Prosecution Insights
Last updated: July 17, 2026
Application No. 18/408,305

METHOD AND APPARATUS TO DETER DEVICE ATTACKS

Non-Final OA §103
Filed
Jan 09, 2024
Priority
Jan 09, 2023 — provisional 63/437,960
Examiner
SCOTT, RANDY A
Art Unit
2439
Tech Center
2400 — Computer Networks
Assignee
Arris Enterprises LLC
OA Round
3 (Non-Final)
85%
Grant Probability
Favorable
3-4
OA Rounds
4m
Est. Remaining
82%
With Interview

Examiner Intelligence

Grants 85% — above average
85%
Career Allowance Rate
803 granted / 949 resolved
+26.6% vs TC avg
Minimal -2% lift
Without
With
+-2.1%
Interview Lift
resolved cases with interview
Typical timeline
2y 10m
Avg Prosecution
21 currently pending
Career history
976
Total Applications
across all art units

Statute-Specific Performance

§101
2.6%
-37.4% vs TC avg
§103
88.5%
+48.5% vs TC avg
§102
2.8%
-37.2% vs TC avg
§112
3.6%
-36.4% vs TC avg
Black line = Tech Center average estimate • Based on career data from 949 resolved cases

Office Action

§103
11231986Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Continued Examination 1. A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 4/7/2026 has been entered. Claim Status 2. Claims 1-4, 10-14, and 18-19 have currently been amended. Response to Arguments 3. The applicant’s arguments filed 4/7/2026 have been taken into consideration, but are moot in view of new grounds of rejection. A. The rejection under 35 USC 101 has been withdrawn in light of the amended claim limitations. B. In response to the applicant’s argument (disclosed on pg. 1-2 of the remarks segment) that the cited prior art doesn’t teach or suggest disclose using a device configuration manager for comparison of a current configuration against stored device configurations: In light of the amended claimed limitation, newly cited prior art reference Bigian et al (US 2015/0149604) has been cited, which discloses using a configuration manager for comparing a live/current device configuration with a previously deployed configuration stored in a configuration repository (e.g., using a device configuration manager for comparison of a current configuration against stored device configurations). Claim Objections 4. Claim 1 is objected to because of the following informalities: Line 10 of claim 1 should be amended to include a semi-colon after the term “coupled to the device” to conclude the limitation. Appropriate correction is required. Allowable Subject Matter 5. Claims 3, 5-6, 8-10, 13, 15-16, and 20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Claim Rejections – 35 USC 103 6. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office Action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 7. Claims 1-2, 4, 7, 11-12, 14, and 17-19 are rejected under 35 USC 103 as being unpatentable over Shenoy et al (CN 111327452 A) in view of Bigian et al (US 2015/0149604). Regarding claim 1, Shenoy et al teaches a system for securing a device executing program instructions (pg. 7, lines 21-25, which discloses a network device containing a configurable security feature), comprising: said device comprising a processor and a memory (pg. 15, lines 32-35, “includes one or more processors…coupled to a memory”); a first device agent module executing on the device (fig. 3, ‘16A, ‘118, & ‘120 and pg. 15, lines 25-35, which disclose the device ‘16A comprising a management daemon ‘118 and a configuration evaluation engine), for: said first device agent module monitoring a current configuration of the device and execution of the program instructions (pg. 17, lines 20-30, which discloses the management daemon determining the device’s configuration data); and generating current configuration information from the monitoring of the configuration of the device (fig. 3, ‘118/’120 & pg. 16, lines 39-42, which disclose determining the current configuration of the device ‘16A); said device configuration manager, communicatively coupled to the device (fig. 3, ‘16A, ‘118, & ‘120, which discloses the management daemon and configuration evaluation engine coupled with the device); accepting the current configuration information (pg. 16, lines 27-28, which discloses the management daemon validating the device configuration); performing a comparison of said current configuration information with stored configuration information (pg. 20, lines 30-35, which discloses comparing the current device configuration with a predetermined configuration); and a second device agent, executing on the device, for accepting and applying the management commands to change the current configuration of the device (fig. 3, ’20 & pg. 13, lines 1-15, which disclose the device also including a controller for changing the device configuration to a secondary configuration upon determining that the configuration change is permissible). Shenoy et al does not explicitly teach sending said current configuration information to a device configuration manager; in response to said comparison if the current configuration is not permitted, generating management commands; and sending said management commands to the device based on said comparison. However, Bigian et al further teaches sending said current configuration information to a device configuration manager (fig. 4, ‘414/’415 & par [0042], lines 1-5, which discloses a configuration manager receiving current device configuration data); in response to said comparison if the current configuration is not permitted, generating management commands (fig. 5, ‘508, par [0042], lines 1-6 & par [0044], lines 1-10, which disclose comparing the current configuration with prior configurations to determine if the configuration is invalid and generating configuration data in the event that the configuration is invalid); and sending said management commands to the device based on said comparison (fig. 4, ‘404, fig. 5, ‘502/’504 & par [0044], lines 1-10, which disclose generating a configuration data file for validating a configuration if the current configuration was not validated in comparison to the previous configuration). It would have been obvious to one of ordinary skill in the art, before the effective day of the invention, that one would be motivated to combine