DETAILED ACTION
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 11/14/2024 has been entered. Claims 1, 7, 13 are amended; No claims are cancelled; No claims are added. Claims 1 – 18 are currently pending and subject to examination.
Response to Arguments
Applicant’s arguments with respect to claims 1 - 18 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Claim Rejections - 35 USC § 103
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claims 1 - 3, 6 – 9, 12 – 15, 18 are rejected under 35 U.S.C. 103 as being unpatentable over Balmakhtar et al. (US 20230017184 A1) in view of Bagwell (US 20220164451 A1).
Regarding claim 1, Balmakhtar et al. discloses an information handling system (Balmakhtar et al., FIG. 2) comprising: a processor (Balmakhtar et al., [0040] a processor of the UPF core interface function comprises a field-programmable gate array (FPGA)); a management controller configured to provide out-of-band management of the information handling system (Balmakhtar et al., [0023] network functions can include an authentication server function (AUSF), in relation to [0025] the AUSF facilitates security processes); and
a network interface controller (Balmakhtar et al., [0028] a 5G translating virtual UPF operates as a network interface controller), wherein the network interface controller comprises a SmartNIC (Balmakhtar et al., [0029] the 5G translating virtual UPF comprises a Smart-NIC, which allows for additional software to be loaded into the NIC at configuration or during runtime), and wherein the network interface controller is coupled to a network (Balmakhtar et al., [0028] a 5G core network provides a set of services or network functions that can be executed on virtual servers in a cloud computing environment);
wherein the network interface controller is configured to perform protocol translation during communication between the information handling system and a destination system (Balmakhtar et al., [0028] the 5G translating virtual UPF converts IP packets being sent to/from a PDN into General Packet Radio Service (GPRS) Tunneling Protocol (GTP)-User (GTP-U) packets sent from/to the RAN) by:
receiving, from the processor, data according to a first protocol (Balmakhtar et al., [0029] the UPF is configured to receive a plurality of PFCP messages from one or more SMFs and to establish a corresponding plurality of PDU sessions between one or more RANs and one or more PDNs), wherein the first protocol is forbidden on the network (Balmakhtar et al., [0025] the SMF decouples other control plane functions from user plane functions by performing dynamic host configuration protocol (DHCP) functions and IP address management functions);
translating the data into a second protocol, wherein the second protocol is allowed on the network (Balmakhtar et al., [0032] the 5G translating virtual UPF is configured to understand the variety of PFCP messages and translates the variety of PFCP messages into an internal, function-based PFCP model representation); and
transmitting the translated data to the destination system via the network (Balmakhtar et al., [0032] from that internal model representation, the UPF sets up the Smart-NIC to implement the PDU session specified by each PFCP message between a specified RAN and a specified PDN, where the translations of the PFCP messages into model representations are performed using a library of translation modules stored in the UPF).
Balmakhtar et al. does not expressly disclose receiving, from a management controller, certification data certifying that communication with the destination system is allowed in response to the certification data.
Bagwell, for example, from an analogous field of endeavor (Bagwell, [0012] a SmartNIC-based inline secure communication service may be implemented by a SmartNIC, a data processing unit (DPU)-based NIC, an Intelligent NIC (iNIC), a programmable NIC, a programmable network adapter, or other type of hardware, Application-Specific Integrated Circuit (ASIC), a System-on-a Chip (SoC), a field-programmable gate array (FPGA), or other suitable form factor in relation to [0013] the SmartNIC-based inline secure communication service may include encryption and decryption services, or authentication, data integrity, nonrepudiation, and/or authorization services, protocol processing, flow monitoring, compression/decompression, load balancing, and so forth) discloses receiving, from a management controller (Bagwell, FIG. 1, certificate authority device 135, through controller 125), certification data certifying that communication with the destination system is allowed in response to the certification data (Bagwell, [0030] the certificate authority device may include a network device that may validate an identity and bind the identity to a cryptographic key through the issuance of a digital certificate).
