DYNAMIC LOAD BALANCING OF RADIUS REQUESTS FROM NETWORK ACCESS SERVER DEVICE

DETAILED ACTION In a response received on 9 December 2025, the applicants amended claims 1, 3, 4, 6, 7, 10, 12, 14, 16-17 and 19. Claims 1-20 are pending. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments Applicant’s arguments with respect to claim(s) 1, 12, and 17 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1, 8, 9, 12, and 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Takagi (US 2008/0031496 A1) in view of Bolotin et al. (US 2015/0163324 A1), and further in view of Kommula (US 2010/0153558 A1). With respect to claim 1, Takagi discloses: a network access server (NAS) device (i.e., a load balancing apparatus evaluating a load corresponding to an authenticating device in Takagi, ¶0064) comprising: a memory; and one or more processors in communication with the memory (i.e., load balancing device with respective units for control, storage, and communication in Takagi, ¶0053) and configured to: based on receipt of an authentication request from a client device (i.e., client device submits a biometrics authentication request in Takagi, ¶0040); and that includes a local NAC system in communication with the NAS device (i.e., load balancing servers to deliver on minimum response time suggests a local (low latency) node; includes network elements on an intranet in Takagi, ¶0005, ¶0041), send the authentication request to the selected NAC system. (i.e., instructing the selected authenticating device to perform the authentication in Takagi, ¶0050). Takagi discloses evaluating characteristics of the request including the quality and type (¶0042, ¶0049, ¶0082). Takagi do(es) not explicitly disclose latency tolerance of the request. Bolotin, in order to improve quality of service for clients by evaluating client latency sensitivity (¶0076), discloses: determine a latency tolerance associated with the authentication request (i.e., determining a characteristic of the request of the client corresponding to latency sensitivity/tolerance; requests can be distinguished by latency tolerance and routed to separate queues and scheduled appropriately in Bolotin, ¶0052, ¶0055). Takagi discloses load balancing requests to servers to deliver on minimum response time suggests a local (low latency) node; and monitoring and recording a load for the authenticating device such as CPU occupancy (¶0005, ¶0046). Takagi do(es) not explicitly disclose latency of the servers. Bolotin, in order to improve quality of service for clients by evaluating client latency sensitivity (¶0076), discloses: determine latency (i.e., collect resource metrics on system latency in Bolotin, ¶0072) and a load (i.e., queue metrics in Bolotin, ¶0060) at each network access control (NAC) system of a set of geographically distributed NAC systems (i.e., plurality of queues; collect queue metrics to compute overall system specific metrics in Bolotin, ¶0066) Takagi discloses selecting a destination authenticating device based on load and evaluating the request weight and matching it with a corresponding destination authenticating device (¶0049, ¶0070). Takagi do(es) not explicitly disclose distributing requests based on latency of the request and load of the system. Bolotin, in order to improve quality of service for clients by evaluating client latency sensitivity (¶0076), discloses: based on a determination that the load at the local NAC system is above a threshold (i.e., determining system latency has increased based on collected resource and queue metrics in Bolotin, ¶0075) and that the authentication request is associated with a high latency tolerance (i.e., determining the client request service class corresponding a sensitivity to latency; request corresponds to latency high sensitivity; the request cannot hide access latency well in Bolotin, ¶0055, ¶0057), select a NAC system of the set of geographically distributed NAC systems other than the local NAC system based on the latency at the NAC system (i.e., based on the determined latency sensitivity, sending the request to a corresponding queue of a plurality of queues in Bolotin, ¶0052). Based on Takagi in view of Bolotin, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Bolotin to improve upon those of Takagi in order to improve quality of service for clients by evaluating client latency sensitivity. Takagi discloses prioritizing authenticating device with highest performance property and lightest load corresponding to the weight/load evaluated for the request (¶0065-0068, and fig. 7). Takagi and Bolotin do(es) not explicitly disclose the following. Kommula, in order to improve robustness of serving clients by evaluating geographic location, capacity, and latency of servers (¶0007), discloses: wherein the local NAC system comprises one of the set of geographically distributed