METHOD AND APPARATUS FOR GENERATING CERTIFIED USER DATA

§101 §103

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Detail action Claims 1, 3, 5, 6, 10-12, 15 and 17-24 are pending and being considered. Claims 1, 3, 5, 6, 10-12, 15, 17 and 18 are amended. Claims 2, 4, 7-9, 13-14 and 16 have been cancelled. Claims 19-24 have been newly added. Priority Receipt is acknowledged of certified copies of papers required by 37 CFR 1.55 claiming foreign priority of 01/10/2022 based on EP22150766.8. Specification The specification filed on July 10, 2024 is accepted. Drawings The drawings filed on July 10, 2024 are accepted. Information Disclosure Statement The information disclosure statement (IDS) submitted on 09/09/2024 and 11/12/2024 was filed after the mailing date of the application no. 18/727/954 on 07/10/2024. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Claim Objections Claims 1, 3, 110 and 17-20 objected to because of the following informalities: Claims 1 recites “the generation of certified user data” should read as “ Claim 1 recites “associating….the verified user data” there is potential antecedent issue with the term “the verified user data” to address the issue, the examiner suggests to amend the previous limitation to read as “verifying….user data to determine a verified user data…….” Claim 1 recites “creating ….the authenticated certificate to be modified ” the term “to be modified” is not an active step in the claim therefore, proper weight can not be given for the above term. The examiner suggests to clarify/amend the above limitation such that it recites an active step of “modifying” the certificate. Claim 1 recites “providing …….the authenticated certificate for the generation of the certified user data”, the claim fails to positively recite “generating” certified user data based on the authenticated certificate. The examiner suggests to clarify/amend the above limitation such that it recites an active step of “generating” the certified user data. Claim 1 recites “wherein the modifiable portion is re-randomizable such that when re-randomized” the claim fails to positively recite “re-randomizing” the modifiable portion of the certificate. The examiner suggests to clarify/amend the above limitation such that it recites an active step of “re-randomizing” the modifiable portion of the certificate. Claim 3 recites “….re-randomizable portion of the created authenticated certificate…..” should read as “….-randomizable portion of the Claim 10 recites “A computer-implemented method of characterizing an unknown user from certified user data, wherein the certified user data has been generated by re-randomising a re-randomizable portion of an authenticated certificate, wherein the certified user data comprises a re-randomized portion of the authenticated certificate, the re-randomized portion comprising a first set of data that has been encrypted using a public key of one or more trustee systems, the authenticated certificate and certified user data further comprising an identifier of an associating entity, the first set of data having been associated with verified user data by the associating entity prior to re-randomization, the method comprising the steps of” the examiner notes that the above underlined steps of the claims are recited within the preamble of the claim. In order to give proper weight to the above highlighted steps, the examiner suggests that these steps should be recited in the body of the claim. Claim 10 recites steps of “providing, to one or more trustee systems, an indication of the certified user data; decrypting, by the one or more trustee systems, the re-randomized portion using a private key of the one or more trustee systems to obtain the first set of data; receiving, from the one or more trustee systems, the first set of data; providing, to the associating entity, the first set of data; and receiving, from the associating entity, verified user data comprising personal information of the unknown user” it appears that the above steps in the claims are not in proper sequence/order. For example, the last step in the claim recites “receiving, from the associating entity, verified user data comprising personal information of the unknown user”. Since the trusted system already decrypts the re-randomized portion to obtain the first set of data, therefore, it is unclear what is the purpose of the trusted system receiving personal information of the user from the associating entity. Claims 17-20 are neither proper independent claims nor proper dependent claims. Claims 17 and 19 calls for “a computer readable medium” being dependent on method claims 1 and 10 respectively. Claims 18 and 20 calls for “a processor” being dependent on claims 1 and 10 respectively. It’s unclear whether the claims should be treated as independent claims as being directed towards “computer readable medium” and “processor” or should be treated as dependent claims as being dependent on method claim 1 and 10. For examination purpose the claims are treated as dependent claims. Applicant may cancel the claim(s), amend the claim(s) to place the claim(s) in proper dependent form, rewrite the claim(s) in independent form, or present a sufficient showing that the dependent claim(s) complies with the statutory requirements. Appropriate correction is required. