DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-2, 10-12, 14-17 are rejected under 35 U.S.C. 103 as being unpatentable over VIJAYAN et al(US 20200252213 A1) in view of Nordstrom et al(US 20200175138 A1) .
With regards to claim 1, VIJAYAN discloses, A system to facilitate secure credentialing of a candidate, the system (FIG 1 and associated text; ) comprising:
an interface server to interact with a user (FIG 1 200-1 and associated text;);
a credential database accessible to the interface server (FIG 1 300-1 and associated text; [0015] A network may have multiple RADIUS servers available with their configuration databases synchronized with each other to provide high availability and scalability across the network. For example, a campus or enterprise may utilize multiple RADIUS servers with synchronized databases to provide high availability and scalability across multiple locations. In such implementations, whenever a change is made to the configuration of the RADIUS database (e.g., adding or removing users, changing permissions of users, etc.), it may be important for a system administrator to have the latest configuration synchronized across all RADIUS servers. ), the credential database to store a credential record associated with a credential candidate ([0020] A client device 100 may be any networked device (e.g., workstation, mobile devices such as laptops, tablets, or smartphones, etc.) that accesses a network that has access managed by RADIUS servers 300. Each NAS 200 (i.e., RADIUS client) may be configured to provide an entry point to the network for a client device 100 accessing the network. A NAS 200 may pass user information (e.g., credentials supplied by user of client device 100) to a RADIUS server 300 and act based on the response that is returned. For example, after a client device 100 initiates authentication with NAS 200, the NAS 200 may prompt for user credentials (e.g., username/password, challenge, etc.), receive the credentials from the client device 100, supply the credentials to a RADIUS server 300, receive a response from the RADIUS server 300 (e.g., access acceptance or rejection), and act based upon services associate with the response of the RADIUS server 300. In implementations, NAS 200 may be a wireless access point, a network access server that supports VPN remote access services or dial-up, a switch, a router, or some other device that provides an entry point to the network for a client device 100), wherein the credential record references credential information and a credential document ([0022] During operation, each of RADIUS servers 300-1 and 300-2 maintains a respective RADIUS database 340-1 and 340-2 (individually referred to as a “database 340”) including user information that is used to authorize authenticate, and account users accessing the network. For example, a database 340 may maintain a list of users, including attributes, that are used by the RADIUS server to decide who can access the network. Example attributes may include a user's credentials (e.g., username and password), a user's group membership, or some other attribute defined for users. A database 340 may be implemented as an SQL database, an Active Directory database, or some other suitable database for maintaining user attributes that are used to determine network access. In some implementations, a database 340 may be implemented as flat-file.); and
a distributed ledger network in communication with the interface server to store the credential document (FIG 1 390 and associated text; ), the distributed ledger network including a plurality of nodes in communication with each other in a peer-to-peer network (FIG 1 300-1, 300- and associated text; 0023] In this example environment, the databases 340 are configured to be synchronized with each other such that RADIUS servers 300 maintain the same configurations to provide high availability and/or scalability across the network. To that end, RADIUS servers 300 function as a blockchain network 390 of devices that maintain a copy of a blockchain 350. Blockchain 350 includes information (e.g., history of RADIUS server database update transactions) that may be used to determine the present configuration and/or history of configuration changes of a database 340. As further discussed below, requested changes to the database configuration may be written to the blockchain 350 for verification such that all RADIUS servers 300 maintain a synchronized configuration. ),.
VIJAYAN does not exclusively but Nordstrom teaches,
nodes of the plurality of nodes to store one or more document chunks of a plurality of document chunks derived from portions of the credential document (FIG 3 307 and associated text; [0120] With T containing the data of many Dpi and all the redundancy Npi, then using this information the Dp digital file is reconstructed. The lower p, the more likely the reconstructed Dp digital file is different from D.).It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify VIJAYA’s method with teaching of Nordstrom in order for digital files management and preservation in digital licenses (Nordstrom [0010]).
With regards to claim 2, VIJAYAN in view of Nordstrom, wherein nodes of the plurality of nodes store the credential information (Nordstrom FIG 3 and associated text; ABSTRACT A method, system, and computer programs for digital files management and preservation in digital licenses. The method comprises splitting a digital file into a plurality of tokens and distributing each token over computing nodes (101, 102, 103, 104) participating in a blockchain; splitting a first random key associated to the digital file into a plurality of portions and distributing each portion to each computing node (101, 102, 103, 104); shuffling, randomly, the computing nodes (101, 102, 103, 104) and its associated public keys; for each computing node (101, 102, 103, 104) encrypting the portion with the node's public key, and encrypting the received token and a hash function with a public key; storing a head token that corresponds to a first computing node of the blockchain and its associated public key in a digital license; and generating a multiencrypted key Ra and using the latter as the key for recovering the digital file ). Motivation would be same as stated in claim 1.