NAC systems that is within a same geographical region as the NAS device (i.e., determining geographical region of server from a list of multiple sites based on IP address corresponding to regional registry; preferring IP address in same geographical region as client machine; latency can be measured for the local and geographically distant servers; load on the server includes a threshold number of TCP sessions in capacity in Kommula, ¶0094, ¶0095, ¶0096), wherein the selected NAC system comprises one of the set of geographically distributed NAC systems that is located within a different geographical region than the NAS device (i.e., suggests local IP address may be beyond max capacity resulting in selected IP is based on latency capacity and latency checks supersede geography checks; geography proximity is only preferred when capacity is normal and latency ties two or more servers in Kommula, ¶0094, ¶0095, ¶0096). Based on Takagi in view of Bolotin, and further in view of Kommula, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Kommula to improve upon those of Takagi in order to improve robustness of serving clients by evaluating geographic location, capacity, and latency of servers. With respect to claim 8, Takagi discloses: the NAS device of claim 1, wherein to determine the load at the local NAC system (i.e., authenticating device within a network of the load balancing apparatus in Takagi, ¶0040), the one or more processors are configured to: obtain a load indication from the local NAC system (i.e., monitoring and storing a load of the authenticating device in Takagi, ¶0046); and determine that the load at the local NAC system is above the threshold. (i.e., in Takagi, ¶0048-0049). With respect to claim 9, Takagi discloses: the NAS device of claim 1, wherein the one or more processors (i.e., authenticating device within a network of the load balancing apparatus in Takagi, ¶0040) are configured to: obtain a status indication from the local NAC system (i.e., determining and storing a load on the authenticating device in Takagi, ¶0046, ¶0049); and determine that the local NAC system is available to receive authentication requests (i.e., evaluate suitability to receive requests based on corresponding weight and CPU occupancy rate, the highest rates effectively indicating unavailable to serve requests in Takagi, ¶0048-0049, ¶0082). With respect to claim 12, the limitation(s) of claim 12 are similar to those of claim(s) 1. Therefore, claim 12 is rejected with the same reasoning as claim(s) 1. With respect to claim 17, the limitation(s) of claim 17 are similar to those of claim(s) 1. Therefore, claim 17 is rejected with the same reasoning as claim(s) 1. Claim(s) 2-7, 13-15, and 18-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Takagi (US 2008/0031496 A1) in view of Bolotin et al. (US 2015/0163324 A1) and Kommula (US 2010/0153558 A1), and further in view of Halasz et al. (US 2004/0168054 A1). With respect to claim 2, Takagi discloses requests correspond to varying levels of quality to corresponding priority for execution, higher quality require higher levels of matching (¶0082). Takagi do(es) not explicitly disclose the following. Bolotin, in order to improve quality of service for clients by evaluating client latency sensitivity (¶0076), discloses: the NAS device of claim 1, wherein to determine the latency tolerance associated with the authentication request (i.e., determining the client request service class corresponding a sensitivity to latency; request corresponds to latency high sensitivity; the request cannot hide access latency well in Bolotin, ¶0055, ¶0057). Based on Takagi in view of Bolotin, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Bolotin to improve upon those of Takagi in order to improve quality of service for clients by evaluating client latency sensitivity. Takagi discloses selecting a destination authenticating device based on load and evaluating the request weight and matching it with a corresponding destination authenticating device (¶0049, ¶0070). Takagi, Bolotin, and Kommula do(es) not explicitly disclose the following. Halasz, in order to improve latency for authentication by reducing load on the AAA server (¶0022), discloses: the one or more processors are configured to determine whether the authentication request comprises an initial authentication request (i.e., authentication procedure for initial authentication if no corresponding dynamic credentials are cached for the client in Halasz, ¶0034) or a re-authentication request (i.e., client has corresponding dynamic credentials cached then it is a request for re-authentication in Halasz, ¶0033), wherein the initial authentication request is associated with a low latency tolerance (i.e., initial authentication is burdensome requiring session establishment and substantial amount