Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is in response to the amendment filed on 08/25/2025.
Claims 1, 8 and 15 have been amended.
Claims 1-20 are pending.
Response to Arguments
Applicant’s arguments with respect to the 35 U.S.C 103 rejection(s) have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of Vrancken et al. (US 9077707) in view of Loughlin-Mchugh et al. WO 2016/193156.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claim(s) 1-3, 6-10, 13-17, and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Simu et al. (US-20220210061-A1) in view of Vrancken et a. (US 9077707), hereinafter Vrancken and in view of Loughlin-Mchugh et al. (WO 2016/193156), hereinafter Loughlin.
In regards to claim 1, Simu teaches a system comprising: a memory storing program instructions; and a processor in communication with the memory, the processor being configured to execute the program instructions to perform processes comprising:
receiving digital content from a first user (Simu: A content object structure or structures can be generated as part of ingesting media or any source data.[Para 70] .) ;
verifying that the first user is an owner of the digital content (Simu: This execution against the smart contract associated with the content object/derivative can involve verifying the requesting user's ownership of the digital instrument, such as verifying the user's ownership of the digital instrument on the blockchain.[Para 56]) ;
generating, based upon a request by the first user, a first proxy for a portion of the digital content granting access to the portion of the digital content to a second user (Simu: Access to the digital content may involve transferring ownership of the digital content to a second user. Additionally or alternatively, access may sometimes involve creating a second digital instrument as a unique representation of a derivative of the digital content. Additionally or alternatively, providing the client with access may include providing the client with the capability to decrypt the digital content, which can be stored encrypted on the content fabric. In some implementations, the encrypted content is re-encrypted by the content fabric in connection with access by the client, for example, through proxy re-encryption [Para 10].) ;
However, Simu does not explicitly disclose generating, based upon a request by the second user and an identification of the second user, a second proxy linked to an identification of the second user, granting access to a third user.
However, Vrancken, in a similar field of endeavor, discloses generating, based upon a request by the second user and an identification of the second user, [[a second proxy linked to an identification of the second user]], granting access to a third user (col. 1, line 65-col. 2, line 22, col. 7, line 51-col 66, line 19, the delegate token is generated with the help of the owner of the private digital content and is used to speak for the owner of the content. The obtaining of a delegate token by the content management server comprises for example: obtaining a first token T1 from the content server; requesting the owner to authorize the first token; receiving an authorized first token; requesting to replace the authorized first token with a second token T2 through the content server, wherein said second token T2 forms the delegate token. The first token will typically be a so-called request token which is a value used by a client (here the content management server) to obtain authorization from the owner, and which can be exchanged for a second token typically called an access token being a value used by the client (the content management server) to gain access to the protected content on behalf of the owner, instead of using the owner's content server's credentials… sending a request for exchanging the delegate token for a client access token T3 to the content server; receiving the access token T3; and forwarding the access token T3 to the client).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the decentralized content fabric system of Sumi to include the delegated/proxy access granting of Vrancken. The motivation to do so would be to provide a system for sharing private content which is convenient for the owner of the private content and yet provides sufficient security (col. 1, lines 25-26, Vrancken)
Sumi in view of Vrancken does not explicitly disclose, however, Loughlin, in a similar field of endeavor, discloses generating, based upon a request by the second user and an identification of the second user, a second proxy linked to an identification of the second user, granting access to a third user (page 4, line 28- page 5, line 29, page 26, lines 3-31, first proxy identifier and second proxy identifier and the link in the at least one profile of the asset may be a link to a version of the participating entity's profile in the digital identity system. E.g. the digital identity system may comprise a publication module configured to publish the participating entity's profile by storing a copy of it to an addressable memory location, the link in the at least one profile of the asset being a link to the addressable memory location. Multiple temporal sequences of profiles may be stored in the electronic storage, each representing a chain of transfers (e.g. ownership) of a different asset… associate the profiles p(t,1 ), p(t,0) so that they constitute an ordered sequence…the labeller generates a labels L(t,1 ) for each of the new profiles p(t,1 ), which is attached to that new profile p(t,1 )… each time such a ticket transfer notification, identifying the ticket and a new owner thereof, thee new profiles p(t,n) are created. The new profile p(t,n) is associated with the next most recent profile p(t,n-1 ) of the same type i.e. the new seller (t=2) profile with the next most recent seller profile)
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the decentralized content fabric system of Sumi in view of Vrancken to include the linking of identification of delegated/proxy access granting of Loughlin. The motivation to do so would be to provide tracking asset transfers, particularly multiple asset transfers that might occur over time by creating a new profile comprising an identifier of the respective participating entity (page 1, lines 20-35, Loughlin).
