DETAILED ACTION
The instant application having Application No. 18/995,764 filed on 09/20/2023 is presented for examination by the Examiner.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Objections
Claims 1-13 are objected to because of the following informalities:
Claim 1 recites the limitations:
“..the platform..” in line 2, which should be changed to “..the cryptographic communication platform..”
“transmit the first anonymized ciphertext server..” in line 6, it is believed that this is meant to recite “transmit the first anonymized ciphertext ..”
“transmit the second anonymized ciphertext to,..” in line 12, it is believed that I meant to recite “transmit the second anonymized ciphertext ..”
Claim 2 recites “’T’he platform of claim 1,..” which should be changed to “’T’he cryptographic communication platform of claim 1,..”
Claims 3-12 are objected for the same rationale as claim 2 above.
Claim 7 recites “wherein the string is configured to..” which should be change to “wherein the first string is configured to..”
Claim 13 is objected for the same rationale as claim 1 above. In addition, claim 13 also recites the limitation “..PII..” This is a first occurrence of this abbreviation in the claim. As such, it is requested that the abbreviation be clearly defined. Appropriate correction is required.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 5, 7-9 and 19 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claim 5 recites the limitations:
“..the PII of users..” It is unclear which PII this refers to, since there is a PII of user of a first party and a PII of a user of a second party. In addition, the limitation “users” here, is this referring to the users of the first party and second party?
“generate a cryptographic key for each..” and “transmit the first cryptographic key to the first and the second servers.” It is unclear if one same key is being generated or different key is generated for each server.
Claim 7 recites the limitations:
“receive PII of a user ..” It is unclear if both the first and second servers receive the same PII of this user. In addition, is this user different than the one received by the first and second servers in claim 1?
“..the first cryptographic key;” There is a lack of antecedent basis for this limitation in the claim.
“weave the first cryptographic key into the PII of each user..” Is there more than one users here? Because the claim appears to only recites 1 user.
Claim 8 recites the limitation “..by the KMS;” There is a lack of antecedent basis for this limitation in the claim.
Claim 9 recites the limitation “..to the KMS..” in lines 5-6. There is a lack of antecedent basis for this limitation in the claim.
Claim 19 is rejected for the same rationale as claim 7 above.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-15 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.
Regarding claims 1 & 13, although the preamble of the claims recite “a platform” the body of the claims do not positively recite any elements of hardware. Therefore, the nature of the subject matter claimed may reasonably be construed as non-tangible embodiments. The mere recitation of a system in the preamble with an absence of a machine in the body of the claims fail to make the claim statutory under 35 USC 101.
Claims 2-12 and 14-15 depend on claims 1 and 13 respectively, as such they also inherit the 101 rejections as their independent claims above.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.
Claims 1-4, 10-12 and 16-19 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Maurer et al. (US Patent 11,461,861 B1-hereinafter Maurer).
Regarding claim 1, Mauer discloses a cryptographic communication platform for performing a transaction/interaction between two or more parties, the platform comprising:
a first server comprising a first processor executing a code (at least figure 1, element 106, i.e.: computing system of insurer 106 inherently comprises a processor that is used to broadcast a subrogation claim/transaction) configured to:
receive, a personally identifiable information (PII) of a user of a first party (at least column 10, lines 13-30, i.e.: party identifier is received);
generate a first anonymized ciphertext from the PII of the user of the first party (at least figure 11, column 10, lines 47-52, i.e.: at least the party identifier is hashed to generate a hash value);
transmit the first anonymized ciphertext server, such that transmitting the PII of the user of the first party is avoided (at least column 9, lines 13-15; and column 10, lines 58-66, the hash value is transmitted/submitted);
a second server comprising a second processor (at least figures 1 & 4, element 108 i.e.: computing system of insurer (108) inherently comprises a processor, that is used to broadcast the subrogation claim/transaction) executing a code configured to:
receive, a personally identifiable information (PII) of a user of a second party (at least column 10, lines 35-41, i.e.: party identifier is received);
generate a second anonymized ciphertext from the PII of the user of the second party (at least figure 11, column 10, lines 52-57, i.e.: at least the party identifier is hashed to generate a hash value); and
transmit the second anonymized ciphertext to, such that transmitting the PII the user of the second party is avoided (at least column 9, lines 13-15; and column 10, lines 58-66, the hash value is transmitted/submitted); and
a buffer server comprising a third processor (at least column 5, lines 62-67, figures 4 & 5, i.e.: smart contract) executing a code configured to:
receive and store the first anonymized ciphertext from the first server and the second anonymized ciphertext from the second server (at least figures 5 & 7, i.e.: hash values from the insurers are received and stored);
search for a match between the first and the second anonymized ciphertexts, thereby allowing performing a transaction/interaction between the first and the second party without transmitting the PII of users therebetween (at least column 9, lines 12-16; column 11, lines 6-17, the hash values are compared and if a match is determined, causes insurer 108 to pay insurer 106 or vice versa).
