SECURITY INTELLIGENCE PLATFORM ARCHITECTURE AND FUNCTIONALITY

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Examiner interpreted “first Platform” as hardware as per para [0011] (The first platform may be disposed on the first network or may be separate from the first network and connected to the first network via a first network interface.). Claims 1 and 13, 25, 29 were amended, 7, 8, 19, and 20 were canceled earlier, claims 1-6, 9-18, and 21-32 remain pending. Response to Arguments Applicant's arguments filed 01/23/2026 have been fully considered but they are not persuasive. On page 10, the applicant argued that “the present Office Action, to which this document is responding, does not raise a new ground of rejection. The previous Office Action (dated 09/04/2025) and the present Office Action cite the same art (namely Muddu and Petersen) in rejecting the claims. Examiner respectfully disagrees. Even same reference with different sections which were not reported earlier considered as new ground of rejection. On page 10 the applicant argued that Office Action did not adequately explain how Muddu and Petersen disclose "promoting information from a community content collection to a curated content collection." Examiner respectfully disagrees. Muddu FIG 40B and associated text; FIG 21 2102, 2104, 2106 and associated text; teaches, "promoting information from a community content collection to a curated content collection." Examiner interpreted “All types of the group-specific data “ data as community content collection and “security-related conclusion” data as curated data. On page 11 the applicant argued that Muddu describes that “the threat types can include all threat types, external threats, insider threats, and/or rule-based threats. However, this filtering through threat results by threat types is not analogous to promoting "items of information" from a community collection to a "curated content collection." Examiner respectfully disagrees. Curated content is treated as modified content. Examiner broadly interpreted “security-related conclusion” data as curated data which is derived from all types of group specific data. Applicant is reminded that although during patent examination, the pending claims must be "given their broadest reasonable interpretation consistent with the specification." The Federal Circuit's en banc decision in Phillips v. AWH Corp., 415 F.3d 1303, 75 USPQ2d 1321 (Fed. Cir. 2005) the specification is not read into the claims and the USPTO is to employ the "broadest reasonable interpretation". On the same page the applicant further pointed out that Muddu does not disclose verifying items of information and selectively promoting verified items of information to a curated content collection, as previously mentioned. Claim recite “performing a verification of items of information from said community content collection and selectively promoting a verified item of information from said community content collection to said curated content collection based on said verification” which translate in normal view that group of information’s transfer from one bucket to another bucket for specific condition. Claim is not specific that each item of information are marked as identifier which is compared to verify or validate. Muddu FIG 40B and associated text; Col 75 line 25-45 teaches, “performing a verification of items of information from said community content collection and selectively promoting a verified item of information from said community content collection to said curated content collection based on said verification”. High risk threat are filtered with predetermined threshold score(verified against) to assign as High risk. On page 14 the applicant argued for claim 25and 29 that Petersen does not disclose a rule block for performing all three of: "searching said signal information to identify responsive information based on said data parameters, executing rules for monitoring said signal information based on said data parameters, and generating reports concerning said signal information based on said data parameters" as required by independent claims 25 and 29, as currently amended. Examiner respectfully disagrees. Examiner relied on Muddu for "searching said signal information to identify responsive information based on said data parameters, executing rules for monitoring said signal information based on said data parameters, and generating reports concerning said signal information based on said data parameters". Muddu Col 11 line 10-35 discloses “searching said signal information to identify responsive information based on said data parameters” , Muddu Col 14 line 5-20 discloses “executing rules for monitoring said signal information based on said data parameters” and Muddu Col 100 line 15-20; teaches “generating reports concerning said signal information based on said data parameters”. And examiner relied on Petersen for “first using said first set of said one or more data parameters to perform a first data function of said function set with respect to said first client networks” (Col 3 line 65- col 4line 10) and “second using said first set of said one or more data parameters to perform a second data function, different than said first data function, with respect to said first client networks” (Col 4 line 10-25) and “third using said first set of said one or more data parameters to perform a third data function, different than said first and second data functions, with respect to said first client networks” (Col 7 line 50-57). Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-6, 9-18, and 21-24 are rejected under 35 U.S.C. 103 as being unpatentable over Muddu et al(US 10389738 B2) in view of Petersen et al(US 8543694 B2) and further in view of Vidas et al(US 20190141079 A1). With regards to claim 1, 13 Muddu discloses, A method for use in network monitoring and information management, comprising: providing a first platform for monitoring data signals from one or more first client networks to identify information of interest relating to the first client networks (Col 9 line 30-50; FIG. 1 shows a general environment 10 in which the security platform introduced here can be implemented. The environment 10 may represent a networked computing environment of one or multiple companies or organizations, and can be implemented across multiple geographic regions. One or more elements in the environment 10 are communicatively coupled to each other through a computer communications network, which can include the Internet and one or more wired or wireless networks (e.g., an Internet Protocol (IP)-based local area network (LAN), metropolitan area network (MAN) wide area network (WAN), a Wireless LAN (WLAN) network such as Wireless Fidelity (WiFi), and/or a cellular telecommunications network such as Global System for Mobile Communications (GSM) network, 3G network, or long term evolution (LTE) network).); connecting said first platform to a repository of shared information obtained in connection with monitoring more than one second client networks that overlap or are independent of said first client networks (Col 10 line 10-30; The security platform can be deployed at any of various locations in a network environment. …. Additionally or alternatively, the security platform can be implemented in a private network but nonetheless receive/monitor events that occur on the cloud-based servers. In some embodiments, the security platform can monitor a hybrid of both intranet and cloud-based network traffic. More details on ways to deploy the security platform and its detailed functionality are discussed below.), wherein said repository includes a community content collection and a curated content collection (FIG 40B and associated text; FIG 21 2102, 2104, 2106 and associated text; Note :”All types of the group-specific data threat “ data as community content collection and security-related conclusion data as curated data) ; performing a verification of items of information from said community content collection and selectively promoting a verified item of information from said community content collection to said curated content collection based on said verification (FIG 40B and associated text; Col 75 line 25-45; The view 4000 can include a filter section 4020 that enables the user to selectively filter out threat results according to time, severity, or type. For example, as shown in FIG. 40B, the default provides views of “All Threat Types” 4021 but a user can change this to just review pages for “External,” “Insider,” or “Rule-Based” threats. The filter section 4020 also provides an option to “Select Threat Types,” which enables the user to select the specific types of threats to be included in the Threat Review. The filter section 4020 also enables the user to filter out threats based on their scores by clicking the “Scores” tab 4022. (For example, if the user is only interested in evaluating high risk threats, the user might filter out any threats with a score less than 5). The user can also click on the “Time” tab 4023 to filter out threats based on a date range. For example, if the user is only interested in evaluating very recent threats, the user can choose to filter out any threats earlier than the past 24 hours Note: by changing “all threat types” to “external” data groups as curated data.); said first platform to receive a first data signal from a first network of said first client networks (Col10, line 10-30; Additionally or alternatively, the security platform can be implemented in a private network but nonetheless receive/monitor events that occur on the cloud-based servers. In some embodiments, the security platform can monitor a hybrid of both intranet and cloud-based network traffic. More details on ways to deploy the security platform and its detailed functionality are discussed below.); said first platform to access, from said repository one or more first items of said shared information (Col10, line 10-30; Additionally or alternatively, the security platform can be implemented in a private network but nonetheless receive/monitor events that occur on the cloud-based servers. In some embodiments, the security platform can monitor a hybrid of both intranet and cloud-based network traffic. More details on ways to deploy the security platform and its detailed functionality are discussed below.); and said first platform to conduct an analysis of said first data signal using said first items of said shared information and to provide an analysis output based on said analysis (Col 13; line 35-50; (153) FIG. 3 shows a high-level conceptual view of the processing within security platform 102 in FIG. 2. A receive data block 202 represents a logical component in which event data and other data are received from one or more data sources. In an example, receive data block 202 includes application programming interfaces (APIs) for communicating with various data sources. An ETL block 204 is the data preparation component in