With regards to claim 10, VIJAYAN further disclose, a gateway in communication between the interface server and the distributed ledger network (FIG 1 200-1 and associated text; Note: Access server acting as gateway).
With regards to claim 11, VIJAYAN further disclose, wherein the distributed ledger network includes blockchain, block directed acyclic graphs, transaction-based directed acyclic graphs, or hashgraph ([0012] Distributed ledger technology (DLT) describes the superset of the different variations of this technology. One presently popular type of DLT is blockchain technology. While in a distributed ledger a transaction is written to the ledger after consensus, the requirement is more specific in a blockchain: transactions are aggregated in to a block and the block is appended to the last block of an existing linear chain of blocks. As such, all blockchains are a form of a distributed ledger, but all distributed ledgers are not necessarily a blockchain. BITCOIN and ETHEREUM are examples of blockchain-based platforms. Directed acyclic graphs (DAG) are another example of a common form of DLT. IOTA is an example of a DAG-based platform. HYPERLEDGER is an example of a DLT-based platform. Unless explicitly stated otherwise, implementations of the disclosure may apply to any variant of DLT, including blockchains, DAGs, etc., in a public, private, and/or hybrid networking environment.).
With regards to claim 12, VIJAYAN further disclose, wherein the distributed ledger network is a hashgraph distributed ledger network (0025] FIG. 2 illustrates one example data structure for a blockchain 350 that may be stored on a plurality of RADIUS servers 300, in accordance with implementations of the disclosure. As illustrated, in this example, the data structure of blockchain 350 is an ordered, back-linked list of blocks, including RADIUS server database configuration update transactions made by RADIUS servers. In this specific implementation, each block of the blockchain comprises a header and transaction information related to one or multiple transactions conducted with respect to RADIUS database configuration updates on the blockchain network. The header of each block (except for e.g., the genesis block) may include the hash of the previous block header and/or hash of the transaction tree root (merkle root hash). In implementations, the header may comprise additional block metadata such as a timestamp (e.g., the approximate creation time of the block), hash trees (e.g., for transaction information, state information, etc.) and other information. It should be appreciated that many other distributed ledgers other than the blockchain illustrated by FIG. 2 may be used to implement the technology described herein.).
With regards to claim 14, VIJAYAN further disclose, wherein the credential database is implemented in a customer relationship management system (14. The system of claim 1, wherein the credential database is implemented in a customer relationship management system ([0015] A network may have multiple RADIUS servers available with their configuration databases synchronized with each other to provide high availability and scalability across the network. For example, a campus or enterprise may utilize multiple RADIUS servers with synchronized databases to provide high availability and scalability across multiple locations. In such implementations, whenever a change is made to the configuration of the RADIUS database (e.g., adding or removing users, changing permissions of users, etc.), it may be important for a system administrator to have the latest configuration synchronized across all RADIUS servers)[0022]. A database 340 may be implemented as an SQL database, an Active Directory database, or some other suitable database for maintaining user attributes that are used to determine network access. In some implementations, a database 340 may be implemented as flat-file.).
With regards to claim 15, VIJAYAN further disclose, further comprising a resource server in communication with the credential database and the distributed ledger network ([0016] Implementations described herein are directed to using a distributed ledger network to synchronize configuration changes across a network of servers that provide AAA. By virtue of using a distributed ledger to synchronize configuration changes, enhanced security may be achieved by maintaining a distributed ledger of changes and requiring a consensus among the servers that provide AAA. Additionally, configuration changes may be automated across all servers.).
With regards to claim 16, VIJAYAN further disclose, further comprising a load balancer in communication between the resource server and nodes of the distributed ledger network ([0015] A network may have multiple RADIUS servers available with their configuration databases synchronized with each other to provide high availability and scalability across the network. For example, a campus or enterprise may utilize multiple RADIUS servers with synchronized databases to provide high availability and scalability across multiple locations. In such implementations, whenever a change is made to the configuration of the RADIUS database (e.g., adding or removing users, changing permissions of users, etc.), it may be important for a system administrator to have the latest configuration synchronized across all RADIUS servers. Further, it may be important to maintain a history of configuration changes as the RADIUS database may control the secure access of each client in an organization's network. Present techniques for RADIUS server database synchronization are limited. For example, some present techniques rely on the use of manual scripts that synchronize the configuration database of RADIUS servers to a master RADIUS server. However, such techniques are not secure and may not maintain a record of configuration changes that are made Note: Server Scalability suggest existence of load balancing.).
