Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claim(s) 1-20 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Avetisov et al. (U.S. Pub. 2020/0067907 A1).
With respect to claim 1, Avetisov et al. discloses a computer-implemented method comprising:
generating an authentication key corresponding to a user account of an authenticated data structure of a distributed digital ledger transaction network (i.e., “Some aspects further include generating a token, which may be included in the authentication record. A user may sign that token and present that token for verification based on their public key recorded in the authentication record.”(0011) and “A private key is used to sign representations of credentials and other values as a proof of knowledge of the private key and credential values for authentication of the user to the user identity on the blockchain.”(abstract) and “In accordance with example embodiments implemented with a decentralized computing architecture, such as on a blockchain-based computing platform, user identities, authenticating entity identities, and authentication policies thereof, may be committed to a blockchain ledger, ”(0045) or “Those authentication decisions may take into account one or more of the different informational items pertaining to user identifies stored on the blockchain.
”(0046)) ;
identifying a transaction for modifying the authentication key corresponding to the user account (i.e., “Transactions occurring with higher frequency, such as for authentication of a user to a user identity record, may not flow through the authority. The decentralization of the process and immutability of data stored in blockchains means that a complete history or ledger of the changes made to a user account records can be chained back to its initial entry into the blockchain.
The data structure being used, in some embodiments, to store a user identity records will either be an establishment of a user identity record entry or modification/updating of an existing user identity records entry.”(0142)); and
upon authenticating the transaction utilizing the authentication key, executing the transaction by generating a new authentication key for the user account (i.e., “Transactions occurring with higher frequency, such as for authentication of a user to a user identity record, may not flow through the authority. The decentralization of the process and immutability of data stored in blockchains means that a complete history or ledger of the changes made to a user account records can be chained back to its initial entry into the blockchain. The data structure being used, in some embodiments, to store a user identity records will either be an establishment of a user identity record entry or modification/updating of an existing user identity records entry.”(0142) and Examiner assert establishment of a user identify record entity or update of an existing user identify records entry is executing the transaction by generating a new authentication key for the user account and claims 7-8 and “some functionality may be reserved for the authentication server 155, such as publication of an authorized user identity record for a user or addition/removal of keys, accounts, users or credentials under a user's user identity record. Other functionality may not be reserved, such as authentication of a user to a user identity, thereby allowing that user to access an online resource. In some embodiments, functions are performed, based at least in part, on one or more transactions committed to a decentralized data store”(0124));.
With respect to claim 2, Avetisov et al. discloses further comprising: identifying an additional transaction sent using the user account; and upon authenticating the additional transaction utilizing the new authentication key for the user account, executing the additional transaction (i.e., “some transactions, like those for establishing user identity records, federating accounts under those under identity records, and authorizing additional users and devices to identity record or federated account access may be processed through an authority, like a authentication server 155, which reputably establishes identity records. Other entities may be permitted access to the identity records. Transactions occurring with higher frequency, such as for authentication of a user to a user identity record, may not flow through the authority. The decentralization of the process and immutability of data stored in blockchains means that a complete history or ledger of the changes made to a user account records can be chained back to its initial entry into the blockchain. The data structure being used, in some embodiments, to store a user identity records will either be an establishment of a user identity record entry or modification/updating of an existing user identity records entry.”(0142” and “some functionality may be reserved for the authentication server 155, such as publication of an authorized user identity record for a user or addition/removal of keys, accounts, users or credentials under a user's user identity record. Other functionality may not be reserved, such as authentication of a user to a user identity, thereby allowing that user to access an online resource. In some embodiments, functions are performed, based at least in part, on one or more transactions committed to a decentralized data store”(0124)).
With respect to claim 3, Avetisov et al. discloses wherein: the user account of the authenticated data structure of the distributed digital ledger transaction network corresponds to an address of the authenticated data structure (i.e., “an authentication function may take as input a transaction record address of a Net ID, access the record to identity the ID, and verify whether the accessed record is most current (e.g., by performing a search within published transaction records for the ID to identity any later record) prior to authentication. In some embodiments, a record of current transaction record addresses and associated IDs may be maintained by an authentication server and updated responsive to published transactions.”(0184)); and executing the transaction by generating the new authentication key for the user account comprises generating the new authentication key for the user account while maintaining the address of the authenticated data structure for the user account (i.e.,. “the smart contracts may have an address, for instance, in a data storage address space of the decentralized computing platform, like an address corresponding to a cryptographic hash of program code of the smart contracts.”(0132) (i.e., “Transactions occurring with higher frequency, such as for authentication of a user to a user identity record, may not flow through the authority. The decentralization of the process and immutability of data stored in blockchains means that a complete history or ledger of the changes made to a user account records can be chained back to its initial entry into the blockchain. The data structure being used, in some embodiments, to store a user identity records will either be an establishment of a user identity record entry or modification/updating of an existing user identity records entry.”(0142) and Examiner assert establishment of a user identify record entity or update of an existing user identify records entry is executing the transaction by generating a new authentication key for the user account and claims 7-8 and “some functionality may be reserved for the authentication server 155, such as publication of an authorized user identity record for a user or addition/removal of keys, accounts, users or credentials under a user's user identity record. Other functionality may not be reserved, such as authentication of a user to a user identity, thereby allowing that user to access an online resource. In some embodiments, functions are performed, based at least in part, on one or more transactions committed to a decentralized data store”(0124));.