In regards to claim 2, the combination of Simu and Vrancken and Loughlin teach the system of claim 1, wherein the memory stores further program instructions, and wherein the processor is configured to execute the further program instructions to perform the processes further comprising: validating through a chain of trust a right of the second user to generate a proxy (Simu: Ownership of content on the blockchain, once proven, can be used to directly authorize access to, or transfer of ownership of, content or its derivatives, e.g., from a content publisher to an end user.[Para 52].) .
In regards to claim 3, the combination of Simu and Vrancken and Loughlin teach the system of claim 1, wherein each proxy is configured to grant access to multiple users (Vrancken, col. 1, line 65-col. 2, line 22, col. 7, line 51-col 66, line 19, the delegate token is generated with the help of the owner of the private digital content and is used to speak for the owner of the content. The obtaining of a delegate token by the content management server comprises for example: obtaining a first token T1 from the content server; requesting the owner to authorize the first token; receiving an authorized first token; requesting to replace the authorized first token with a second token T2 through the content server, wherein said second token T2 forms the delegate token. The first token will typically be a so-called request token which is a value used by a client (here the content management server) to obtain authorization from the owner). The same motivation as claim 1 above applies.
In regards to claim 6, the combination of Simu and Vrancken and Loughlin teach the system of claim 1, wherein the memory stores further program instructions, and wherein the processor is configured to execute the further program instructions to perform the processes further comprising: generating, based upon a request by the third user, a third proxy granting access to a fourth user (Vrancken, col. 1, line 65-col. 2, line 22, col. 7, line 51-col 66, line 19, the delegate token is generated with the help of the owner of the private digital content and is used to speak for the owner of the content. The obtaining of a delegate token by the content management server comprises for example: obtaining a first token T1 from the content server; requesting the owner to authorize the first token; receiving an authorized first token; requesting to replace the authorized first token with a second token T2 through the content server, wherein said second token T2 forms the delegate token. The first token will typically be a so-called request token which is a value used by a client (here the content management server) to obtain authorization from the owner). The same motivation as claim 1 above applies.
In regards to claim 7, the combination of Simu and Vrancken and Loughlin teach the system of claim 1, wherein the memory stores further program instructions, and wherein the processor is configured to execute the further program instructions to perform the processes further comprising: storing one or more data requests facilitated by the first proxy on an immutable ledger of a blockchain network (Simu: The access request is processed by the content fabric, using a blockchain smart contract in the content object and one or more policies of the blockchain smart contract.[Para 54], and the access history can be recorded in the ledger.[Para 68] ).
In regards to claim 8, Simu teaches a computer program product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions executable by a processor to cause the processor to perform a method, the method comprising:
receiving digital content from a first user (Simu: A content object structure or structures can be generated as part of ingesting media or any source data.[Para 70] .) ;
verifying that the first user is an owner of the digital content (Simu: This execution against the smart contract associated with the content object/derivative can involve verifying the requesting user's ownership of the digital instrument, such as verifying the user's ownership of the digital instrument on the blockchain.[Para 56]) ;
generating, based upon a request by the first user, a first proxy for a portion of the digital content granting access to the portion of the digital content to a second user (Simu: Access to the digital content may involve transferring ownership of the digital content to a second user. Additionally or alternatively, access may sometimes involve creating a second digital instrument as a unique representation of a derivative of the digital content. Additionally or alternatively, providing the client with access may include providing the client with the capability to decrypt the digital content, which can be stored encrypted on the content fabric. In some implementations, the encrypted content is re-encrypted by the content fabric in connection with access by the client, for example, through proxy re-encryption [Para 10].) ;
However, Simu does not explicitly disclose generating, based upon a request by the second user and an identification of the second user, a second proxy linked to an identification of the second user, granting access to a third user.