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 17 and 19 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. Claims 17 and 19 recites “a computer-readable medium”. The specification does not explicitly exclude transitory/propagated medium from the claimed computer readable medium. Broadly interpreted, a “computer-readable medium” can be any means that includes propagate and transmission signals, which are non-eligible subject matter under 35 U.S.C. 101. Therefore, the claims 17 and 19 are directed to non-statutory subject matter. The Examiner respectfully suggests that the claims be amended to “A non-transitory computer readable storage medium” to make the claims statutory under 35 USC 101. Claims 18 and 20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claims recite a “processor” for executing method. The examiner notes that the term “processor” lacks sufficient structure for performing the method. The examiner suggests that the claim should read as “a device comprising a memory and processor” for executing method. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1, 4, 6, 12, 14, 17 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Sherman et al (hereinafter Sherman) (SPICE—Simple privacy-preserving identity-management for cloud environment “2012” NPL) in view of Stefan et al (hereinafter Stefan) (Revocable Anonymity “2006” NPL). Regarding claim 1 Sherman teaches a computer-implemented method of providing an authenticated certificate to be modified by a user in the generation of certified user data, the method comprising the steps of (Sherman on [page 530 2nd para] teaches method of applying randomization to the signatures (which acts as the certificates in our DIM system) to make them look different (i.e., modified) are known to be re-randomization. See also on [section 3.1] creating an authentication certificate); verifying, by an associating entity, user data, wherein the user data comprises personal information of the user (Sherman on [page 529 2nd para] teaches source CSP verifying the user credentials (i.e., user personal information/identities). See also on Fig 2 [page 535] re-randomization of certificate/signature having personal information of the user); associating, by the associating entity, the verified user data with a first set of data (Sherman on [page 536 section 4.2] teaches each members identities (i.e., verified user data) are mapped (i.e., associating by the system) to integer ID (i.e., first set of data) a unique value which will be stored); storing, by the associating entity, the association between the first set of data and the verified user data (Sherman on [page 536 section 4.2] teaches each members identities are mapped to integer ID a unique value which will be stored); creating, by the associating entity, the authenticated certificate to be modified in the generation of the certified user data (Sherman on [page 532 section 3.1] teaches generating an authentication certificate. See also on [page 538 and 539 section 5.1] teaches the registrar is third-party which generates source certificate for each user based on user’s credentials and re-randomizing the certificate i.e., authenticated certificate to be modified); wherein the authenticated certificate comprises a modifiable portion including an indication of the first set of data (Sherman on [page 530 para 2 and page 535 section 4.1] teaches re-randomization of the signature which act as certificate. See also on [page 533 section 3.3] teaches adding two algorithms: randomization algorithm (GS.Rand), and hiding algorithm (GS.Hide) to make the signature re-randomizable (i.e., modifiable portion of signature in view of [page 3 line 3-5] which discloses modification is a re-randomization) and some blocks (i.e., indicating certificate having plurality of portions) of the signatures can be hidden (sanitized i.e., equivalent to unmodifiable portion of certificate)); and providing, by the associating entity, the authenticated certificate for the generation of the certified user data, wherein the modifiable portion is re-randomizable such that, when re-randomized, the authenticated certificate can no longer be associated with the verified user data (Sherman on [page 530 para 2 and page 535 section 4.1] teaches re-randomization of the signature which act as certificate. See also on [page 533 section 3.3] teaches adding two algorithms: randomization algorithm (GS.Rand), and hiding algorithm (GS.Hide) to make the signature re-randomizable (i.e., modifiable portion of signature in view of [page 3 line 3-5] which discloses modification is a re-randomization) and some blocks (i.e., indicating certificate having plurality of portions) of the signatures can be hidden (sanitized i.e., equivalent to unmodifiable portion of certificate). Further teaches the re-randomizable property prevents the certificates from the same user from being linked. See also on [page 539 section 5.1] teaches when a user receives the authentication request, the functions GS.Rand and GS.Hide will be used to randomize and sanitize a certificate. The user uploads the randomized certificate to source CSP through web browser. The source CSP uses function GS.Ver’ to authenticate the certificate. If successful, source CSP provides the service to user); Sherman fails to explicitly teach encrypting the first data using public key, however Stefan from analogous art teaches wherein the method further comprises the step of encrypting the first set of data using a public key of a trustee system to form an encrypted first set of data, and wherein the encrypted first set of data forms the indication of the first set of data (Stefan on [page 212 line 1-5 and page 213 step 2-8] teaches encrypting identity information using public key). Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Stefan into the teaching of Sherman by encrypting data in certificate using public key. One would be motivated to do so in order to protect identity of the user from being exposed to unauthorized entity by encrypting the identity information within the authenticated certificate using public key (Stefan [abstract]). Regarding claim 3 the combination of Sherman and Stefan teaches all the limitations of claims 1 above, Stefan further teaches wherein the re-randomizable portion of the created authenticated certificate comprises an identifier of the entity creating the authenticated certificate (Stefan on [page 212, last 2 lines and page 213 steps 2-8] teaches self-signed certificate includes address ID of the user who created the certificate, user selects random pseudonym Y and contacts third party I for blinded signature on data containing the address ID, SIGid and (Y, ID)). The motivation for combining is same as set for the above in claim 1. Regarding claim 5 the combination of Sherman and Stefan teaches all the limitations of claims 1 above, Sherman further teaches further comprising the step of re-randomizing the re-randomizable portion of the authenticated certificate to generate the certified user data (Sherman on [page 530 para 2 and page 535 section 4.1] teaches re-randomization of the signature which act as certificate. See also on [page 533 section 3.3] teaches adding two algorithms: randomization algorithm (GS.Rand), and hiding algorithm (GS.Hide) to make the signature re-randomizable (i.e., modifiable portion of signature in view of [page 3 line 3-5] which discloses modification is a re-randomization) and some blocks (i.e., indicating certificate having plurality of portions) of the signatures can be hidden (sanitized i.e., equivalent to unmodifiable portion of certificate). Further teaches the re-randomizable property prevents the certificates from the same user from being linked. See also on [page 539 section 5.1] teaches when a user receives the authentication request, the functions GS.Rand and GS.Hide will be used to randomize and sanitize a certificate. The user uploads the randomized certificate to source CSP through web browser. The source CSP uses function GS.Ver’ to authenticate the certificate. If successful, source CSP provides the service to user). Regarding claim 6 the combination of Sherman and Stefan teaches all the limitations of claims 1 above, Stefan further teaches further comprising the step of storing auxiliary data, wherein the auxiliary data comprises an association between the verified user data and an encrypted version of an indication of the certified user data (Stefan on [page 213 step 2-8 and page 216] selecting random pseudonym Y (i.e., auxiliary data) for each blinded message and re-encrypt the certificate containing user data). The motivation for combining is same as set for the above in claim 1. Regarding claim 10 Sherman teaches a computer-implemented method of characterizing an unknown user from certified user data (Sherman on [page 528] teaches anonymity of user such that user anonymously authenticate as authorized user without letting the CSP know about real identity of user); wherein the certified user data has been generated by re-randomizing a re-randomizable portion of an authenticated certificate (Sherman on [page 530 para 2 and page 535 section 4.1] teaches re-randomization of the signature which act as certificate. See also on [page 533 section 3.3] teaches adding two algorithms: randomization algorithm (GS.Rand), and hiding algorithm (GS.Hide) to make the signature re-randomizable (i.e., modifiable portion of signature in view of [page 3 line 3-5] which discloses modification is a re-randomization) and some blocks (i.e., indicating certificate having plurality of portions) of the signatures can be hidden (sanitized i.e., equivalent to unmodifiable portion of certificate). Further teaches the re-randomizable property prevents the certificates from the same user from being linked); wherein the certified user data comprises a re-randomized portion of the authenticated certificate the re-randomized portion comprising a first set of data (Sherman on [page 530 para 2 and page 535 section 4.1] teaches re-randomization of the signature which act as certificate. See also on [page 533 section 3.3] teaches adding two algorithms: randomization algorithm (GS.Rand), and hiding algorithm (GS.Hide) to make the signature re-randomizable (i.e., modifiable portion of signature in view of [page 3 line 3-5] which discloses modification is a re-randomization) and some blocks (i.e., indicating certificate having plurality of portions) of the signatures can be hidden (sanitized i.e., equivalent to unmodifiable portion of certificate). Further teaches the re-randomizable property prevents the certificates