Thus, it would have been obvious to a person of ordinary skill in the art before the effective date of the claimed invention to combine receiving, from a management controller, certification data certifying that communication with the destination system is allowed in response to the certification data as taught by Bagwell with the system of Balmakhtar et al. in order to effect a chain of trust when setting up network connections (Bagwell, [0041 - 0042]).
Regarding claims 2, 8, 14, Balmakhtar et al. – Bagwell disclose the first protocol comprises a protocol selected from the group consisting of dynamic host configuration protocol (DHCP) and trivial file transfer protocol (TFTP) (Balmakhtar et al., [0025] the SMF decouples other control plane functions from user plane functions by performing dynamic host configuration protocol (DHCP) functions and IP address management functions).
Regarding claims 3, 9, 15, Balmakhtar et al. – Bagwell disclose the second protocol comprises a representational state transfer (REST) application programming interface (API) (Balmakhtar et al., [0032] the translations of the PFCP messages into model representations are performed using a library of translation modules that are stored in the UPF).
Regarding claims 6, 12, 18, Balmakhtar et al. – Bagwell disclose receiving, from the destination system, additional data according to the second protocol; translating the additional data into the first protocol (Balmakhtar et al., [0037] the translation method used for an SMF accommodates any unique or different aspects of the implementation of PFCP messages by the manufacturer of the SMF and translates the actual PFCP message into the format of the model's uniform representation of the PFCP message); and transmitting the translated additional data to the processor (Balmakhtar et al., [0038] the translation host establishes a PDU session by sending the model representation of the received PFCP message to the UPF core interface function).
Regarding claim 7, Balmakhtar et al. discloses a method comprising, in an information handling system (Balmakhtar et al., FIG. 2) that includes a processor (Balmakhtar et al., [0040] a processor of the UPF core interface function comprises a field-programmable gate array (FPGA)), a management controller configured to provide out-of-band management of the information handling system (Balmakhtar et al., [0023] network functions can include an authentication server function (AUSF), in relation to [0025] the AUSF facilitates security processes), and a network interface controller (Balmakhtar et al., [0028] a 5G translating virtual UPF operates as a network interface controller), wherein the network interface controller comprises a SmartNIC (Balmakhtar et al., [0029] the 5G translating virtual UPF comprises a Smart-NIC, which allows for additional software to be loaded into the NIC at configuration or during runtime), and
wherein the network interface controller is coupled to a network (Balmakhtar et al., [0028] a 5G core network provides a set of services or network functions that can be executed on virtual servers in a cloud computing environment):
performing protocol translation at the network interface controller during communication between the information handling system and a destination system (Balmakhtar et al., [0028] the 5G translating virtual UPF converts IP packets being sent to/from a PDN into General Packet Radio Service (GPRS) Tunneling Protocol (GTP)-User (GTP-U) packets sent from/to the RAN) by:
receiving, from the processor, data according to a first protocol (Balmakhtar et al., [0029] the UPF is configured to receive a plurality of PFCP messages from one or more SMFs and to establish a corresponding plurality of PDU sessions between one or more RANs and one or more PDNs), wherein the first protocol is forbidden on the network (Balmakhtar et al., [0029] the UPF is configured to receive a plurality of PFCP messages from one or more SMFs and to establish a corresponding plurality of PDU sessions between one or more RANs and one or more PDNs);
translating the data into a second protocol, wherein the second protocol is allowed on the network (Balmakhtar et al., [0032] the 5G translating virtual UPF is configured to understand the variety of PFCP messages and translates the variety of PFCP messages into an internal, function-based PFCP model representation); and
transmitting the translated data to the destination system via the network (Balmakhtar et al., [0032] from that internal model representation, the UPF sets up the Smart-NIC to implement the PDU session specified by each PFCP message between a specified RAN and a specified PDN, where the translations of the PFCP messages into model representations are performed using a library of translation modules stored in the UPF).
Balmakhtar et al. does not expressly disclose receiving, from a management controller, certification data certifying that communication with the destination system is allowed in response to the certification data.
