DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claims 1, 5-9, 14, 15, 19, and 20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Wang (US 2021/0051027).
Regarding claims 1, 9, and 15, Wang teaches a method (and corresponding medium and apparatus) comprising:
Receiving a request and prover data from a prover processor (the user can complete verification of any identity information authenticated in the digital certificate by simply presenting the digital certificate to the verification authority – see [0073]. Note that user terminal is prover processor and presenting the digital certificate is request. Obtain a plurality of pieces of identity information of a user – see [0054]. The plurality of pieces of identity information…can include a name, an identity card number, an address of the user, etc. – see [0056]. Prover data is identity information).
In response to receiving the request, causing a broker processor to generate a proof that indicates that the prover data conforms with a requirement without revealing the prover data (Any authority (the certification authority shown in FIG. 1) that needs to verify the identity information of the user can perform the following steps to complete verification in response to the identity information to be verified. Obtain, from a storage terminal, a Merkle proof of a leaf node corresponding to the identity information to be verified based on mapping relationships between the identity information to be verified and leaf nodes of a Merkle tree constructed based on a plurality of pieces of identity information of a user, and a root value of the Merkle tree constructed based on the plurality of pieces of identity information of the user – see [0079] – [0080], note that storage terminal is of certificate authority - see [0083] which is considered a broker processor. The root value of the Merkle tree constructed based on the plurality of pieces of identity information of the user can be stored in the digital certificate of the user by the certification authority; and obtaining the root value of the Merkle tree constructed based on the plurality of pieces of identity information of the user includes: obtaining the digital certificate of the user, where the digital certificate includes a content portion and a signature portion, the content portion includes a root value of the Merkle tree constructed based on the plurality of pieces of identity information of the user, and the signature portion is an electronic signature of the content portion that is provided by a certification authority of the digital certificate; verifying the digital certificate by using a public key corresponding to the certification authority of the digital certificate; and obtaining the root value of the Merkle tree constructed based on the plurality of pieces of identity information of the user after the verification is passed – see [0083]. The root value of the Merkle tree corresponding to the identity information to be verified and the root value of the Merkle tree stored in the storage terminal are compared to determine whether they are the same. If they are the same, the identity information to be verified passes the verification, and the identity information to be verified is identity information accepted by the certification authority. It can be seen that, by using the user identify information authentication or verification method shown in FIG. 1, the information to be verified of the user can be verified without disclosing other identity information, thereby improving the security of the verification process of the identity information of the user. In addition, in the verification process, only the Merkle proof of the identity information to be verified and the root value of the Merkle tree are transmitted – see [0090] – [0091]. Note that the prover data is not revealed since the proof and root value are the only values that are transmitted).
Receiving the proof (The Merkle proof is transmitted – see [0091]).
In response to receiving the proof, sending data to the prover processor to fulfill the request (It is implied that the prover processor (i.e., user terminal) would receive data that fulfills the request. For example, see [0091] which shows applications of checking into a hotel through verification, etc. The terminal which provided the request would appear to receive some sort of data which fulfills their request to check into the hotel, for example, which would thus fulfill their request).
Therefore, it appears that the teachings of Wang anticipate the limitations of claims 1, 9, and 15. In the alternative, even if the claimed invention is not identical to that disclosed by the cited reference, the differences between that which is disclosed and that which is claimed are considered to be so slight that that it would have been obvious to the skilled artisan to modify the teachings of Wang in order to create the claimed invention.
Accordingly, the claimed invention as a whole was at least prima facie obvious, if not anticipated by the reference, especially in the absence of sufficient, clear, and convincing evidence to the contrary.
Regarding claim 5, Wang teaches that the request includes a request to access web data (The term “user” in the previous embodiments of the present application can include an individual user and an organization, and can include a computer device, other terminal devices involved in network communication, or an individual such as a web page, etc. The present application is not limited thereto. Any individual requiring authentication in an online or offline scenario can be a user described in the present application – see [0055]).
Regarding claims 6, 14, and 19, Wang teaches that the cryptographic proof includes a zero-knowledge proof (It is worthwhile to note that the Merkle tree constructed based on the plurality of pieces of identity information of a user, which is described in the previous embodiments provided in the present application, can be generally generated using a hash digest algorithm. Because the hash digest algorithm is a one-way mapping algorithm, even if the verification authority obtains the values of all the leaf nodes of the Merkle tree, the verification authority cannot determine the original text of the identity information of the user that is used for generating the leaf nodes, thereby ensuring the security of the identity information of the user – see [0068]).
Regarding claims 7 and 20, Wang teaches that the proof is configured to obfuscate/obscure the prover data from the processor (It is worthwhile to note that the Merkle tree constructed based on the plurality of pieces of identity information of a user, which is described in the previous embodiments provided in the present application, can be generally generated using a hash digest algorithm. Because the hash digest algorithm is a one-way mapping algorithm, even if the verification authority obtains the values of all the leaf nodes of the Merkle tree, the verification authority cannot determine the original text of the identity information of the user that is used for generating the leaf nodes, thereby ensuring the security of the identity information of the user – see [0068]).
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Wang (US 2021/0051027).
The teachings of Wang are relied upon for the reasons set forth above.
Regarding claim 8, Wang further teaches a token (the certificate can be interpreted as a token) and a user compute device (can be interpreted as the user terminal). Wang does not explicitly teach that the user compute device is associated with the token for a predefined time or number of uses. However, expirations (time or number of uses) was notoriously well known in the art before the effective filing date of the filed invention. This is merely an expiration date which would have been used for basic security purposes.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Wang by applying an expiration of the association between the user device and the token, in order to protect the security of the token by requiring an updated token, as was well known in the art. These modifications would result in basic security to the system.
Claims 13 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Wang (US 2021/0051027) in view of Davis (US 11,348,152).
The teachings of Wang are relied upon for the reasons set forth above.
Regarding claims 13 and 18, Wang does not teach that the request includes a URL (Wang teaches requesting access to web data, as discussed above).
Davis teaches embedding a URL in a message that acts as a request to access the URL based on successful verification – see column 10 lines 4-16.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Wang by including a URL in the request, in order to securely request access to a URL. These modifications would result in expanding applications to the system.
Allowable Subject Matter
Claims 3, 4, 10-12, 16, 17, and 21-23 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
The following is a statement of reasons for the indication of allowable subject matter: The prior art does not teach or suggest: “further storing instructions to cause the processor to: send a portion of the proof to a trusted third party (TTP);in response to sending the portion of the proof to the TTP, receive from the TTP a signed hash tree node associated with the portion of the proof; and verify the proof based on the signed hash tree node and a key, the data being sent to the prover processor in response to verifying the proof” or “wherein the request is a first request, the prover processor is a first prover processor, the data is first data, and the non- transitory, processor-readable medium further stores instructions to cause the processor to: receive a second request, the second request received from a second prover processor; determine that the second request is not associated with the prover data; and in response to determining that the second request is not associated with the prover data, send second data to the second prover processor to fulfill the second request, the second data being different from the first data”, in combination with the claim limitations of the independent claims.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LISA C LEWIS whose telephone number is (571)270-7724. The examiner can normally be reached Monday - Thursday 7am-2pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached at 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/LISA C LEWIS/Primary Examiner, Art Unit 2495
Prosecution Insights