which data received from the receive data block 202 is pre-processed, for example, by adding data and/or metadata to the event data (a process interchangeably called decoration, enrichment or annotation herein), or otherwise prepared, to allow more effective consumption by downstream data consumers (e.g., machine learning models). ). Muddu Does not exclusively, but Petersen teaches, first operating said first platform to receive a first data signal from a first network; second operating said first platform to access, from said repository; (Col 6 line 45-55; In one arrangement, the first determining includes ascertaining that the result of the first evaluating is the first outcome. For instance, the first outcome may be that a "condition" of the rule block has been satisfied (e.g., a potentially "interesting" occurrence such as a server backup has started, an unusual outside IP address attempting to connect with a local machine, etc.) and the second outcome may be an "uninteresting" occurrence (e.g., a known employee logs into his or her work email server during business hours). third operating said first platform to conduct an analysis of said first data signal using said first items of said shared information and to provide an analysis output based on said analysis (Col 7 line 50-57; For instance, in the case where the result of each of the first and second evaluating includes the first outcomes, the method could further include third evaluating, at the processing engine using a third rule block, at least some of the data, where the results are analyzed to determine an event of interest.) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify Muddu’s method/system with teaching of Petersen in order to network monitoring that allows for event detection and analysis based on the processing and organization of log messages and other types of structured or normalized data (Petersen Col 1 line 10-20). Muddu in view of Petersen do not exclusively but Vidas teaches, wherein said items of information comprise machine learning logic for processing shared information ([0066] Additionally, the identified actors, partners, entities in the communities and/or the MSSP may also access the accessible/shared security data (Step 520). At Step 522, these actors, partner, entities, etc., further may generate one or more modules or module pipelines, e.g., including probabilistic models or applications, for identifying security threats and/or malicious actions based at least in part on the accessed security data in the published available modules. [0068]; For example, modules/applications, e.g., models or applications employing machine learning, probabilistic analysis, etc., may determine whether the access/shared security data includes information indicative of a security threat or malicious action (Step 532).); It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify Muddu in view of Petersen’s method/system with teaching of Petersen in order to detect anomaly or threat, and take action promptly (Vidas abstract). With regards to claim 2, 14 Mudd in view of Petersen further discloses, wherein said first platform is operative for identifying events of interest based on said first data signal (Petersen col 5, line 25-45; The present utilities may also be used as part of a behavioral and/or relational analysis of structured or normalized facts. For instance, a first rule block could be designed to continually filter for or otherwise obtain one or more particular types of facts (e.g., all log data from a particular source, all log data having a particular classification, and/or the like). Also, a second rule block could be designed to make one or more determinations relating to the facts obtained by the first rule block (i.e., instead of the second rule block making determinations about facts that the second rule block obtains as discussed above). In one arrangement, administrators could set up a first plurality of rule blocks designed to obtain various types of facts, and a second plurality of rule blocks designed to ask various respective questions or otherwise make various respective determinations about whether specific types of facts exist, whether a threshold count related to the facts has been reached (e.g., equal to or over x number of bytes, equal to or over x log count, etc.), and the like. For instance, administrators can "mix and match" various one of the first plurality of rule blocks to various ones of the second plurality of rule blocks to allow for customization of various types of analyses to obtain various events of interest. ). With regards to claim 3, 15 Mudd in view of Petersen further discloses, wherein said events of interest relate to potential security threats with respect to said first network (Petersen Col 6 line 45-65; (25) In one arrangement, the first determining includes ascertaining that the result of the first evaluating is the first outcome. For instance, the first outcome may be that a "condition" of the rule block has been satisfied (e.g., a potentially "interesting" occurrence such as a server backup has started, an unusual outside IP address attempting to connect with a local machine, etc.) and the second outcome may be an "uninteresting" occurrence (e.g., a known employee logs into his or her work email server during business hours). ). With regards to claim 4, 16 Mudd in view of Petersen further discloses, wherein said first data signal is based on logs generated by components of said first network (Petersen