With respect to claim 4, Avetisov et al. discloses further comprising: identifying an additional transaction for modifying the new authentication key corresponding to the user account(i.e., “Transactions occurring with higher frequency, such as for authentication of a user to a user identity record, may not flow through the authority. The decentralization of the process and immutability of data stored in blockchains means that a complete history or ledger of the changes made to a user account records can be chained back to its initial entry into the blockchain. The data structure being used, in some embodiments, to store a user identity records will either be an establishment of a user identity record entry or modification/updating of an existing user identity records entry.”(0142)); and upon authenticating the additional transaction utilizing the new authentication key, executing the additional transaction by generating an additional authentication key for the user account (i.e., “Transactions occurring with higher frequency, such as for authentication of a user to a user identity record, may not flow through the authority. The decentralization of the process and immutability of data stored in blockchains means that a complete history or ledger of the changes made to a user account records can be chained back to its initial entry into the blockchain. The data structure being used, in some embodiments, to store a user identity records will either be an establishment of a user identity record entry or modification/updating of an existing user identity records entry.”(0142) and Examiner assert establishment of a user identify record entity or update of an existing user identify records entry is executing the transaction by generating a new authentication key for the user account and claims 7-8 and “some functionality may be reserved for the authentication server 155, such as publication of an authorized user identity record for a user or addition/removal of keys, accounts, users or credentials under a user's user identity record. Other functionality may not be reserved, such as authentication of a user to a user identity, thereby allowing that user to access an online resource. In some embodiments, functions are performed, based at least in part, on one or more transactions committed to a decentralized data store”(0124));.
. With respect to claim 5, Avetisov et al. discloses wherein generating the authentication key corresponding to the user account of the authenticated data structure of the distributed digital ledger transaction network comprises: determining an address of the user account within the authenticated data structure (i.e., “the authentication server 155 may publish a smart contract 207 by which a computing node 201 may execute a process to authenticate a user based in part on information stored within the decentralized data store, and the result of the authentication may govern whether a given action requested by the user (e.g., to log-in to an account, access a resource, make a payment, etc., as described herein) is permitted within the computing platform.”(0129) and “ an entity, like the authentication server 155, may publish new smart contracts callable by the authentication servicer or other entities (e.g., application servers 245)…the smart contracts may have an address, for instance, in a data storage address space of the decentralized computing platform, like an address corresponding to a cryptographic hash of program code of the smart contracts”(0132)); and setting the authentication key corresponding to the user account to the address of the user account (i.e.,. “the identifying information for a particular notification may include a particular location or address (e.g., IP address and port number, identifier on a notification service, etc.) to which the authentication application 120 should transmit
output data and signed data”(0086) and “While tokens may be used in the above manner and afford convenient storage in a wallet to represent results of an authentication decision, the above should not suggest that a token must be used as a transaction record may as a transaction record of authentication results may also be referenced by its address and that transaction record may include (or reference other prior transaction records by way of cryptographic hash pointer that include) cryptographic hashes or associated keys (e.g., a public key for verification of a signature), by which the user may prove they effected the transaction by providing a signature (e.g., a representation of a credential signed with a private key) verifiable by the public key.”(0150)).
With respect to claim 6, Avetisov et al. discloses wherein generating the authentication key corresponding to the user account of the authenticated data structure of the distributed digital ledger transaction network comprises: identifying a public encryption key corresponding to the user account (i.e., “ a record of the identity may contain one or more cryptographic keys (e.g., public keys in an asymmetric encryption protocol) or representations of credentials whereby the user may prove knowledge of a corresponding private key and credential values retained in secret by the user”(0027)); generating a hash value by applying a hash function to the public encryption key (i.e., “credential values, and cryptographic hash
values based thereon, or various private cryptographic keys of asymmetric encryption protocols may be stored,”(0030)); and setting the hash value as the authentication key corresponding to the user account (i.e., “In the context of authentication, the data may be a credential value or a cryptographic hash value of the credential value and representative of a user authenticating a request to access online resources.”(0064)).
With respect to claim 7, Avetisov et al. discloses the computer-implemented method of claim 6, wherein authenticating the transaction utilizing the authentication key comprises: generating an additional hash value by applying the hash function to the public encryption key; and determining that the additional hash value corresponds to the authentication key (i.e. “ Some embodiments may input such a credential or value based thereon into a one-way cryptographic function, like a cryptographic hash function, such use SHA 256, and embodiments may supply the output or a value based thereon via a network to a remote computing device that determines whether the user is to be authenticated based on a comparison between the cryptographic hash value and a previously stored cryptographic hash value, for instance, supplied during registration or credential creation based on the same input and hash function. Upon determining that the cryptographic hash values match, the corresponding security criterion may be determined to be have been satisfied by the remote computing device.”(0052) and “The server may receive the result and may compare a cryptographically hashed input credential from the output data to a valid representation of the credential, where the valid representation of the credential was hashed with a same cryptographic hash function, in addition to verifying a signature, such as with a public key received in a prior registration process. ’(0084)) .
