data values; (Rind: ¶29-¶46, i.e., generating the hash values of the encrypted values in the database) determining whether the one or more hash values and the respective encrypted data values satisfy a condition; and (Rind: ¶29-¶46, i.e., generating the hash values of the encrypted values in the database wherein there is association between the generated hash values and the stored encrypted values) responsive to determining that the one or more hash values and the respective encrypted data values satisfy the condition, associating the respective user account with the subset of user accounts. (Rind: ¶29-¶46, i.e., generating the hash values of the encrypted values in the database wherein there is association between the generated hash values and the stored encrypted values and using a hash table or merkle tree associating the stored encrypted data and hash identifiers)
Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art to modify the Lacey to include using hash identifiers to associate and identify stored encrypted information as taught by Rind with the motivation to provide secure access to encrypted data (Rind: ¶29-¶46)
Claim 17 recites substantially the same features recited in claim 7 above and is rejected based on the aforementioned rationale discussed in the rejection
As regards claim 8, Lacey et al combination discloses the method of claim 7, wherein generating the one or more hash values based on the second criteria comprises generating the one or more hash values using a hash function and data unique to the respective user account. (Rind: ¶29-¶46, i.e., using a hash function to generate the hash ids)
As regards claim 9, Lacey et al combination discloses the method of claim 7, wherein the respective encrypted data values of the plurality of encrypted data values and the one or more hash values are generated using a same hash function. (Rind: ¶29-¶46)
As regards claim 10, Lacey et al combination discloses the method of claim 7, wherein a first portion of the encrypted data values are encrypted using a hash function, and wherein a second portion of the encrypted data values are encrypted using a cryptographic key. (Rind: ¶5, ¶29-¶46, different portions of encrypted data have hash generated using different algorithms and keys)
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SYED A ZAIDI whose telephone number is (571)270-5995. The examiner can normally be reached Monday-Thursday: 5:30AM-5:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Nickerson can be reached at (469) 295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SYED A ZAIDI/Primary Examiner, Art Unit 2432