Bagwell, for example, from an analogous field of endeavor (Bagwell, [0012] a SmartNIC-based inline secure communication service may be implemented by a SmartNIC, a data processing unit (DPU)-based NIC, an Intelligent NIC (iNIC), a programmable NIC, a programmable network adapter, or other type of hardware, Application-Specific Integrated Circuit (ASIC), a System-on-a Chip (SoC), a field-programmable gate array (FPGA), or other suitable form factor in relation to [0013] the SmartNIC-based inline secure communication service may include encryption and decryption services, or authentication, data integrity, nonrepudiation, and/or authorization services, protocol processing, flow monitoring, compression/decompression, load balancing, and so forth) discloses receiving, from a management controller (Bagwell, FIG. 1, certificate authority device 135, through controller 125), certification data certifying that communication with the destination system is allowed in response to the certification data (Bagwell, [0030] the certificate authority device may include a network device that may validate an identity and bind the identity to a cryptographic key through the issuance of a digital certificate).
Thus, it would have been obvious to a person of ordinary skill in the art before the effective date of the claimed invention to combine receiving, from a management controller, certification data certifying that communication with the destination system is allowed in response to the certification data as taught by Bagwell with the system of Balmakhtar et al. in order to effect a chain of trust when setting up network connections (Bagwell, [0041 - 0042]).
Regarding claim 13, Balmakhtar et al. discloses an article of manufacture comprising a non-transitory, computer-readable medium having instructions thereon that are executable by a processor (Balmakhtar et al., [0040] a processor of the UPF core interface function comprises a field-programmable gate array (FPGA)) of a network interface controller (Balmakhtar et al., [0028] a 5G translating virtual UPF operates as a network interface controller) of an information handling system (Balmakhtar et al., FIG. 2),
wherein the network interface controller comprises a SmartNIC (Balmakhtar et al., [0029] the 5G translating virtual UPF comprises a Smart-NIC, which allows for additional software to be loaded into the NIC at configuration or during runtime), and wherein the network interface controller is coupled to a network (Balmakhtar et al., [0028] a 5G core network provides a set of services or network functions that can be executed on virtual servers in a cloud computing environment), for:
performing protocol translation during communication between the information handling system and a destination system (Balmakhtar et al., [0028] the 5G translating virtual UPF converts IP packets being sent to/from a PDN into General Packet Radio Service (GPRS) Tunneling Protocol (GTP)-User (GTP-U) packets sent from/to the RAN) by: receiving, from the processor, data according to a first protocol (Balmakhtar et al., [0029] the UPF is configured to receive a plurality of PFCP messages from one or more SMFs and to establish a corresponding plurality of PDU sessions between one or more RANs and one or more PDNs), wherein the first protocol is forbidden on the network (Balmakhtar et al., [0025] the SMF decouples other control plane functions from user plane functions by performing dynamic host configuration protocol (DHCP) functions and IP address management functions);
translating the data into a second protocol, wherein the second protocol is allowed on the network (Balmakhtar et al., [0032] the 5G translating virtual UPF is configured to understand the variety of PFCP messages and translates the variety of PFCP messages into an internal, function-based PFCP model representation); and
transmitting the translated data to the destination system via the network (Balmakhtar et al., [0032] from that internal model representation, the UPF sets up the Smart-NIC to implement the PDU session specified by each PFCP message between a specified RAN and a specified PDN, where the translations of the PFCP messages into model representations are performed using a library of translation modules stored in the UPF).
Balmakhtar et al. does not expressly disclose receiving, from a management controller configured to provide out-of-band management of the information handling system, certification data certifying that communication with the destination system is allowed in response to the certification data.
Bagwell, for example, from an analogous field of endeavor (Bagwell, [0012] a SmartNIC-based inline secure communication service may be implemented by a SmartNIC, a data processing unit (DPU)-based NIC, an Intelligent NIC (iNIC), a programmable NIC, a programmable network adapter, or other type of hardware, Application-Specific Integrated Circuit (ASIC), a System-on-a Chip (SoC), a field-programmable gate array (FPGA), or other suitable form factor in relation to [0013] the SmartNIC-based inline secure communication service may include encryption and decryption services, or authentication, data integrity, nonrepudiation, and/or authorization services, protocol processing, flow monitoring, compression/decompression, load balancing, and so forth) discloses receiving, from a management controller configured to provide out-of-band management of the information handling system (Bagwell, FIG. 1, certificate authority device 135, through controller 125), certification data certifying that communication with the destination system is allowed in response to the certification data (Bagwell, [0030] the certificate authority device may include a network device that may validate an identity and bind the identity to a cryptographic key through the issuance of a digital certificate).