of time in Halasz, ¶0002), and wherein the re-authentication request is associated with the high latency tolerance (i.e., different types of reauthentication where latency is not an issue as suggested by some Quality of Service implementations where reauthentication latency might be an issue; reducing the load on the AAA server by having proxy handle reauthentication instead; suggests that AAA server is more sensitive to latency in Halasz, ¶0022, ¶0029). Based on Takagi in view of Bolotin and Kommula, and further in view of Halasz, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Halasz to improve upon those of Takagi in order to improve latency for authentication by reducing load on the AAA server. With respect to claim 3, Takagi discloses: the NAS device of claim 2, wherein to select the NAC system for the authentication request, the one or more processors are configured to, based on determining that the authentication request comprises the re-authentication request associated with the high latency tolerance, select the NAC system that has a higher latency than one or more of the other NAC systems in the set of geographically distributed NAC systems that includes the local NAC system (i.e., determining a weight, or priority, for distinguishing higher load and strain on the authentication devices and selecting the device that best serves that type of request; lower weighted requests maybe attributed to slower resource scarce authenticating device in Takagi, ¶0082) With respect to claim 4, Takagi discloses: the NAS device of claim 2, wherein the one or more processors are configured to, based on determining that the authentication request comprises the initial authentication request, select another NAC system that has a lowest latency in the set of geographically distributed NAC systems that includes the local NAC system (i.e., evaluating loads and comparing them to weights of the corresponding authenticating device, with level 10 needing to be processed with highest priority and device which has the highest performance and lightest load in Takagi, ¶0048-0049) With respect to claim 5, Takagi discloses selecting a destination authenticating device based on load and evaluating the request weight and matching it with a corresponding destination authenticating device (¶0049, ¶0070). Takagi, Bolotin, and Kommula do(es) not explicitly disclose the following. Halasz, in order to improve latency for authentication by reducing load on the AAA server (¶0022), discloses: the NAS device of claim 2, wherein to determine the latency associated with the authentication request, the one or more processors are configured to, based on determining that the authentication request comprises the initial authentication request (i.e., initial authentication request is determined as absence of credentials in Halasz, ¶0026), determine whether the authentication request comprises a single transaction authentication or a multi-transaction authentication (i.e., lack of dynamic credentials indicate full authentication which is multi-transaction in Halasz, ¶0034), wherein the single transaction authentication is associated with the high latency tolerance (i.e., determining that reauthentication requests use lightweight protocol compared to initial in Halasz, ¶0022), and wherein the multi-transaction authentication is associated with the low latency tolerance (i.e., initial request is multiple two communications with the server in Halasz, ¶0026). Based on Takagi in view of Bolotin and Kommula, and further in view of Halasz, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Halasz to improve upon those of Takagi in order to improve latency for authentication by reducing load on the AAA server. With respect to claim 6, Takagi discloses: the NAS device of claim 5, wherein to select the NAC system for the authentication request, the one or more processors are configured to, based on determining that the authentication request comprises the initial authentication request and that the authentication request comprises the single transaction authentication associated with the high latency tolerance, select the NAC system that has a higher latency than one or more of the other NAC systems in the set of geographically distributed NAC systems that includes the local NAC (i.e., evaluating the parameters of the request including biometric data quality and implied load on the system to select the appropriate authenticating device to match the priority of the request, lower priority requests are routed to resource starved or less performant device in Takagi, ¶0048-0049, ¶0082). With respect to claim 7, Takagi discloses: the NAS device of claim 5, wherein the one or more processors are configured to, based on determining that the authentication request comprises the initial authentication request and that the