Col8 line 65-col 9 line 20; The structured or normalized data processed by the utilities disclosed herein may be generated in any appropriate manner and by numerous types of devices. For instance, log messages and/or other data may be generated by a variety of network platforms including, for instance, Windows servers, Linux servers, UNIX servers, routers, switches, firewalls, intrusion detection systems, databases, ERP applications, CRM applications, and homegrown applications. The log data can be collected using standard network logging and messaging protocols, such as, for instance, Syslog, SNMP, SMTP and other proprietary and non-proprietary protocols. Moreover, the log file may be text based, a proprietary format, a binary format, etc. In addition, the logs may be written to databases such as Oracle, Sybase, MySQL, etc. As a result, a data system may generate a large number of logs in different formats, and it may be desired to monitor or analyze these logs for a variety of purposes. Fields of information within such log messages can be identified and the messages can be selectively processed in accordance with rules based on those fields. In this manner, enhanced processing of textual messages including log messages may be achieved along with improved audit and compliance analysis, application monitoring, security monitoring, and operations analysis. Moreover, large networks may be supported and growing networks may be adapted to.). With regards to claim 5, 17 Mudd further discloses, wherein said repository is disposed on a second platform, separate from said first platform and connected to said first platform via a second network interface ( FIG 1 AWS is in send platform connected with second network interface). With regards to claim 6, 18 Mudd further discloses, wherein said first platform comprises multiple processing platform instances for processing data signals from multiple first client networks and said second platform is operative for communicating with each of said multiple processing platform instances (FIG 1 and associated text; ). With regards to claim 9, 21 Mudd further discloses, further comprising providing a preprocessing module on said first network for accessing signal sources and preprocessing data from said signal sources to provide said first data signal (Col 14 line 55-67; (159) The received data is then provided via a channel 314 to a semantic processor (or data preparation stage) 316, which in certain embodiments performs, among other functions, ETL functions. In particular, the semantic processor 316 may perform parsing of the incoming event data, enrichment (also called decoration or annotation) of the event data with certain information, and optionally, filtering the event data.). With regards to claim 10, 22 Mudd further discloses, wherein said preprocessing comprises enriching said data from said signal sources with additional information to enhance processing by said first processing platform (Col 14 line 55-67; (159) The received data is then provided via a channel 314 to a semantic processor (or data preparation stage) 316, which in certain embodiments performs, among other functions, ETL functions. In particular, the semantic processor 316 may perform parsing of the incoming event data, enrichment (also called decoration or annotation) of the event data with certain information, and optionally, filtering the event data.). With regards to claim 11, 23 Mudd further discloses, establishing a communications pathway from said first form to said first network (FIG 1 and associated text; threat feeds are connected to enterprise VMs; Col 14 line 55-67;). With regards to claim 12, 24 Mudd further discloses, further comprising using said communications pathway to access enrichment sources of said first network (Col 14 line 55-67; (159) The received data is then provided via a channel 314 to a semantic processor (or data preparation stage) 316, which in certain embodiments performs, among other functions, ETL functions. In particular, the semantic processor 316 may perform parsing of the incoming event data, enrichment (also called decoration or annotation) of the event data with certain information, and optionally, filtering the event data. ). Claims 25-32, are rejected under 35 U.S.C. 103 as being unpatentable over Muddu et al(US 10389738 B2) in view of Petersen et al(US 8543694 B2). With regards to claim 25, 29 Muddu discloses, A method for use in network monitoring and information management, comprising: providing a network monitoring platform including an interface for receiving one or more data parameters concerning one or more network monitoring functions (Col 9 line 30-50; FIG. 1 shows a general environment 10 in which the security platform introduced here can be implemented. The environment 10 may represent a networked computing environment of one or multiple companies or organizations, and can be implemented across multiple geographic regions. One or more elements in the environment 10 are communicatively coupled to each other through a computer communications network, which can include the Internet and one or more wired or wireless networks (e.g., an Internet Protocol (IP)-based local area network (LAN), metropolitan area network (MAN) wide area network (WAN), a Wireless LAN (WLAN) network such as Wireless Fidelity (WiFi), and/or a cellular telecommunications network such as Global System for Mobile Communications (GSM) network, 3G network, or long term evolution (LTE) network).), an