However, Vrancken, in a similar field of endeavor, discloses generating, based upon a request by the second user and an identification of the second user, [[a second proxy linked to an identification of the second user]], granting access to a third user. (Col. 1, line 65-col. 2, line 22, col. 7, line 51-col 66, line 19, the delegate token is generated with the help of the owner of the private digital content and is used to speak for the owner of the content. The obtaining of a delegate token by the content management server comprises for example: obtaining a first token T1 from the content server; requesting the owner to authorize the first token; receiving an authorized first token; requesting to replace the authorized first token with a second token T2 through the content server, wherein said second token T2 forms the delegate token. The first token will typically be a so-called request token which is a value used by a client (here the content management server) to obtain authorization from the owner, and which can be exchanged for a second token typically called an access token being a value used by the client (the content management server) to gain access to the protected content on behalf of the owner, instead of using the owner's content server's credentials… sending a request for exchanging the delegate token for a client access token T3 to the content server; receiving the access token T3; and forwarding the access token T3 to the client).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the decentralized content fabric system of Sumi to include the delegated/proxy access granting of Vrancken. The motivation to do so would be to provide a system for sharing private content which is convenient for the owner of the private content and yet provides sufficient security (col. 1, lines 25-26, Vrancken)
Sumi in view of Vrancken does not explicitly disclose, however, Loughlin, in a similar field of endeavor, discloses generating, based upon a request by the second user and an identification of the second user, a second proxy linked to an identification of the second user, granting access to a third user (page 5, lines 15-29, page 26, lines 3-31, the link in the at least one profile of the asset may be a link to a version of the participating entity's profile in the digital identity system. E.g. the digital identity system may comprise a publication module configured to publish the participating entity's profile by storing a copy of it to an addressable memory location, the link in the at least one profile of the asset being a link to the addressable memory location. Multiple temporal sequences of profiles may be stored in the electronic storage, each representing a chain of transfers (e.g. ownership) of a different asset… associate the profiles p(t,1 ), p(t,0) so that they constitute an ordered sequence…the labeller generates a labels L(t,1 ) for each of the new profiles p(t,1 ), which is attached to that new profile p(t,1 )… each time such a ticket transfer notification, identifying the ticket and a new owner thereof, thee new profiles p(t,n) are created. The new profile p(t,n) is associated with the next most recent profile p(t,n-1 ) of the same type i.e. the new seller (t=2) profile with the next most recent seller profile)
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the decentralized content fabric system of Sumi in view of Vrancken to include the linking of identification of delegated/proxy access granting of Loughlin. The motivation to do so would be to provide tracking asset transfers, particularly multiple asset transfers that might occur over time by creating a new profile comprising an identifier of the respective participating entity (page 1, lines 20-35, Loughlin).
In regards to claim 15, Simu teaches a method comprising, using a processor:
receiving digital content from a first user (Simu: A content object structure or structures can be generated as part of ingesting media or any source data.[Para 70] .) ;
verifying that the first user is an owner of the digital content (Simu: This execution against the smart contract associated with the content object/derivative can involve verifying the requesting user's ownership of the digital instrument, such as verifying the user's ownership of the digital instrument on the blockchain.[Para 56]) ;
generating, based upon a request by the first user, a first proxy for a portion of the digital content granting access to the portion of the digital content to a second user (Simu: Access to the digital content may involve transferring ownership of the digital content to a second user. Additionally or alternatively, access may sometimes involve creating a second digital instrument as a unique representation of a derivative of the digital content. Additionally or alternatively, providing the client with access may include providing the client with the capability to decrypt the digital content, which can be stored encrypted on the content fabric. In some implementations, the encrypted content is re-encrypted by the content fabric in connection with access by the client, for example, through proxy re-encryption [Para 10].) ;
However, Simu does not explicitly disclose generating, based upon a request by the second user and an identification of the second user, a second proxy linked to an identification of the second user, granting access to a third user.
However, Vrancken, in a similar field of endeavor, discloses generating, based upon a request by the second user and an identification of the second user, [[a second proxy linked to an identification of the second user]], granting access to a third user. (col. 1, line 65-col. 2, line 22, col. 7, line 51-col 66, line 19, the delegate token is generated with the help of the owner of the private digital content and is used to speak for the owner of the content. The obtaining of a delegate token by the content management server comprises for example: obtaining a first token T1 from the content server; requesting the owner to authorize the first token; receiving an authorized first token; requesting to replace the authorized first token with a second token T2 through the content server, wherein said second token T2 forms the delegate token. The first token will typically be a so-called request token which is a value used by a client (here the content management server) to obtain authorization from the owner, and which can be exchanged for a second token typically called an access token being a value used by the client (the content management server) to gain access to the protected content on behalf of the owner, instead of using the owner's content server's credentials… sending a request for exchanging the delegate token for a client access token T3 to the content server; receiving the access token T3; and forwarding the access token T3 to the client).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the decentralized content fabric system of Sumi to include the delegated/proxy access granting of Vrancken. The motivation to do so would be to provide a system for sharing private content which is convenient for the owner of the private content and yet provides sufficient security (col. 1, lines 25-26, Vrancken)
Sumi in view of Vrancken does not explicitly disclose, however, Loughlin, in a similar field of endeavor, discloses generating, based upon a request by the second user and an identification of the second user, a second proxy linked to an identification of the second user, granting access to a third user (page 5, lines 15-29, page 26, lines 3-31, the link in the at least one profile of the asset may be a link to a version of the participating entity's profile in the digital identity system. E.g. the digital identity system may comprise a publication module configured to publish the participating entity's profile by storing a copy of it to an addressable memory location, the link in the at least one profile of the asset being a link to the addressable memory location. Multiple temporal sequences of profiles may be stored in the electronic storage, each representing a chain of transfers (e.g. ownership) of a different asset… associate the profiles p(t,1 ), p(t,0) so that they constitute an ordered sequence…the labeller generates a labels L(t,1 ) for each of the new profiles p(t,1 ), which is attached to that new profile p(t,1 )… each time such a ticket transfer notification, identifying the ticket and a new owner thereof, thee new profiles p(t,n) are created. The new profile p(t,n) is associated with the next most recent profile p(t,n-1 ) of the same type i.e. the new seller (t=2) profile with the next most recent seller profile)
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the decentralized content fabric system of Sumi in view of Vrancken to include the linking of identification of delegated/proxy access granting of Loughlin. The motivation to do so would be to provide tracking asset transfers, particularly multiple asset transfers that might occur over time by creating a new profile comprising an identifier of the respective participating entity (page 1, lines 20-35, Loughlin).
