DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Election/Restrictions
Applicant’s election without traverse of Invention I (claims 1-18 and 20) in the reply filed on 2/5/2026 is acknowledged.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1 and 20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because the claim(s) recite an abstract idea without significantly more. The claim recites receiving, determining, and not complying.
The limitation of recites receiving, as drafted, is a process that, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components. That is, other than reciting “by a processor,” nothing in the claim element precludes the step from practically being performed in the mind. For example, but for the “by a processor” language, “receiving” in the context of this claim encompasses the user collecting information about different network devices. Similarly, the limitation of determining, as drafted, is a process that, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components. For example, but for the “by a processor” language, “determining” in the context of this claim encompasses the user reviewing different network policies and procedure. Likewise, the limitation of not complying, as drafted, is a process that, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components. For example, but for the “by a processor” language, “not complying” in the context of this claim encompasses the user enforcing different rules for the devices. If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components, then it falls within the “Mental Processes” grouping of abstract ideas. Accordingly, the claim recites an abstract idea.
This judicial exception is not integrated into a practical application. In particular, the claim only recites one additional element – using a processor to receiving, determining and not complying. The processor in the steps is recited at a high-level of generality (i.e., as a generic processor performing a generic computer function of allowing or disallowing device communication such that it amounts no more than mere instructions to apply the exception using a generic computer component. Accordingly, this additional element does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea.
The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional element of using a processor to perform receiving, determining and not complying steps amounts to no more than mere instructions to apply the exception using a generic computer component. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. The claim is not patent eligible.
Dependent claims 2-18 are rejected under the same rationale as they do not cure any of the deficiencies of independent claim 1 or 20.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1, 3-18 and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Tian et al (US 2023/0231860) in view of Venkataramani (US 2023/0115472).
Regarding claims 1 and 20, Tian et al discloses a method and a security device comprising at least one processor; and memory, operatively connected to the at least one processor and storing instructions that, when executed by the at least one processor, cause the security device to perform a method, the method comprising [0027]:
determining that the requested communication is not authorized and not complying with the request [0030-0037] (security devices and/or firewalls may deny communications that are requested based on their protocols)
wherein the determining that the requested communication is not authorized comprises: determining that the first device is a member of a first category of devices; determining that the second device is a member of a second category of devices, different from the first category of devices; and applying, by the security device, a rule prohibiting the first category of devices from communicating with the second category of devices [0031, 0071] (a segmented network may be created such that different categories of devices may communicated on different networks).
However, Tian et al does not explicitly disclose but Venkataramani discloses:
receiving, from a first device, a request to communicate with a second device [0045, fig 3 A] (a device initiates network communication with another device).
It would have been obvious to one of ordinary skill in the art at to create the invention as claimed for the following reasons. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Tian et al by requesting communications, for the purpose of communicating securely with another device, based upon the beneficial teachings provided by Venkataramani, see for example [0045]. These modifications would result in ease of use and increased security, both of which are obvious benefits to the skilled artisan. Additionally, the cited references are in the field of computer security, as is the current application, and thus, are in analogous arts.
Regarding claim 3, Tian et al and Venkataramani disclose all the limitations of claim 1. Tian et al does not expressly disclose but Venkataramani additionally discloses wherein the request to communicate comprises a packet addressed to the second device [0045].
The motivation to combine is the same as disclosed in point (14) above.
Regarding claim 4, Tian et al and Venkataramani disclose all the limitations of claim 1. Tian et al additionally discloses wherein the first device is in a broadcast domain, and the second device is in the broadcast domain [0053, 0129, 0136].
Regarding claim 5, Tian et al and Venkataramani disclose all the limitations of claim 1. Tian et al additionally discloses classifying the first device as a member of the first category of devices [0077].
Regarding claim 6, Tian et al and Venkataramani disclose all the limitations of claim 1. Tian et al does not expressly disclose but Venkataramani additionally discloses wherein the classifying of the first device as a member of the first category of devices comprises using a passive method for characterizing the first device [0050].
The motivation to combine is the same as disclosed in point (14) above.
Regarding claim 7, Tian et al and Venkataramani disclose all the limitations of claim 1. Tian et al does not expressly disclose but Venkataramani additionally discloses discloses wherein the passive method comprises monitoring packets transmitted by the first device [0050].
The motivation to combine is the same as disclosed in point (14) above.
Regarding claim 8, Tian et al and Venkataramani disclose all the limitations of claim 1. Tian et al does not expressly disclose but Venkataramani additionally discloses discloses wherein the classifying of the first device as a member of the first category of devices comprises using an active method for characterizing the first device [0019].
The motivation to combine is the same as disclosed in point (14) above.
Regarding claim 9, Tian et al and Venkataramani disclose all the limitations of claim 1. Tian et al does not expressly disclose but Venkataramani additionally discloses wherein the active method comprises port scanning [0019].