from the same user from being linked); the first set of data having been associated with verified user data by the associating entity prior to re-randomization(Sherman on [page 536 section 4.2] teaches each members identities (i.e., verified user data) are mapped to integer ID (i.e., verified user data) a unique value which will be stored i.e., mapping is done prior to re-randomization); the verified user data comprising personal information of the unknown user, the method comprising the steps of (Sherman on [page 529 2nd para] teaches source CSP verifying the user credentials (i.e., user personal information/identities). See also on Fig 2-page 535 re-randomization of certificate/signature having personal information of the user); receiving, from the one or more trustee systems, the first set of data; providing, to the associating entity, the first set of data (Sherman on [page 536 section 4.2] teaches each members identities (i.e., verified user data) are mapped to integer ID (i.e., first set of data) a unique value which will be stored); and receiving, from the associating entity, verified user data comprising personal information of the unknown user (Sherman on [page 529 2nd para] teaches source CSP verifying the user credentials (i.e., user personal information/identities). See also on Fig 2-page 535 re-randomization of certificate/signature having personal information of the user). Sherman fails to explicitly teach a first set of data that has been encrypted using a public key of one or more trustee systems, the authenticated certificate and certified user data further comprising an identifier of an associating entity and providing, to one or more trustee systems, an indication of the certified user data; decrypting, by the one or more trustee systems, the re-randomized portion using a private key of the one or more trustee systems to obtain the first set of data, however Stefan from analogous art teaches the re-randomized portion comprising a first set of data that has been encrypted using a public key of one or more trustee systems (Stefan on [page 212 line 1-5 and page 213 step 2-8] teaches encrypting identity information using public key); the authenticated certificate and certified user data further comprising an identifier of an associating entity (Stefan on [page 212, last 2 lines and page 213 steps 2-8] teaches self-signed certificate includes address ID of the user who created the certificate, user selects random pseudonym Y and contacts third party I for blinded signature on data containing the address ID, SIGid and (Y, ID)); providing, to one or more trustee systems, an indication of the certified user data; decrypting, by the one or more trustee systems, the re-randomized portion using a private key of the one or more trustee systems to obtain the first set of data (Stefan on [page 212 line -15] teaches the law enforcement agency decrypts the encrypted ID in certificate using private key. See also on Fig 4 and [page 214 step 1-10] teaches V sends certificate containing encrypted ID, SIGid etc. to law enforcement agency L which then decrypts the encrypted portion using private key and verifies the signature). Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Stefan into the teaching of Sherman by encrypting and decrypting data in certificate using public key and private key respectively. One would be motivated to do so in order to protect identity of the user from being exposed to unauthorized entity by encrypting the identity information within the authenticated certificate using public key (Stefan [abstract]). Regarding claim 11 the combination of Sherman and Stefan teaches all the limitations of claim 10 above, Sherman further teaches wherein the identifier of the associating entity comprises one or more of: a signature signed using the associating entity's private key; and a public key of the associating entity comprised within the authenticated certificat(Sherman on [page 531 section 2.2] signature using private key); Regarding claim 12 the combination of Sherman and Stefan teaches all the limitations of claim 1 above, Sherman further teaches wherein the first set of data comprises one or more of a token, a database reference, or a serial number (Sherman on [page 536 section 4.2] teaches each members identities (i.e., verified user data) are mapped to integer ID (i.e., first set of data) a unique value which will be stored i.e., integer ID as toke, database reference or serial number). Regarding claim 15 the combination of Sherman and Stefan teaches all the limitations of claim 10 above, Sherman further teaches wherein the personal information comprises identifying information and the method is a method of identifying an unknown user from certified user data (Sherman on [page 528] teaches anonymity of user such that user anonymously authenticate as authorized user without letting the CSP know about real identity of user). Regarding claim 17 the combination of Sherman and Stefan teaches all the limitations of claim 1 above, Stefan teaches a computer-readable medium comprising instructions that, when executed, cause one or more processor(s) to perform the method of claim 1 (Stefan on [page 527] teaches computer device and storage i.e., computers know to have processor for executing instructions). Regarding claim 