In regards to claim 9 and claim 16, the claims recite analogous subject matter to claim 2 and is therefore rejected based on the same rationale cited for claim 2 above.
In regards to claim 10 and claim 17, the claims recite analogous subject matter to claim 3 and is therefore rejected based on the same rationale cited for claim 3 above.
In regards to claim 13 and claim 20, the claims recite analogous subject matter to claim 6 and is therefore rejected based on the same rationale cited for claim 6 above.
In regards to claim 14, the claim recite analogous subject matter to claim 7 and is therefore rejected based on the same rationale cited for claim 7 above.
Claim(s) 4-5, 11-12, and 18-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Simu et al. (US-20220210061-A1) in view of Vrancken et a. (US 9077707), hereinafter Vrancken in view of Loughlin-Mchugh et al. WO 2016/193156, hereinafter Loughlin as applied to claims 1,8, and 15 above, and further in view of Lin et al. ("A Secure Fine-Grained Access Control Mechanism for Networked Storage Systems"; hereafter Lin ).
In regards to claim 4, the combination of Simu and Vrancken and Loughlin the wherein multiple proxies are configured to be generated at each chain level for the digital content (Vrancken, col. 1, line 65-col. 2, line 22, col. 7, line 51-col 66, line 19, the delegate token is generated with the help of the owner of the private digital content and is used to speak for the owner of the content. (col. 1, line 65-col. 2, line 22, col. 7, line 51-col 66, line 19, the delegate token is generated with the help of the owner of the private digital content and is used to speak for the owner of the content).
But the combination of the combination of Simu and Vrancken and Loughlin does not explicitly teach … each proxy is configured to be directed to only grant access to a part of the digital content.
However, Lin, in a similar field of endeavor, discloses a secure fine-grained access control mechanism that teaches… each proxy is configured to be directed to only grant access to a part of the digital content (Lin: When Ui wants to grant the reading permission to another user Ux, the granting pattern can be a file or a directory of files by a single proxy key. In the example in Fig. 6, Ui grants the reading permission of File 3 and Directory 2 to Uy and Ux, respectively. To grant the reading permission of File 3 to Uy, Ui computes and sends the proxy key PRK(i→y)3 to the storage server. Similarly, Ui can grant the reading permission of files in Directory 2 to Ux by generating the proxy key PRK(i→x)2.[Page 230]. Examiner asserts that the proxy keys are each tied to a specific file or directory, therefore each proxy grants access to only the designated file or directory.)
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the combination of Sumi and Vrancken and Loughlin with the system on Lin. The motivation to do so would be to enhance the security of the distributing digital content by allowing granular enforcement of the delegated rights to access the digital content.
In regards to claim 11 and claim 18, the claims recite analogous subject matter to claim 4 and is therefore rejected based on the same rationale cited for claim 4 above.
In regards to claim 5, the combination of Simu and Vrancken and Loughlin, and Lin teach the system of claim 4, wherein the first proxy is directed to a first part of the digital content, and the second proxy is directed to a second part of the digital content which is a subset of the first part (Lin: When Ui wants to grant the reading permission to another user Ux, the granting pattern can be a file or a directory of files by a single proxy key. In the example in Fig. 6, Ui grants the reading permission of File 3 and Directory 2 to Uy and Ux, respectively. To grant the reading permission of File 3 to Uy, Ui computes and sends the proxy key PRK(i→y)3 to the storage server. Similarly, Ui can grant the reading permission of files in Directory 2 to Ux by generating the proxy key PRK(i→x)2.[Page 230]) . This claim is rejected based on the same rationale as claim 4 above.
In regards to claim 12 and claim 19, the claims recite analogous subject matter to claim 5 and is therefore rejected based on the same rationale cited for claim 5 above.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Kennon et al. (US 20140365581) directed to system creates for members, capturing, creating, sharing and responding to each other interactively in any communication format, at any time, in any place and for any reason.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Shewaye Gelagay whose telephone number is (571)272-4219. The examiner can normally be reached Monday to Friday 8 A.M. - 4 P.M..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amy C. Johnson can be reached at (571) 272-2238. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300..
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SHEWAYE GELAGAY/ Supervisory Patent Examiner, Art Unit 2436