The motivation to combine is the same as disclosed in point (14) above.
Regarding claim 10, Tian et al and Venkataramani disclose all the limitations of claim 1. Tian et al additionally discloses wherein the classifying of the first device as a member of the first category of devices comprises using a machine learning model [0079].
Regarding claim 11, Tian et al and Venkataramani disclose all the limitations of claim 1. Tian et al additionally discloses wherein the machine learning model generates a categorization and a first confidence value [0067].
Regarding claim 12, Tian et al and Venkataramani disclose all the limitations of claim 1. Tian et al does not expressly disclose but Venkataramani additionally discloses discloses classifying the first device as a member of a third category of devices; in response to classifying the first device as a member of the third category of devices, determining a second rule enforcing a set of different permissions granted to the first device by the security device; receiving a second request from the first device to communicate with the second device; and determining whether to permit the second request based on the second rule [0050] (devices may be categorized into different categories and the categories/devices may be updated periodically).
The motivation to combine is the same as disclosed in point (14) above.
Regarding claim 13, Tian et al and Venkataramani disclose all the limitations of claim 1. Tian et al additionally discloses classifying, with a different confidence value than the first confidence value, the first device as a member of the first category of devices; receiving a second request from the first device to communicate with the second device; and determining whether to permit the second request based on the rule and the different confidence value; and permitting the second request to communicate [0092].
Regarding claim 14, Tian et al and Venkataramani disclose all the limitations of claim 1. Tian et al does not expressly disclose but Venkataramani additionally discloses receiving operator input from an operator; wherein the rule is based on the operator input, and the classifying of the first device as a member of the first category is based on the operator input [0055] (denying based on false credentials inputted).
The motivation to combine is the same as disclosed in point (14) above.
Regarding claim 15, Tian et al and Venkataramani disclose all the limitations of claim 1. Tian et al additionally discloses modifying a machine learning model based on the operator input [0092] (correcting based on additional information).
Regarding claim 16, Tian et al and Venkataramani disclose all the limitations of claim 1. Tian et al does not expressly disclose but Venkataramani additionally discloses defining one or more permissions for the first device, based on the classifying of the first device as a member of the first category of devices; and determining the rule based on the one or more permissions [0015, 0046] (different devices have different categories).
The motivation to combine is the same as disclosed in point (14) above.
Regarding claim 17, Tian et al and Venkataramani disclose all the limitations of claim 1. Tian et al does not expressly disclose but Venkataramani additionally discloses receiving operator input from an operator, wherein determining the rule is further based on the operator input [0015, 0046, 0055] (different devices have different categories which can be defined by the adminstrator).
The motivation to combine is the same as disclosed in point (14) above.
Regarding claim 18, Tian et al and Venkataramani disclose all the limitations of claim 1. Tian et al does not expressly disclose but Venkataramani additionally discloses wherein the second category of devices is a category of newly connected devices [0015, 0046, 0055] (different devices have different categories which can be defined by the adminstrator).
The motivation to combine is the same as disclosed in point (14) above.
Claim(s)2 is/are rejected under 35 U.S.C. 103 as being unpatentable over Tian et al (US 2023/0231860) in view of Venkataramani (US 2023/0115472) and in further view of Raleigh et al (US 2017/0078922).
Regarding claim 2, Tian et al and Venkataramani disclose all the limitations of claim 1. Tian et al and Venkataramani do not expressly disclose but Raleigh et al discloses wherein the request to communicate comprises an Address Resolution Protocol request for the second device [0263] (traffic control may be monitored through the use of network activity including ARP message).
It would have been obvious to one of ordinary skill in the art at to create the invention as claimed for the following reasons. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Tian et al and Venkataramani by monitoring messaging, for the purpose of communicating securely with another device, based upon the beneficial teachings provided by Raleigh et al, see for example [0263]. These modifications would result in ease of use and increased security, both of which are obvious benefits to the skilled artisan. Additionally, the cited references are in the field of computer security, as is the current application, and thus, are in analogous arts.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Yunusov et al (US 2026/0088929): discloses that a wireless device may receive a first code block of one or more code blocks associated with a transport block for the wireless device. The wireless device may output, using a neural network model associated with the wireless device, a set of low-density parity-check (LDPC) quantization values for a set of iterations of an LDPC decoding procedure for the first code block. In some examples, the set of LDPC quantization values may include respective LDPC quantization values for respective iterations of the set of iterations. The wireless device may perform one or more iterations of the LDPC decoding procedure for the first code block in accordance with one or more LDPC quantization values of the set of LDPC quantization values output using the neural network model.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KENDALL DOLLY whose telephone number is (571)270-1948. The examiner can normally be reached Monday-Friday 7am-3pm (EST).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached at (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/KENDALL DOLLY/Primary Examiner, Art Unit 2436
Prosecution Insights