Claim 2, Maurer discloses the platform of claim 1. Maurer also discloses the first anonymized cipher text is configured to be equal to the second anonymized cipher text to allow the transaction/interaction, and wherein the search for the match comprises searching for equality between the first ciphertext and the second ciphertext to allow performing the transaction/interaction (at least column 11, lines 6-17, the hash values are compared and if a match is determined, causes insurer 108 to pay insurer 106 or vice versa).
Regarding claim 3, Maurer discloses the platform of claim 1. Maurer also discloses the first and the second servers comprise common features (at least figure 11, i.e.: both generate hash values and submit/transmit to distributed network for comparison).
Regarding claim 4, Maurer discloses the platform of claim1. Maurer also discloses each of the processors of the first server and the second server is configured to generate the first and the second anonymized ciphertext, respectively, by using a cryptographic hash function (CHF) (at least figure 11, column 8, lines 25-45, column 10, lines 47-57, each processor of the insurer 106 & 108 generates a cryptographic hash value using a cryptographic hash function).
Regarding claim 10, Maurer discloses the platform of claim 1. Maurer also discloses wherein the third processor of the buffer server or the second processor of the second server is configured to execute a first set of rules, the first set of rules is determined by the first and/or the second party, and wherein attempts to execute the first set of rules for the user of the second party are unknown to the first party (at least column 11, lines 6-17; column 12, lines 15-26, i.e.: rules are when the hash values match, then payor party pays to payee party, attempts by the payor party to pay the payee party are unknown to the payee party).
Regarding claim 11, Maurer discloses the platform of claim 1. Maurer also discloses the third processor of the buffer server or the second processor of the second server is configured to execute a second set of rules, the second set of rules is determined by the first and/or the second party in case the match is not found (at least column 11, line 60-column 12, line 2, if the hash values don’t match, no payment is made).
Regarding claim 12, Maurer discloses the platform of claim 1. Maurer also discloses the processors of the first and second servers execute a code further configured to:
attach dynamic metadata to each of the first and the second anonymized ciphertext, thereby enabling user segmentation (at least column 10, lines 30-35 & 41-46, medical record may be included/attached).
Claim 16 is rejected for the same rationale as claims 1 & 10 above.
Regarding claim 17, Maurer discloses the method of claim 16. Maurer also discloses receiving a PII of a user comprises receiving a database of users of the first/second party (at least column 10, lines 24-35, information about users such as medical records, party identifier, ID of the subrogation settlement demand, subrogation settlement amount crash damage information, police reports are all received).
Regarding claim 18, Mauer discloses the method of claim16. Mauer also discloses generating each of the first and the second anonymized ciphertext is performed by using a CHF (at least column 10, lines 47-52, data is hashed according to a cryptographic hash algorithm).
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 5-7 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Maurer and in view of Oba (US 2008/0212783 A1-hereinafter Oba).
Regarding claim 5, Maurer discloses the platform of claim1. Maurer does not explicitly disclose comprising a key management system (KMS), the KMS is configured to: generate a first cryptographic key for each of the PII of users; and transmit the first cryptographic key to the first and the second servers.
However, Oba discloses a Key Distribution Center (KDC) (at least [0292]). The KDC is configured to generate a first cryptographic key for each user, and transmit the first cryptographic key to a first and a second server (at least [0292], session key is generated is transmitted to both client and server.)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Oba into the platform of Maurer to enhance security of the platform.
Regarding claim 6, Maurer and Oba disclose the platform of claim 5. Oba also discloses the KMS is external to the buffer server, the first server and the second server (at least figure 8, KDC).
Regarding claim 7, Maurer discloses the platform of claim 1. Maurer discloses each of the processors of the first and the second servers is configured to execute a code configured to:
receive PII of a user (at least column 10, lines 13-30 & 35-41 i.e.: party identifier is received),
determining rules for weaving data into the PII of the user (at least column 10, lines 13-46, i.e.: determining rules to include/weave other data with the party identifier);
weave the data into the PII the PII of each user according to the rules for weaving, thereby generating a first string, the first string comprising characters of the PII of the user and characters of the data (at least column 10, lines 13-46, i.e.: include other data with the party identifier to generate first and second sets of data);
output the first string (at least column 10, lines 13-46, i.e.: first & second sets of data);
wherein the string is configured to be fed into the CHF for generating each of the first anonymized ciphertext and the second anonymized ciphertext by each of the first and the second server, respectively (at least column 10, lines 47-57, the first and second sets of data fed into a cryptographic hashing algorithm for generating a first and second hash values).
Maurer does not disclose receiving the first cryptographic key, and wherein the first cryptographic key used in the first server is identical to the first cryptographic key used in the second server.
However, Oba discloses a receiving a first cryptographic key, and wherein the first cryptographic key used in the first server is identical to the first cryptographic key used in the second server (at least [0292], session key is received and the session key used in client is identical to the session key used in server).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Oba into the platform of Maurer to allow the platform to use different information to authenticate entities.