With regards to claim 17 , VIJAYAN in view of Nordstrom discloses, access the credential record referencing the credential document using the credential database; (Nordstrom FIG 3 307 and associated text; [0120] With T containing the data of many Dpi and all the redundancy Npi, then using this information the Dp digital file is reconstructed. The lower p, the more likely the reconstructed Dp digital file is different from D.)
retrieve the plurality of document chunks from different nodes of the plurality of nodes by requesting from a node of the plurality of nodes a document chunk from a neighbor node, the neighbor node providing the document chunk to the node; and assemble the plurality of document chunks to provide the credential document (Nordstrom FIG 3 307 and associated text; [0115] The mechanism of this embodiment is that at the moment of downloading out of the blockchain will be managed by the same digital license Smart Contract following this mechanism that preferably will apply: [0116] For every token Tpi=Dpi+redundant data Npi [0117] Dpi is download onto the recipient T or might be skipped at random, with probability p={0, 1}, for example p=0.9 [0118] There is no trace or evidence that whether a token Dpi is downloaded or not on T or whether it is only the redundant code Npi. [0119] EndFor [0120] With T containing the data of many Dpi and all the redundancy Npi, then using this information the Dp digital file is reconstructed. The lower p, the more likely the reconstructed Dp digital file is different from D. ); Motivation would be same as stated in claim 1.
Claims 4, 8-9 are rejected under 35 U.S.C. 103 as being unpatentable over VIJAYAN et al(US 20200252213 A1)in view of Nordstrom et al(US 20200175138 Ai) and further in view of Hsieh et al(US 20110246460 A1).
With regards to claim 4, VIJAYAN in view of Nordstrom do not Hsieh teaches, wherein each node of the plurality of nodes implements a consensus algorithm and includes a file system to store one or more document chunks of the plurality of document chunks derived from portions of the credential document ([(0111] The consistency module 806 maintains consistency among multiple masters implemented on multiple machines in a system, by leveraging the consensus protocol and/or a gossip protocol. For example, the master 800 can maintain consistency using a consensus protocol for order critical state changes and using a gossip protocol for weak consistency among data including but not limited to node status updates, reporting information, and metrics information.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify VIJAYAN in view of Nordstrom’s method with teaching of Hseih in order to provide service providers with useful information, for example, regarding traffic, content popularity, trends, etc (Hseih [0002]).
With regards to claim 8, VIJAYAN in view of Nordstrom and Hsieh teaches, wherein each node includes a block logger to log events ([0074] In one embodiment, the agent nodes 502 can forward the collected log data or events to a collector tier 512 which includes at least one collector node 504 but in some instances, multiple collector nodes 504 which can combine streams of log data/events into larger streams, for example, for writing to the storage tier 516. The collector node(s) 504 can aggregate the log data collected from the machines on which the agent nodes are executed. The collector nodes 504 can also be executed on different machines with each machine having various numbers of collector nodes 504, which passes events on to the data sink 507). Motivation would be same as stated in claim 4.
With regards to claim 9, VIJAYAN in view of Nordstrom and Hsieh teaches, wherein each node includes an encryption system to encrypt the one or more document chunks of the credential document ([0056] For example, the nodes 202/204 (e.g., logical nodes) can be associated with properties and/or functions, including but not limited to, adding encryption or digital signature, performing batching/unbatching, performing compression/uncompression, generating a checksum of a dataset, performing sampling, performing benchmarking (e.g., by injecting benchmark tags). In addition, the analytic that are performed can include, feature extraction, filtering, transformation, generating aggregate counts, statistics, etc.). Motivation would be same as stated in claim 4.
Claims 13 are rejected under 35 U.S.C. 103 as being unpatentable over VIJAYAN et al(US 20200252213 A1)in view of Nordstrom et al(US 20200175138 Ai) and further in view of OH et al(US 20200403776 A1).
