Prosecution Insights
Last updated: July 17, 2026
Application No. 18/563,655

BLOCK CHAIN BASED ASYNCHRONOUS EDGE DEVICE ACTIVATION AND CLOUD REGISTRATION

Non-Final OA §103
Filed
Nov 22, 2023
Priority
Jul 12, 2023 — nonprovisional of PCTCN2023106940
Examiner
WALIULLAH, MOHAMMED
Art Unit
2498
Tech Center
2400 — Computer Networks
Assignee
Lenovo (United States) Inc.
OA Round
1 (Non-Final)
87%
Grant Probability
Favorable
1-2
OA Rounds
0m
Est. Remaining
98%
With Interview

Examiner Intelligence

Grants 87% — above average
87%
Career Allowance Rate
632 granted / 729 resolved
+28.7% vs TC avg
Moderate +11% lift
Without
With
+11.0%
Interview Lift
resolved cases with interview
Typical timeline
2y 4m
Avg Prosecution
23 currently pending
Career history
749
Total Applications
across all art units

Statute-Specific Performance

§101
3.8%
-36.2% vs TC avg
§103
81.5%
+41.5% vs TC avg
§102
1.2%
-38.8% vs TC avg
§112
6.8%
-33.2% vs TC avg
Black line = Tech Center average estimate • Based on career data from 729 resolved cases