Claim 19 is rejected for the same rationale as claim 7 above.
Regarding claim 20, Mauer and Oba disclose the method of claim 19. Oba also discloses the first cryptographic key is generated by an KMS (at least [0292], session key is generated by key distribution center (KDC)).
Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Maurer and in view of Roth (US Patent 9,405,920 B1-hereinafter Roth).
Regarding claim 8, Maurer discloses the platform of claim 1. Maurer does not disclose the first and the second processors execute a code further configured to: receive a new first cryptographic key generated by the KMS; store a previously used first cryptographic key and the rules for weaving thereof in a key history stack of each of the first server and the second server; and replace the previously used first cryptographic key with the new first cryptographic key, thereby enabling backwards compatibility.
However, Roth discloses a concept of key rotation, wherein a new destination key is received, the new destination key is used to replace a source key. The source key was used to encrypt a ciphertext, and now the destination key is used to re-encrypt the ciphertext (at least figure 6, column 10, lines 48-60).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the teachings of Roth into the platform of Maurer to limit potential damage of a stolen information.
Claims 13- are rejected under 35 U.S.C. 103 as being unpatentable over Maurer and in view of Hornak (US 2004/0103283 A1-hereinafter Hornak).
Regarding claim 13, Mauer discloses a cryptographic communication platform for performing a transaction/interaction between two or more parties, the platform comprising:
a first server comprising a first processor executing a code (at least figure 1, element 106, i.e.: computing system of insurer 106 inherently comprises a processor that is used to broadcast a subrogation claim/transaction) configured to:
receive, a personally identifiable information (PII) of a user of a first party (at least column 10, lines 13-30, i.e.: party identifier is received);
generate a first anonymized ciphertext from the PII of the user of the first party (at least figure 11, column 10, lines 47-52, i.e.: at least the party identifier is hashed to generate a hash value);
transmit the first anonymized ciphertext server, such that transmitting the PII of the user of the first party is avoided (at least column 9, lines 13-15; and column 10, lines 58-66, the hash value is transmitted/submitted);
a second server comprising a second processor (at least figures 1 & 4, element 108 i.e.: computing system of insurer (108) inherently comprises a processor, that is used to broadcast the subrogation claim/transaction) executing a code configured to:
receive, a personally identifiable information (PII) of a user of a second party (at least column 10, lines 35-41, i.e.: party identifier is received);
generate a second anonymized ciphertext from the PII of the user of the second party (at least figure 11, column 10, lines 52-57, i.e.: at least the party identifier is hashed to generate a hash value); and
transmit the second anonymized ciphertext to, such that transmitting the PII the user of the second party is avoided (at least column 9, lines 13-15; and column 10, lines 58-66, the hash value is transmitted/submitted); and
a buffer server comprising a third processor (at least column 5, lines 62-67, figures 4 & 5, i.e.: smart contract) executing a code configured to:
receive and store the first anonymized ciphertext from the first server and the second anonymized ciphertext from the second server (at least figures 5 & 7, i.e.: hash values from the insurers are received and stored);
search for a match between the first and the second anonymized ciphertexts, thereby allowing performing a transaction/interaction between the first and the second party without transmitting the PII of users therebetween (at least column 9, lines 12-16; column 11, lines 6-17, the hash values are compared and if a match is determined, causes insurer 108 to pay insurer 106 or vice versa).
Maurer does not disclose the first and second anonymized ciphertexts are generated by applying an asymmetric encryption method.
However, Hornak discloses encrypted data is generated by applying an asymmetric encryption method (at least [0011][0014]-[0015][0018], information encrypted with a public key can only be decrypted with a corresponding key and vice versa).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the platform of Maurer with the teachings of Hornak to enable the platform to perform the transaction/interaction using different encryption method.
Regarding claim 14, Maurer and Hornak disclose the platform of claim 13. Hornak also discloses an KMS (at least [0043], certificate authority), the KMS is configured to:
generate a first pair of asymmetric keys for encrypting the PII of users of the first party (at least [0037], i.e.: public key and corresponding private key are generated and provided to client); and
generate a second pair of asymmetric keys for encrypting the PII of users of the second party (at least [0039], i.e.: public key and corresponding private key are generated and provided to server).
Regarding claim 15, Maurer and Hornak disclose the platform of claim 13. Maurer also discloses the buffer server is configured to resolve a dispute between the first and the second party by restoring the transaction/interaction therebetween (at least column 11, line 60-column 12, line 2, when hash values don’t match, the subrogation demand settlement smart contract notifies both parties, and allow the parties to determine reason for the mismatch).
ALLOWABLE SUBJECT MATTER
Claim 9 is objected to as being dependent upon rejected based claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to PHY ANH TRAN VU whose telephone number is (571)270-7317. The examiner can normally be reached Monday-Friday 7 am-1 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T Arani can be reached at (571) 272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/PHY ANH T VU/Primary Examiner, Art Unit 2438