the teachings of Bigian et al within the teachings of Shenoy et al in order to improve upon authenticating device configuration by utilizing configuration templates for managing and updating device configuration (as disclosed par [0022], lines 1-10 of Bigian et al) in order to ensure that each device configuration is authenticated when compared to prestored templates while preventing potential malicious device configurations from being implemented, upon determining that a potential configuration invalid when compared to stored, authenticated configuration data. Regarding claim 2, Shenoy et al and Bigian et al teach the limitations of claim 1. Shenoy et al further teaches wherein: the device configuration manager is communicatively coupled to a database containing said stored configuration information (Abstract, “configuration database”), said stored configuration information comprising permitted device configurations and operations (pg. 13, lines 1-4, “configuration change is permissible”), authorized applications and libraries (pg. 15, lines 32-43) and user permissions and rules (pg. 18, lines 41-42). Regarding claim 4, Shenoy et al does not explicitly teach wherein said comparison comprises comparing permitted device configurations and operations to executing device configurations and operations using the current configuration information. Bigian et al further teaches wherein said comparison comprises comparing permitted device configurations and operations to executing device configurations and operations using the current configuration information (par [0040], lines 1-5, “comparing against the last deployment”). It would have been obvious to one of ordinary skill in the art, before the effective day of the invention, that one would be motivated to combine the teachings of Bigian et al within the teachings of Shenoy et al according to the motivation disclosed regarding claim 1. Regarding claim 7, Shenoy et al and Bigian et al teach the limitations of claim 1. Shenoy et al further teaches wherein the device configuration manager is cloud-based (pg. 9, lines 23-25). Regarding claim 11, Shenoy et al teaches a method of securing a device having a processor and a memory executing program instructions (pg. 15, lines 32-35 & pg. 16, lines 1-5), comprising: the current configuration information generated from the first device agent module monitoring a configuration state of the device and execution of the program instructions (fig. 3, ‘118/’120 & pg. 16, lines 39-42, which disclose determining the current configuration of the device ‘16A & pg. 17, lines 20-30, which discloses the management daemon determining the device’s configuration data); performing in said device configuration manager a comparison of said current configuration information with stored configuration information (pg. 20, lines 30-35, which discloses comparing the current device configuration with a predetermined configuration); providing the management commands to a second device agent to change the configuration state of the device (fig. 3, ’20 & pg. 13, lines 1-15, which disclose the device also including a controller for changing the device configuration to a secondary configuration upon determining that the configuration change is permissible). Shenoy et al does not explicitly teach receiving in a device configuration manager, from a first device agent module executing on the device, current configuration information of the device; generating in response to said comparison if the current configuration is not permitted, in said device configuration manager, management commands. However, Bigian et al further teaches receiving in a device configuration manager, from a first device agent module executing on the device, current configuration information of the device (fig. 4, ‘414/’415 & par [0042], lines 1-5, which discloses a configuration manager receiving current device configuration data); and generating in response to said comparison if the current configuration is not permitted, in said device configuration manager, management commands (fig. 5, ‘508, par [0042], lines 1-6 & par [0044], lines 1-10, which disclose comparing the current configuration with prior configurations to determine if the configuration is invalid and generating configuration data in the event that the configuration is invalid & fig. 4, ‘404, fig. 5, ‘502/’504 & par [0044], lines 1-10, which disclose generating a configuration data file for validating a configuration if the current configuration was not validated in comparison to the previous configuration). It would have been obvious to one of ordinary skill in the art, before the effective day of the invention, that one would be motivated to combine the teachings of Bigian et al within the teachings of Shenoy et al in order to improve upon authenticating device configuration by utilizing configuration templates for managing and updating device configuration (as disclosed par [0022], lines 1-10 of Bigian et al) in order to ensure that each device configuration is authenticated when compared to prestored templates while preventing potential malicious device configurations from being implemented, upon determining that a potential configuration invalid when compared to stored, authenticated configuration data. Regarding claim 12, Shenoy et al and Bigian et al teach the limitations of claim 11. Shenoy et al further teaches wherein: the device configuration manager is communicatively coupled to a database containing said stored configuration information (Abstract, “configuration database”), said stored configuration information comprising permitted device configurations and operations (pg. 13, lines 1-4, “configuration change is permissible”), authorized applications and libraries (pg. 15, lines 32-43) and user permissions and rules (pg. 18, lines 41-42). Regarding claim 14, Shenoy et al does not explicitly teach wherein said comparison comprises comparing permitted device configurations and operations to executing device configurations and operations using the current configuration information. Bigian et al further teaches wherein said comparison comprises comparing permitted device