With respect to claim 8, Avetisov et al. discloses further comprising executing the transaction by generating a new public encryption key corresponding to the user account (i.e., “a record of the identity may contain one or more cryptographic keys (e.g., public keys in an asymmetric encryption protocol) or representations of credentials whereby the user may prove knowledge of a corresponding private key and credential values retained in secret by the user. ”(0027)), wherein generating the new authentication key for the user account comprises generating the new authentication key by applying a hash function to the new public encryption key corresponding to the user account (i.e., “representations of credential values may be dependent on one or more key values or function values used as input in a cryptographic hashing function or encryption algorithm to generate the representations. In turn, the key values or function values may be updated within the TEE 103 to generated refreshed representations, rather than requiring a user to provide a new credential values, which is particularly beneficial in instances where a user may be unable to change a credential value (e.g., for a specific biometric input)”(0109)).
With respect to claims 9-20, the claims 9-20 are rejected as rejection of set of claims 1-8 since the set of claims 9-20 are similar with set of claims 1-8 but different form.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-5, 9-13, and 17-20 are rejected under 35 U.S.C. 101 because:
At step 1:
Claims 1-5, 9-13, and 17-20 is directed to a “Scalable, Secure, Efficient, and Adaptable Distributed Digital Ledger Transaction Network” and thus directed to a statutory category.
At step 2A, Prong One:
The claims 1, 9 and 17 recite the following limitation directed to an abstract ideas:
“generating an authentication key corresponding to a user account of an authenticated data structure of a distributed digital ledger transaction network” recites a mental process as creating an authentication corresponding to a user account of an authenticated data structure of a distributed digital ledger transaction network key (like creating list of user name with password or anything for authentication with structure distributed digital ledger transaction).
“identifying a transaction for modifying the authentication key corresponding to the user account” recites a mental process as highlight the transaction for modifying the authentication key corresponding to the user account.
“upon authenticating the transaction utilizing the authentication key, executing the transaction by generating a new authentication key for the user account” recites the mental process as authenticating the transaction utilizing the authentication key, adding a new authentication key for the user account.
Further, the claims 2-8, 10-16 and 18-20 recite the following limitation directed to an abstract ideas.
With respect to claim 2, 10 and 18, the claims recites “identifying an additional transaction sent using the user account; and upon authenticating the additional transaction utilizing the new authentication key for the user account, executing the additional transaction”. It is mental process such as highlight an additional transaction sent using the user account; and upon authenticating the additional transaction utilizing the new authentication key for the user account, adding the additional transaction.
With respect to claim 3, 11 and 19, the claims recites “the user account of the authenticated data structure of the distributed digital ledger transaction network corresponds to an address of the authenticated data structure; and executing the transaction by generating the new authentication key for the user account comprises generating the new authentication key for the user account while maintaining the address of the authenticated data structure for the user account”. It is mental process to generate or made list of user account with the authenticated data structure of the distributed digital ledger transaction network corresponds to an address of the authenticated data structure; and adding the new authentication key for the user account comprises generating the new authentication key for the user account while maintaining the address of the authenticated data structure for the user account.
With respect to claim 4, 12 and 20, the claims recites ”Identifying an additional transaction for modifying the new authentication key corresponding to the user account; and upon authenticating the additional transaction utilizing the new authentication key, executing the additional transaction by generating an additional authentication key for the user account”. It is mental process to do highlight or mark the an additional transaction for modifying the new authentication key corresponding to the user account; and upon authenticating the additional transaction utilizing the new authentication key, process to add the additional transaction by generating an additional authentication key for the user account.
With respect to claim 5, 13, the claims recites “determining an address of the user account within the authenticated data structure; and setting the authentication key corresponding to the user account to the address of the user account”. It is mental process to check an address of the user account within the authenticated data structure; and setting the authentication key corresponding to the user account to the address of the user account.
At step 2A, Prong Two:
The claims recite the following additional elements:
The Invention discussed in this claims that performs of a transaction over the computer program and therefore create a contractual relationship similar to economic practices of Bilski. The rest of the of claims is only generic computer and networking element performing their basic functions, so the claim is ineligible
At step 2B
The conclusions for the mere implementation using a generic computer and mere field of use are carried over and to not provide significantly more.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HUNG T VY whose telephone number is (571)272-1954. The examiner can normally be reached M-F 8-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Tony Mahmoudi can be reached at (571)272-4078. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/HUNG T VY/Primary Examiner, Art Unit 2163 February 5, 2026