Office Action

§103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1, 9, 11, 17, 19 are rejected under 35 U.S.C. 103 as being unpatentable over Gunti et al(US 10242196 B2) in view of High et al(US 20180167394 A1). With regards to claim 1, Gunti discloses, A method comprising: activating an agent on a computer(server) in response to the computer(server) being powered on for activation by an end user of the computer(server) (Col 2 line 30-45; The process of securely booting computer system 100 is illustrated in a flow diagram shown in FIG. 3. Portions of FIG. 1, in particular contents of system memory 122, schematically depict the process of booting computer system 100. When computer system 100 is booted, e.g., when it is powered on or undergoes a soft restart, boot firmware stored in non-volatile memory 123 is executed. In one embodiment, boot firmware is UEFI (Unified Extensible Firmware Interface), which is a standard boot firmware for computers designed to replace BIOS, and the boot firmware has embedded therein certificates of trusted entities, e.g., UEFI certificate, and these certificates contain public keys of the trusted entities Note: UEFI Firmware as Agent activate when user power up computer. Although claim require server but normal generic computer can perform similar steps as mentioned in the claim unless claim species specific task which cannot perform by a generic computer), the agent comprising a private key, the private key paired with a public key by a manufacturer of the computer (server) (Col 13 line 30-45; In one embodiment, boot firmware is UEFI (Unified Extensible Firmware Interface), which is a standard boot firmware for computers designed to replace BIOS, and the boot firmware has embedded therein certificates of trusted entities, e.g., UEFI certificate, and these certificates contain public keys of the trusted entities Note: UFI firmware usually provided by the manufacturer/vendor and certificate public key correspond to a private key) decrypting, the activation information using the private key and using, the activation information to activate the device(server) (Col 3 line 25-45; Boot loader 149 undergoes digital signature verification at step 308 before it is launched. As explained above, the boot firmware has embedded therein certificates of trusted entities, e.g., UEFI certificate, and the certificates contain public keys of the trusted entities. The public key of one of the trusted entities, e.g., the trusted entity associated or affiliated with the vendor of boot loader 149, will be used in verifying boot loader 149. As a first step in digital signature verification, the boot firmware decrypts the digital signature (sig) that is appended to boot loader 149 using the public key. Then, the boot firmware computes a hash of boot loader 149 (using the hash algorithm specified in the certificate of the public key) and compares the computed hash with the decrypted digital signature. If the two match (step 310), boot loader 149 is deemed verified and the boot firmware launches boot loader 149 at step 312. ) Gunti does not exclusively but High teaches, the public key entered in a transaction of a ledger of a blockchain corresponding to the device(server) ([0005] A first aspect relates to a method for controlling access to a locked space, comprising: generating, by a processor of a computing system, an access code and a private key associated with the access code, the access code being used to gain access to the locked space, hashing, by the processor, the access code to obtain a hashed access code, encrypting, by the processor, the hashed access code with a public key to create a digital signature, wherein the hashed access code and the digital signature are stored on a block of a blockchain, ), the ledger comprising activation information for the device(server) ([0005]; authenticating, by the processor, a receiving device in response to a request from the receiving device to gain access to the locked space, transmitting, by the processor, the private key and the digital signature to an authenticated receiving device, instructing, by the processor, the authenticated receiving device to decrypt the digital signature using the private key to obtain the hashed access code, and transmit the hashed access code to the computing system, and unlocking, by the processor, the locked space in response to receiving the hashed access code from the receiving device ), the activation information encrypted using the public key ([0005]; encrypting, by the processor, the hashed access code with a public key to create a digital signature,); accessing the ledger by the agent ([0046]; Prior to communicating with the locking mechanism 111 to unlock the locked space, the computing system 120 may access the blockchain to confirm that the hashed access code received from the receiving device matches the hashed access code stored on the blockchain, ); It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify Gunti’s method with teaching of High in order to for controlling access to a locked space using the blockchain register(High [0002]). With regards to claim 9, 17 Gunti further discloses, wherein the agent is installed on the server by the manufacturer (Col 2 line 30-45; The process of securely booting computer system 100 is illustrated in a flow diagram shown in FIG. 3. Portions of FIG. 1, in particular contents of system memory 122, schematically depict the process of booting computer system 100. When computer system 100 is booted, e.g., when it is powered on or undergoes a soft restart, boot firmware stored in non-volatile memory 123 is executed. In one embodiment, boot firmware is UEFI (Unified Extensible Firmware Interface), which is a standard boot firmware for computers designed to replace BIOS, and the boot firmware has embedded therein certificates of trusted entities, e.g., UEFI certificate, and these certificates contain public keys of the trusted entities Note: UEFI /BIOS provided by the computer/server manufacturer). Claim 11 represent a device(server) claim corresponding to Method claim 1 comprising, “A server comprising: a processor (Gunti FIG 1 121 and associated text;) and and non-transitory computer readable storage media storing code, the code comprising an agent, the code of the agent being executable by the processor to perform operations (Gunti col 10, line 50-55;) “ , also rejected accordingly for same rational. Claim 19 represent a medium claim corresponding to Method claim 1 comprising, “A program product comprising a non-transitory computer readable storage medium storing code, the code being configured to be executable by a processor to perform operations (Gunti col 10, line 50-55;)” also rejected accordingly for same rational. Claims 2-3, 6, 10, 14, 18 are rejected under 35 U.S.C. 103 as being unpatentable over Gunti et al(US 10242196 B2) in view of High et al(US 20180167394 A1). in view of UEHARA et al(US 20190207813 A1). With regards to claim 2, Gunti in view of High do not but UEHARA discloses, wherein the activation information comprises an activation code (UEHAR [0085] The activation program may be a program file including the OS that operates on the device 4 as illustrated as a provisioning target in FIG. 29, [0026] In this manner, the device can be activated in a normal state through distribution of the activation program file at activation of the device.) and/or a cloud secret encrypted using the public key, wherein using the activation information to activate the device(server) comprises using, by the agent, the activation code to activate the device(server) (UEHARA[0085] The activation program may be a program file including the OS that operates on the device 4 as illustrated as a provisioning target in FIG. 29,), and/or using, by the agent, the cloud secret to register the server with a cloud service corresponding to the cloud secret. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify Gunti in view of High’s method with teaching of UEHARA in order to providing a valid device with valid provisioning data and preventing intrusion of an unauthorized device (UEHARA Abstract). With regards to claim 10, 18 Gunti in view of High and UAHARA teaches, further comprising adding, by the agent, a transaction in the ledger, the transaction comprising identification of the end user, information about activating the device (UAHARA [0015]; The device provisioning system includes: public key providing means configured to acquire a first public key unique to the device from a blockchain storing the first public key in association with a first trail unique to the device in response to a query using the first trail; [0026] In this manner, the device can be activated in a normal state through distribution of the activation program file at activation of the device. ), and/or server provisioning completement, wherein the agent encrypts the transaction by the agent using the public key (UAHARA [0017]; When, in an initial state in which the device is not provided with the provisioning data, the provisioning data providing means is successful in verification of validity of the device based on the device identification data transmitted from the device while an initial use private key unique to the device is stored in the secure region, and device identification data including an initial use public key corresponding to the initial use private key is stored in the normal region, the provisioning data providing means performs generation of the first private key and the first public key, acquisition of the first trail through registration of the first public key to the blockchain by the trail registration means, and transmission of initial use data including the first private key and the first trail and encrypted with the initial use public key to the device.). Motivation would be same as stated in claim 2. With regards to claim 3, Gunti in view of High and UEHARA teaches, wherein the ledger further comprises a access code(cloud configuration) encrypted using the public key(High [0045]; Step 303 encrypts the hashes access code with a public key to create a digital signature. The digital signature may be stored on the blockchain, to ensure that the hashed access code is not modified.) and wherein the access code(cloud configuration) identifies the cloud secret to be used to access(register) the server with the cloud service (High Abstract; in response to a request from the receiving device to gain access to the locked space, transmitting the private key and the digital signature to an authenticated receiving device, instructing the authenticated receiving device to decrypt the digital signature using the private key to obtain the hashed access code, and transmit the hashed access code to the computing system, and unlocking the locked space in response to receiving the hashed access code from the receiving device.). Motivation would be same as stated in claim 2. With regards to claim 6, 14 Gunti in view High and UEHARA teaches, wherein the ledger comprises two or more transactions with a first transaction added by the manufacturer (UEHARA [0069] The device provisioning system according to the present embodiment uses three roughly classified kinds of sets of a private key, a public key, and a trail obtained by registration of the public key to the blockchain 2.…. The third set includes an organization private key, an organization public key, and an organization trail uniquely prepared for each organization such as a vender that manufactures the device 4 [0107]; First at step S401, registration processing of a device trail to the blockchain 2 is performed by the device authentication server 1. The device trail is unique to each device 4 as described above, and corresponds to a device private key and a device public key unique to the device 4. FIG. 16 illustrates the process of the device trail registration processing. [0021] In a preferred embodiment of the present invention, when the provisioning data providing means checks necessity of updating the first trail and the first public key registered to the blockchain and determines that the first trail and the first public key need to be updated,), wherein each of the two or more transactions is encrypted with the public key (UEHARA [0017] In a preferred embodiment of the present invention, the device provisioning system further includes trail registration means configured to acquire the first trail through registration of the first public key to the blockchain. When, in an initial state in which the device is not provided with the provisioning data, the provisioning data providing means is successful in verification of validity of the device based on the device identification data transmitted from the device while an initial use private key unique to the device is stored in the secure region, and device identification data including an initial use public key corresponding to the initial use private key is stored in the normal region, the provisioning data providing means performs generation of the first private key and the first public key, acquisition of the first trail through registration of the first public key to the blockchain by the trail registration means, and transmission of initial use data including the first private key and the first trail and encrypted with the initial use public key to the device.)and one or more of the transactions added after the first transaction comprises information used by the agent to configure the server (High [0045]; Step 303 encrypts the hashes access code with a public key to create a digital signature. The digital signature may be stored on the blockchain,). Motivation would be same as stated in claim 2. Claims 4-5, 12-13, 20 are rejected under 35 U.S.C. 103 as being unpatentable over Gunti et al(US 10242196 B2) in view of High et al(US 20180167394 A1) and UEHARA et al(US 20190207813 A1) and further in view of and XU et al(CN 112016055 A). With regards to claim 4, Gunti in view of High and UEHARA do not but XU teaches, wherein the agent further decrypts the activation code (cloud configuration) using the private key (XU page 8, para5; when the to-be-authorized device obtains the software authorization activation code, using the private key to decrypt the software authorization activation code;) and identifies, from the activation code (cloud configuration), the activation code (cloud secret) to be used to register the server with the service (XU page 8, para10; if the private key is determined to decrypt the software authorization activation code successfully, then using the software authorization information obtained by decryption to authorize the software on the device to be authorized.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify Gunti in view of High and UEHARA’s method with teaching of XU in order to provide software authorization activation code so that the software authorization activation code can be used for activating software on different devices for many times. (XU page 1). With regards to claim 5, Gunti in view of High, UEHARA, and XU , wherein the activation information further comprises a software authorization code encrypted by the public key (High [0045]; Step 303 encrypts the hashes access code with a public key to create a digital signature. The digital signature may be stored on the blockchain, to ensure that the hashed access code is not modified.) and wherein the agent downloads software activated by the software authorization code, decrypts the software authorization code using the private key (XU page 8, para5; when the to-be-authorized device obtains the software authorization activation code, using the private key to decrypt the software authorization activation code;), and uses the software authorization code to activate the software on the server (XU page 8, para10; if the private key is determined to decrypt the software authorization activation code successfully, then using the software authorization information obtained by decryption to authorize the software on the device to be authorized.). Motivation would be same as sated in claim 4. Claim 12 is the device claim corresponding to method claims 2 and 5 combined, also rejected accordingly. Claim 13 is the device claim corresponding to method claims 3 and 4 combined, also rejected accordingly. Claim 20 is the medium claim corresponding to method claims 2 and 5 combined, also rejected accordingly. Allowable Subject Matter Claims 7-8, 15-16 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Yau et al(US 10599848 B1). Kilpatrick et al(US 20180189755 A1) Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMED WALIULLAH whose telephone number is (571)270-7987. The examiner can normally be reached 8.30 to 430 PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached at 1-571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /MOHAMMED WALIULLAH/Primary Examiner, Art Unit 2498
Read full office action

Prosecution Timeline

Nov 22, 2023
Application Filed
Mar 29, 2026
Non-Final Rejection (signed) — §103
May 12, 2026
Non-Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12683763
COMPUTER-BASED SYSTEMS CONFIGURED TO SELECT A MONITORED DATA SEGMENTATION AND METHODS OF USE THEREOF
2y 6m to grant Granted Jul 14, 2026
Patent 12682081
KEY DEPRECATION WITHOUT CERTIFICATE REVOCATION
2y 6m to grant Granted Jul 14, 2026
Patent 12682061
MALWARE ANALYSIS CONTINUATION SYSTEM AND MALWARE ANALYSIS CONTINUATION METHOD
1y 10m to grant Granted Jul 14, 2026
Patent 12671683
FINGERPRINTING PKI CERTIFICATES BI-DIRECTIONALLY
2y 8m to grant Granted Jun 30, 2026
Patent 12665763
HUB-BASED TOKEN GENERATION AND ENDPOINT SELECTION FOR SECURE CHANNEL ESTABLISHMENT
2y 8m to grant Granted Jun 23, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
87%
Grant Probability
98%
With Interview (+11.0%)
2y 4m (~0m remaining)
Median Time to Grant
Low
PTA Risk
Based on 729 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month