access system for accessing signal information based one or more data signals of said first client networks (col 10 line 35-45; The security platform introduced here is capable of handling large volumes of data, particularly machine data, from multiple data sources. These data sources may have different data formats and may provide data at very high data rates (e.g., gigabytes of data per second or more). In some embodiments, incoming data is processed using machine learning/data science techniques to extract knowledge from large volumes of data that are structured or unstructured. In a general sense, data science is a continuation and expansion of the field of data mining and predictive analytics, also known as knowledge discovery and data mining (KDD). ), and a processing system for executing said data monitoring functions, said data monitoring functions selected from a function set of data functions for processing said signal information using said data parameters, said function set comprising the data functions of searching said signal information to identify responsive information based on said data parameters (Col 11 line 10-35; In this description the term “event data” refers to machine data related to activity on a network with respect to an entity of focus, such as one or more users, one or more network nodes, one or more network segments, one or more applications, etc.). In certain embodiments, incoming event data from various data sources is evaluated in two separate data paths: (i) a real-time processing path and (ii) a batch processing path. Preferably, the evaluation of event data in these two data paths occurs concurrently. The real-time processing path is configured to continuously monitor and analyze the incoming event data (e.g., in the form of an unbounded data stream) to uncover anomalies and threats. To operate in real-time, the evaluation is performed primarily or exclusively on event data pertaining to current events contemporaneously with the data being generated by and/or received from the data source(s). In certain embodiments, the real-time processing path excludes historical data (i.e., stored data pertaining to past events) from its evaluation. Alternatively in an embodiment, the real-time processing path excludes third-party data from the evaluation in the real-time processing path. These example types of data that are excluded from the real-time path can be evaluated in the batch processing path.), executing rules for monitoring said signal information based on said data parameters (Col 14 line 5-20; A machine learning and machine learning models are employed to evaluate and analyze data in certain embodiments, that is not necessarily the case in every embodiment. In some cases, the security platform may also adapt more appropriately or more efficiently to the environment by using a combination of other suitable forms of analysis, including rule-based analysis, algorithm-based analysis, statistical analysis, etc.), and generating reports concerning said signal information based on said data parameters (Col 100 line 15-20; When a security threat has been detected, the security platform then reports the threat to an administrator of the network (e.g., via the GUI features described above) and/or writes the security threat into a threat log for later review by an administrator.); receiving, via said interface, a first set of one or more data parameters for one or more first data networks (Col 23, line 35-45; In a number of implementations, through the configuration file (e.g., snippet), the administrator can also identify, for example, field mappings, decorators, parameters for identity resolution (IR), and/or other parameters of the data intake and preparation stage. The configuration snippet can be monitored and executed by the data intake and preparation engine on the fly to allow the an administrator to change how various components in the data intake and preparation engine functions without the need to recompile codes and/or restart the security platform ); Muddu does not exclusively but Petersen teaches, first using said first set of said one or more data parameters to perform a first data function of said function set with respect to said first client networks (Col 3 line 65- col 4line 10; For instance, a network administrator may be interested in knowing about any large data transfers that occur from a internal network device to an external IP address in a 30 minute period after the external IP address has accessed the internal network device, as such a combination of occurrences may indicate that a hacker has accessed the network and begun obtaining sensitive data from the network. In this regard, the administrator may design a first rule block that is configured to obtain, store and/or track all log messages generated by internal network devices as a function of time); and second using said first set of said one or more data parameters to perform a second data function, different than said first data function, with respect to said first client networks (Col 4 line 10-25; and monitor for any connections between an external IP address and an internal IP address (e.g., where the first rule block's condition would be satisfied upon observing such a connection). For instance, upon the first rule block determining that a newly received log message includes an external source IP address and an internal destination IP address, the first rule block may "fire" or otherwise consider that its condition