DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 1/12/2026 has been entered.
Claim status in the amendment received on 1/12/2026:
Claims 1, 9 and 17 have been amended.
Claims 8 and 16 have been cancelled.
New claims 21-22 have been added.
Claims 1-7, 9-15 and 17-22 are pending.
Response to Arguments
The arguments have been fully considered but they are not persuasive. At least the May reference teaches the amended claimed feature as shown in the following rejections below.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-2, 4, 6-7, 9, 12, 14-15, 17, 20 and 22 is/are rejected under 35 U.S.C. 103 as being unpatentable over Feyzibehnagh et al. (Pub. No.: US 20190215308 A1) in view of May et al. (Patent. No.: US 9503477 B2).
As to claim 1, Feyzibehnagh teaches receiving, from a client device, traffic that is to be sent over the network to an application (fig. 8, 801);
determining a security score associated with the traffic (fig. 8, 811, and fig. 9, “entropy score” teaches security score);
determining, based at least in part on the security score and based at least in part on an application-aware routing policy, a path for sending the traffic to the application (fig. 8, 813, “encrypted VPN” teaches a path, selecting between VPNs teaches an application-aware routing policy); and
causing the traffic to be sent to the application via the path (fig. 8, 813).
Feyzibehnagh does not explicitly teach receiving the policy and determining, using an identity provider service, security score based on identifier associated with the user and indicating security posture of the client device.
However, in the same field of endeavor (computer networks) May teaches receiving an application-aware routing policy associated with a network (col. 13, lines 14-16, i.e. from a policy database 226);
determining, at least partially using an identity provider service (col. 15, lines 4-9, “Controller 306 can, in turn, be operatively coupled with a client reputation database (CRDB) 308 that stores CR scores for one or more users along with other information such as user profile, designation, work responsibilities and roles, past history, change in pattern of CR scores, category/grade, among other like information.”, i.e. CRDB teaches identity provider service), a security score associated with the traffic, the security score being based in part on an identifier associated with a user profile of a user of the client device (fig. 5, i.e. CR Score), the security score indicating a security posture of the client device (col. 2, lines 39-45, “…CR scores, also interchangeably referred to as reputation scores hereinafter, indicate a quantitative and/or qualitative measure of level of network activity that a resource, say an internal resource, does with external resources. Such activity can relate to requests that internal resource sends out to network (traffic generated) …”).
Based on Feyzibehnagh in view of May, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention, to incorporate receiving the policy and determining, using an identity provider service, security score based on identifier associated with the user and indicating security posture of the client device (taught by May) with routing network traffic based on associated score (taught by Feyzibehnagh) in order to allow network administrators to configure network traffic as needed and to keep track of network users and their associated scores.
As to claim 2, May further teaches wherein the security score is further based at least in part on an internet protocol (IP) address associated with the client device or access policies associated with the user profile (col. 11, lines 6-13, “(49) According to one embodiment, reputation score retrieval module 214 can be configured to retrieve client reputation (CR) score associated with a given user, wherein the client reputation (CR) score can be generated based on one or more of network level activities, interactions of users, user profiles, all or part of which can be stored in a client reputation database (CRDB) 224, which can be directly or indirectly coupled with network controller 210.”). The limitations of claim 2 are rejected in view of the analysis of claim 1 above, and the rationale to combine, as discussed in claim 1, applies here as well.
As to claim 4, Feyzibehnagh teaches further comprising determining a traffic signature associated with the traffic, the traffic signature indicating one or more of a type of the client device or a traffic type, wherein determining the path for sending the traffic to the application is further based at least in part on the traffic signature associated with the traffic (paragraph [0076], “…In some embodiments, the security parameters and/or network path are selected based on characteristics of the traffic flows determined by the security device…”).
As to claim 6, Feyzibehnagh teaches determining that a value of the security score meets or exceeds a threshold value, wherein the path is a direct path for sending the traffic to the application (fig. 8, 813, and paragraph [0133]).
As to claim 7, Feyzibehnagh teaches determining that a value of the security score is less than a threshold value, wherein the path for sending the traffic to the application includes a cloud-delivered security service (fig. 8, 819).