Thus, it would have been obvious to a person of ordinary skill in the art before the effective date of the claimed invention to combine receiving, from a management controller configured to provide out-of-band management of the information handling system, certification data certifying that communication with the destination system is allowed in response to the certification data as taught by Bagwell with the system of Balmakhtar et al. in order to effect a chain of trust when setting up network connections (Bagwell, [0041 - 0042]).
Claims 4, 5, 10, 11, 16, 17 are rejected under 35 U.S.C. 103 as being unpatentable over Balmakhtar et al. – Bagwell, as applied to claim1 above, and further in view of Ballard et al. (US 20170187633 A1).
Regarding claims 4, 10, 16, Balmakhtar et al. – Bagwell does not expressly disclose the network interface controller is configured to expose a mock network interface controller to the processor.
Ballard et al., for example, from an analogous field of endeavor (Ballard et al., [0005] a management controller may be configured to couple to an external network via a first network interface integral to the management controller, emulate a second network interface to an operating system executing on the host system processor, and bridge the first network interface and the second network interface such that host system traffic may be communicated between the host system processor and the external network via the management controller) discloses the network interface controller is configured to expose a mock network interface controller to the processor (Ballard et al., [0028] a USB network interface module may comprise any program of executable instructions, or aggregation of programs of executable instructions, configured to emulate a network interface, Ethernet-style network interface, via a Universal Serial Bus coupling processor to processor).
Thus, it would have been obvious to a person of ordinary skill in the art before the effective date of the claimed invention to combine the network interface controller is configured to expose a mock network interface controller to the processor as taught by Ballard et al. with the combined system of Balmakhtar et al. – Bagwell in order to emulate an Ethernet-style network interface (Ballard et al., [0028]).
Regarding claims 5, 11, 17, Balmakhtar et al. – Bagwell does not expressly disclose the network interface controller is configured to expose a bridge network interface controller to the destination system.
Ballard et al., for example, from an analogous field of endeavor (Ballard et al., [0005] a management controller may be configured to couple to an external network via a first network interface integral to the management controller, emulate a second network interface to an operating system executing on the host system processor, and bridge the first network interface and the second network interface such that host system traffic may be communicated between the host system processor and the external network via the management controller) discloses the network interface controller is configured to expose a bridge network interface controller to the destination system (Ballard et al., [0027] a bridge module may comprise any program of executable instructions, or aggregation of programs of executable instructions, configured to create a bridge between network interface 118 and USB network interface module).
Thus, it would have been obvious to a person of ordinary skill in the art before the effective date of the claimed invention to combine the network interface controller is configured to expose a bridge network interface controller to the destination system as taught by Ballard et al. with the combined system of Balmakhtar et al. – Bagwell in order to communicate with an externally-coupled data network (Ballard et al., [0035]).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Potlapally et al. (US 20220200801 A1) is cited to show a host that can provide computing hardware and/or software for a customer to set up a VCN, network encryption using customer-managed keys, where the customer-managed keys can be distributed in SmartNlCs and the SmartNIC is a network interface card that offloads processing tasks that a CPU might normally handle and can perform functions such as encryption, decryption, routing, firewall, etc. to support Network Encryption Virtual Functions (NEVFs) with a dedicated crypto accelerator and/or SRAM, which is similar to aspects of the claimed invention.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LIONEL PREVAL whose telephone number is (571)270-5673. The examiner can normally be reached Monday-Friday 10 AM - 4 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, NOEL BEHARRY can be reached at 571-270-5630. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/L.P./Examiner, Art Unit 2416
/NOEL R BEHARRY/Supervisory Patent Examiner, Art Unit 2416