18 the combination of Sherman and Stefan teaches all the limitations of claim 1 above, Stefan further teaches a processor configured to execute the method of claim 1 (Stefan on [page 527] teaches computer device and storage i.e., computers know to have processor for executing instructions). Regarding claim 19 the combination of Sherman and Stefan teaches all the limitations of claim 10 above, Stefan further teaches a computer-readable medium comprising instructions that, when executed, cause one or more processor(s) to perform the method of claim 10 (Stefan on [page 527] teaches computer device and storage i.e., computers know to have processor for executing instructions). Regarding claim 20 the combination of Sherman and Stefan teaches all the limitations of claim 10 above, Stefan further teaches a processor configured to execute the method of claim 10 (Stefan on [page 527] teaches computer device and storage i.e., computers know to have processor for executing instructions). Regarding claim 21 the combination of Sherman and Stefan teaches all the limitations of claim 3 above, Sherman further teaches wherein the identifier comprises a signature signed using the entity's private key (Sherman on [page 531 section 2.2] signature using private key); Regarding claim 22 the combination of Sherman and Stefan teaches all the limitations of claim 6 above, Sherman further teaches wherein the encryption to create the encrypted version of an indication of the certified user data occurs using a public key of a trustee system (Stefan on [page 212 line 1-5 and page 213 step 2-8] teaches encrypting identity information using public key). Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Stefan into the teaching of Sherman by encrypting data in certificate using public key. One would be motivated to do so in order to protect identity of the user from being exposed to unauthorized entity by encrypting the identity information within the authenticated certificate using public key (Stefan [abstract]). Regarding claim 23 the combination of Sherman and Stefan teaches all the limitations of claim 11 above, Sherman further teaches wherein the identifier of the associating entity comprises the signature signed using the associating entity's private key (Sherman on [page 531 section 2.2] signature using private key); and wherein the signature is comprised within the re-randomized portion (Sherman on [page 533 section 3.3] teaches re-randomizing certificate containing signature. Certificate with randomized and original signature (see Fig 2)). Claim 24 is rejected under 35 U.S.C. 103 as being unpatentable over Sherman et al (hereinafter Sherman) (SPICE—Simple privacy-preserving identity-management for cloud environment “2012” NPL) in view of Stefan et al (hereinafter Stefan) (Revocable Anonymity “2006” NPL) and further in view of Wang (US 20210051027). Regarding claim 24 the combination of Sherman and Stefan teaches all the limitations of claim 1 above, the combination fails to teach wherein the identifier of the associating entity comprises the public key of the associating entity comprised within the authenticated certificate, wherein the public key is comprised within an unmodified portion of the authenticated certificate, however Wang from analogous art teaches wherein the identifier of the associating entity comprises the public key of the associating entity comprised within the authenticated certificate, wherein the public key is comprised within an unmodified portion of the authenticated certificate (Wang on [0098-0101] teaches certificate containing content portion and signature portion and wherein content portion includes public key i.e., content portion containing public key is not modified). Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Wang into the combined teaching of Sherman and Stefan by certificate having public key portion. One would be motivated to do so in order to validate digital signature of the certificate using the public key included in the certificate (Wang [0019]). Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Camenisch et al (US 20200007318) is directed towards a system for communicating a message, the system comprising a sender computer, a receiver computer and a decryptor computer each operable for communication via a network. The sender computer stores a public key pk.sub.o of a recipient key-pair (pk.sub.o, sk.sub.o) of a message recipient, a commitment c, bound to the public key pk.sub.o, to a secret s of the message recipient, and a public key pk.sub.t of a decryptor key-pair (pk.sub.t, sk.sub.t). The receiver computer stores a secret key sk.sub.o of the recipient key-pair (pk.sub.o, sk.sub.o), the commitment c and an opening o to the commitment. Danezis et al (US 20120089494) is directed towards Privacy protecting metering is described such as for electricity, gas or water metering, metering use of cloud computing resources, traffic congestion charging and other metering applications. Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOEEN KHAN whose telephone number is (571)272-3522. The examiner can normally be reached 7AM-5PM EST M-TH Alternate Fridays. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached at (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /MOEEN KHAN/ Primary Examiner, Art Unit 2436