As to claim 9, Feyzibehnagh further teaches a system comprising:
one or more processors (fig. 15); and one or more non-transitory computer-readable media storing instructions that, when executed, cause the one or more processors to perform operations (fig. 15). Therefore, the limitations of claim 9 are substantially similar or broader in scope to claim 1. Please refer to claim 1 above.
As to claims 12 and 14-15, the limitations of the claims are substantially similar or broader in scope to claims 4 and 6-7, respectively. Please refer to each respective claim above.
As to claim 17, Feyzibehnagh further teaches One or more non-transitory computer-readable media storing instructions that, when executed, cause one or more processors to perform operations (fig. 15). Therefore, the limitations of claim 17 are substantially similar or broader in scope to claim 1. Please refer to claim 1 above.
As to claim 20, the limitations of the claim are substantially similar or broader in scope to claim 4. Please refer to claim 4 above.
As to claim 22, the limitations of the claim are substantially similar or broader in scope to claim 6. Please refer to claim 6 above.
Claim(s) 10 and 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Feyzibehnagh et al. (Pub. No.: US 20190215308 A1) in view of May et al. (Patent. No.: US 9503477 B2) and further in view of Venkatasubramanian (Pub. No.: US 20200014724 A1).
As to claim 10, Feyzibehnagh in view of May does not explicitly teach security score based on client device security posture.
However, in the same field of endeavor (computer networks) Venkatasubramanian teaches security score is based at least in part on a security posture of the client device (paragraph [0013]).
Based on Feyzibehnagh in view of May and further in view of Venkatasubramanian, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention, to incorporate security score based on client device security posture (taught by Venkatasubramanian) with receiving the policy and security score based on identifier associated with the user and indicating security posture of the client device (taught by May) with routing network traffic based on associated score (taught by Feyzibehnagh) in order to allow network administrators to configure network traffic as needed and to keep track of network users and their associated scores and in order to enhance the security of the network traffic.
As to claim 18, the limitations of the claim are substantially similar to claim 10. Please refer to claim 10 above.
Claim(s) 3, 5, 11, 13, 19 and 21 is/are rejected under 35 U.S.C. 103 as being unpatentable over Feyzibehnagh et al. (Pub. No.: US 20190215308 A1) in view of May et al. (Patent. No.: US 9503477 B2) and further in view of Singh (Pub. No.: US 20200314133 A1).
As to claim 3, Feyzibehnagh in view of May does not explicitly teach security score based on client device network security level.
However, in the same field of endeavor (computer networks) Singh teaches security score is based at least in part on a security level of a connectivity network of the client device (paragraph [0141]).
Based on Feyzibehnagh in view of May and further in view of Singh, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention, to incorporate security score based on client device network security level (taught by Singh) with receiving the policy and security score based on identifier associated with the user and indicating security posture of the client device (taught by May) with routing network traffic based on associated score (taught by Feyzibehnagh) in order to allow network administrators to configure network traffic as needed and to keep track of network users and their associated scores and in order to enhance the security of the network traffic.
As to claim 5, Feyzibehnagh in view of May does not explicitly teach security score based on network type.
However, in the same field of endeavor (computer networks) Singh teaches a value of the security score is based at least in part on at least one of: whether the client device is a trusted device or an untrusted device, or whether the client device is utilizing a private network or a public network (paragraph [0141]).
Based on Feyzibehnagh in view of May and further in view of Singh, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention, to incorporate security score based on client device network type (taught by Singh) with receiving the policy and security score based on identifier associated with the user and indicating security posture of the client device (taught by May) with routing network traffic based on associated score (taught by Feyzibehnagh) in order to allow network administrators to configure network traffic as needed and to keep track of network users and their associated scores and in order to enhance the security of the network traffic.
As to claims 11 and 13, the limitations of the claims are substantially similar to claims 3 and 5, respectively. Please refer to each respective claim above.
As to claim 19, the limitations of the claim are substantially similar to claim 3. Please refer to claim 3 above.
As to claim 21, the limitations of the claim are substantially similar to claim 5. Please refer to claim 5 above.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ABDULKADER M ALRIYASHI whose telephone number is (313)446-6551. The examiner can normally be reached Monday - Friday, 8AM - 5PM Alt, Friday, EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JOON HWANG can be reached at (571)272-4036. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Abdulkader M Alriyashi/Primary Examiner, Art Unit 2447 1/15/2026