has been satisfied. That is, firing of the rule block upon or after an evaluation may be considered a first or desired/interesting outcome while non-firing of the rule block upon or after an evaluation may be considered a second or non-desired/non-interesting outcome. The administrator may also design a second rule block that is configured to obtain, store and/or track log messages indicative of all outbound data transfers as a function of time, and monitor for any outbound data transfer from an internal device that is at least 1 GB in size). And third using said first set of said one or more data parameters to perform a third data function, different than said first and second data functions, with respect to said first client networks (Col 7 line 50-57; For instance, in the case where the result of each of the first and second evaluating includes the first outcomes, the method could further include third evaluating, at the processing engine using a third rule block, at least some of the data, where the results are analyzed to determine an event of interest.) Petersen also teaches, receiving, via said interface, a first set of one or more data parameters for one or more first data networks (Col 3 line 65- col 4line 10; For instance, a network administrator may be interested in knowing about any large data transfers that occur from a internal network device to an external IP address in a 30 minute period after the external IP address has accessed the internal network device, as such a combination of occurrences may indicate that a hacker has accessed the network and begun obtaining sensitive data from the network. In this regard, the administrator may design a first rule block that is configured to obtain, store and/or track all log messages generated by internal network devices as a function of time);It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify Muddu’s method/system with teaching of Petersen in order to network monitoring that allows for event detection and analysis based on the processing and organization of log messages and other types of structured or normalized data (Petersen Col 1 line 10-20). With regards to claim 26, 30, Muddu in view of Petersen further discloses, wherein said first data function comprises searching said signal information (Petersen Col 3 line 65- col 4line 10; For instance, a network administrator may be interested in knowing about any large data transfers that occur from a internal network device to an external IP address in a 30 minute period after the external IP address has accessed the internal network device, as such a combination of occurrences may indicate that a hacker has accessed the network and begun obtaining sensitive data from the network. In this regard, the administrator may design a first rule block that is configured to obtain, store and/or track all log messages generated by internal network devices as a function of time). Motivation would be same as stated in claim 25, 29. With regards to claim 27, 31, Muddu in view of Petersen further discloses wherein said second data function comprises executing rules for monitoring said signal information (Petersen Col 4 line 10-25; and monitor for any connections between an external IP address and an internal IP address (e.g., where the first rule block's condition would be satisfied upon observing such a connection). For instance, upon the first rule block determining that a newly received log message includes an external source IP address and an internal destination IP address, the first rule block may "fire" or otherwise consider that its condition has been satisfied. That is, firing of the rule block upon or after an evaluation may be considered a first or desired/interesting outcome while non-firing of the rule block upon or after an evaluation may be considered a second or non-desired/non-interesting outcome. The administrator may also design a second rule block that is configured to obtain, store and/or track log messages indicative of all outbound data transfers as a function of time, and monitor for any outbound data transfer from an internal device that is at least 1 GB in size). Motivation would be same as stated in claim 25, 29. With regards to claim 28, 32, Muddu further discloses, wherein said signal information comprises one or more of archived signal data, active signal data, and a substantially real time signal feed (Abstract; A security platform employs a variety techniques and mechanisms to detect security related anomalies and threats in a computer network environment. The security platform is “big data” driven and employs machine learning to perform security analytics. The security platform performs user/entity behavioral analytics (UEBA) to detect the security related anomalies and threats, regardless of whether such anomalies/threats were previously known. The security platform can include both real-time and batch paths/modes for detecting anomalies and threats. By visually presenting analytical results scored with risk ratings and supporting evidence, the security platform enables network security administrators to respond to a detected anomaly or threat, and to take action promptly.). Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMED WALIULLAH whose telephone number is (571)270-7987. The examiner can normally be reached 8.30 to 430 PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 1-571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /MOHAMMED WALIULLAH/Primary Examiner, Art Unit 2498