With regards to claim 13, VIJAYAN in view of Nordstrom do not OH teaches, wherein the number and identity of nodes of the distributed ledger network are fixed and known by each node of the distributed ledger system ([0003] Byzantine fault tolerance (BFT) is a technique which enables nodes to operate normally in a distributed environment composed of multiple nodes even if an abnormal node is present in the distributed environment. A conventional Byzantine-fault-tolerance-based distributed consensus scheme requires the exchange of O(N.sup.2) messages during a consensus process. A conventional Byzantine-fault-tolerance-based distributed consensus scheme is limited in increasing the number of nodes that participate in a consensus process due to the number of messages. In the case of a Tendermint algorithm, the number of nodes that participate in consensus is assumed to be 101. During a consensus process, the exchange of O(N.sup.2) messages is required, and thus various types of research into reducing the number of messages to be exchanged have been conducted. In the case of FastBFT, the number of messages to be exchanged has been reduced to O(N) through message aggregation technology. Further, in the case of Zilliqa or the like, there are conventional technologies that reduce the number of messages to O(N) using multiple signatures. However, the conventional technologies have succeeded in reducing the number of consensus messages to O(N), but there are limitations in that the nodes that participate in a consensus process are fixed, which forms again centralization. Therefore, in conventional technologies, decentralization of nodes has been realized, but the exchange of O(N.sup.2) messages is required in order to achieve consensus. Due to this limitation, conventional technologies for realizing decentralization of nodes may be problematic in that, when the number of nodes increases to several hundred or higher, a problem of traffic congestion may occur, and thus a new consensus method that is capable of reducing the number of consensus messages to O(N) is required.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify VIJAYAN in view of Nordstrom’s method with teaching of OH in order for optimizing distributed consensus protocols and messages based on Byzantine Fault Tolerance (BFT) of decentralized nodes (OH [0002]).
Claims 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over VIJAYAN et al(US 20200252213 A1)in view of Nordstrom et al(US 20200175138 Ai) and further in view of Maliani et al(US 10885170 B1).
With regards to claim 18, VIJAYAN in view of Nordstrom do not but Maliani teaches, wherein the distributed ledger network is configured to: share a document chunk of the plurality of document chunks with a first node of the plurality of nodes; and share the document chunk from the first node of the plurality of nodes to a second node of the plurality of nodes (FIG 4A and 4B and associated text;). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify VIJAYAN in view of Nordstrom’s method with teaching of Maliani in order protect health information (Maliani Abstarct).
With regards to claim 19, VIJAYAN in view of Nordstrom and Maliani teaches, wherein the system is configured to: creating a document chunk map identifying and ordering the plurality of chunks (Nordstrom [0011] To that end embodiments of the present invention provide according to a first aspect a computer-implemented method for digital files management and preservation in digital licenses, comprising: [0012] splitting at least a part of a digital file into a plurality of tokens and distributing each split token over a plurality of computing nodes participating in a system based on a blockchain protocol, wherein each computing node has associated a public key, and wherein the digital file has associated a first random key R.sub.1 and is subject to a digital license, for example a smart contract; [0013] splitting the first random key R.sub.1 associated to the digital file into several portions Ri and distributing each split portion Ri to each one of the computing nodes;); and storing the document chunk map in the distributed ledger system (Nordstrom 0015] for each computing node in the randomly shuffled list of computing nodes and tokens encrypting the split portion Ri with the node's public key, providing an encrypted portion first random key Ri′, and encrypting the received token and a hash function related to the address of the following computing node in the blockchain with a public key of the computing node;[0018] ). Motivation would be same as stated in claim 18.
With regards to claim 20, VIJAYAN in view of Nordstrom and Maliani teaches, accessing a document chunk map at a node of the plurality of nodes of the distributed ledger system, the document chunk map identifying and ordering the plurality of document chunks; wherein retrieving the plurality of document chunks includes retrieving the plurality of document chunks identified in the document chunk map from different nodes of the plurality of nodes; and assembling the plurality of document chunks includes assembling the plurality of document chunks in accordance with the document chunk map to provide the document ((Nordstrom FIG 3 307 and associated text; [0115-120] [0120] With T containing the data of many Dpi and all the redundancy Npi, then using this information the Dp digital file is reconstructed. The lower p, the more likely the reconstructed Dp digital file is different from D.). Motivation would be same as stated in claim 18.
Allowable Subject Matter
Claims 3, 5-7, are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. US 20160119305 A1
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMED WALIULLAH whose telephone number is (571)270-7987. The examiner can normally be reached 8.30 to 430 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 1-571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MOHAMMED WALIULLAH/Primary Examiner, Art Unit 2498