authentication request comprises the multi-transaction authentication associated with the lower latency tolerance, select another NAC system that has a lowest latency in the set of geographically distributed NAC systems that includes the local NAC system (i.e., evaluating the parameters of the request including biometric data quality and implied load on the system to select the appropriate authenticating device to match the priority of the request, higher priority request with the performant system, the relationship between request impact and system performance suggests system with least load for more intense requests in Takagi, ¶0048-0049, ¶0082). With respect to claim 13, the limitation(s) of claim 13 are similar to those of claim(s) 2. Therefore, claim 13 is rejected with the same reasoning as claim(s) 2. With respect to claim 14, the limitation(s) of claim 14 are similar to those of claim(s) 4. Therefore, claim 14 is rejected with the same reasoning as claim(s) 4. With respect to claim 15, the limitation(s) of claim 15 are similar to those of claim(s) 5. Therefore, claim 15 is rejected with the same reasoning as claim(s) 5. With respect to claim 18, the limitation(s) of claim 18 are similar to those of claim(s) 2. Therefore, claim 18 is rejected with the same reasoning as claim(s) 2. With respect to claim 19, the limitation(s) of claim 19 are similar to those of claim(s) 4. Therefore, claim 19 is rejected with the same reasoning as claim(s) 4. With respect to claim 20, the limitation(s) of claim 20 are similar to those of claim(s) 5. Therefore, claim 20 is rejected with the same reasoning as claim(s) 5. Claim(s) 10, 11, and 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Takagi (US 2008/0031496 A1) in view of Bolotin et al. (US 2015/0163324 A1) and Kommula (US 2010/0153558 A1), and further in view of Bernat et al. (US 2018/0241802 A1). With respect to claim 10, Takagi discloses: the NAS device of claim 1, wherein to determine the latency and the load at each NAC system, the one or more processors are configured to: send, to each NAC system in the set of geographically distributed NAC systems, a probe message (i.e., communicating with the authenticating device to retrieve occupancy load information of the device in Takagi, ¶0054,¶0057, ¶0060) and a load indication for the NAC system (i.e., renewing the load information by communicating with the storage corresponding to the load balancing device to keep load information relevant in Takagi, ¶0054,¶0057, ¶0060). Takagi discloses evaluating a load corresponding to an authentication request corresponding to the processing load for performing the authentication; determining a capability of the authenticating device to authenticate the request according to its resources such as CPU occupancy (¶0045, ¶0047). Takagi, Bolotin, and Kommula do(es) not explicitly disclose the following. Bernat, in order to improve access to low-latency resources to assign workloads to in a global view (¶0002), discloses: based on the probe message, obtain, from each NAC system in the set of NAC systems, a message including a status indication (i.e., server nodes send update message with an identifier indicating to the network switch operation status corresponding to a timestamp in Bernat, ¶0054). Based on Takagi in view of Bolotin and Kommula, and further in view of Bernat, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings of Bernat to improve upon those of Takagi in order to improve access to low-latency resources to assign workloads to in a global view. With respect to claim 11, Takagi discloses: the NAS device of claim 10, wherein the message comprises one or more vendor-specific attributes based on a vendor of the NAS device (i.e., application program information includes program ID and corresponding parameters corresponding to the application on that authenticating device in Takagi, ¶0063). With respect to claim 16, the limitation(s) of claim 16 are similar to those of claim(s) 10. Therefore, claim 16 is rejected with the same reasoning as claim(s) 10. With respect to claim 16, Takagi discloses: the system of claim 12, wherein the message comprises one or more vendor-specific attributes based on a vendor of the NAS device. (i.e., application program information includes program ID and corresponding parameters corresponding to the application on that authenticating device in Takagi, ¶0063). Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHERMAN L LIN whose telephone number is (571)270-7446. The examiner can normally be reached Monday through Friday 9:00 AM - 5:00 PM (Eastern). Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joon Hwang can be reached on 571-272-4036. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. Sherman Lin 1/10/2026 /S. L./Examiner, Art Unit 2447 /JOON H HWANG/Supervisory Patent Examiner, Art Unit 2447