configurations and operations to executing device configurations and operations using the monitored information (par [0040], lines 1-5, “comparing against the last deployment”). It would have been obvious to one of ordinary skill in the art, before the effective day of the invention, that one would be motivated to combine the teachings of Bigian et al within the teachings of Shenoy et al according to the motivation disclosed regarding claim 11. Regarding claim 17, Shenoy et al and Bigian et al teach the limitations of claim 11. Shenoy et al further teaches wherein the device configuration manager is cloud-based (pg. 9, lines 23-25). Regarding claim 18, Shenoy et al teaches an apparatus of securing a device executing program instructions (pg. 7, lines 21-25, which discloses a network device containing a configurable security feature), comprising: a processor (pg. 16, lines 1-5, “programmable processor”); a memory, communicatively coupled to the processor (pg. 15, lines 32-35, “includes one or more processors…coupled to a memory”), the memory storing processing instructions (pg. 15, lines 32-35) including processing instructions for: the current configuration information generated from the first device agent module monitoring a configuration state of the device and execution of the program instructions (fig. 3, ‘118/’120 & pg. 16, lines 39-42, which disclose determining the current configuration of the device ‘16A & pg. 17, lines 20-30, which discloses the management daemon determining the device’s configuration data); performing in said device configuration manager a comparison of said current configuration information with stored configuration information (pg. 20, lines 30-35, which discloses comparing the current device configuration with a predetermined configuration); providing, the management commands to a second device agent to change the configuration state of the device (fig. 3, ’20 & pg. 13, lines 1-15, which disclose the device also including a controller for changing the device configuration to a secondary configuration upon determining that the configuration change is permissible). Shenoy et al does not explicitly teach receiving in a device configuration manager, from a first device agent module executing on the device, current configuration information; generating, in said device configuration manager in response to said comparison if the current configuration is not permitted, management commands. However, Bigian et al further teaches receiving in a device configuration manager, from a first device agent module executing on the device, current configuration information (fig. 4, ‘414/’415 & par [0042], lines 1-5, which discloses a configuration manager receiving current device configuration data); and generating, in said device configuration manager in response to said comparison if the current configuration is not permitted, management commands (fig. 5, ‘508, par [0042], lines 1-6 & par [0044], lines 1-10, which disclose comparing the current configuration with prior configurations to determine if the configuration is invalid and generating configuration data in the event that the configuration is invalid & fig. 4, ‘404, fig. 5, ‘502/’504 & par [0044], lines 1-10, which disclose generating a configuration data file for validating a configuration if the current configuration was not validated in comparison to the previous configuration). It would have been obvious to one of ordinary skill in the art, before the effective day of the invention, that one would be motivated to combine the teachings of Bigian et al within the teachings of Shenoy et al in order to improve upon authenticating device configuration by utilizing configuration templates for managing and updating device configuration (as disclosed par [0022], lines 1-10 of Bigian et al) in order to ensure that each device configuration is authenticated when compared to prestored templates while preventing potential malicious device configurations from being implemented, upon determining that a potential configuration invalid when compared to stored, authenticated configuration data. Regarding claim 19, Shenoy et al does not explicitly teach wherein said comparison comprises comparing permitted device configurations and operations to executing device configurations and operations using the monitored information. Bigian et al further teaches wherein said comparison comprises comparing permitted device configurations and operations to executing device configurations and operations using the monitored information (par [0040], lines 1-5, “comparing against the last deployment”). It would have been obvious to one of ordinary skill in the art, before the effective day of the invention, that one would be motivated to combine the teachings of Bigian et al within the teachings of Shenoy et al according to the motivation disclosed regarding claim 17. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to Randy A. Scott whose telephone number is (571) 272-3797. The examiner can normally be reached on Monday-Thursday 7:30 am-5:00 pm, second Fridays 7:30 am-4pm. If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Luu Pham can be reached on (571) 270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /RANDY A SCOTT/Primary Examiner, Art Unit 2439 20260417
Read full office action

Prosecution Timeline

Jan 09, 2024
Application Filed
Aug 08, 2025
Non-Final Rejection mailed — §103
Jan 08, 2026
Response Filed
Jan 28, 2026
Final Rejection mailed — §103
Apr 07, 2026
Request for Continued Examination
Apr 15, 2026
Response after Non-Final Action
May 01, 2026
Non-Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12682064
Method and Apparatus for Compiling Mirror Image, Nonvolatile Readable Storage Medium, and Electronic Device
1y 2m to grant Granted Jul 14, 2026
Patent 12670142
ASSURANCE OF SECURITY RULES IN A NETWORK
2y 8m to grant Granted Jun 30, 2026
Patent 12665881
LOAD BALANCING SECURE NETWORK TRAFFIC
2y 11m to grant Granted Jun 23, 2026
Patent 12657298
Automatic Binary Code Understanding
2y 8m to grant Granted Jun 16, 2026
Patent 12657315
METHODS, SYSTEMS, AND APPARATUSES FOR IMPROVING DATA ENCRYPTION
2y 8m to grant Granted Jun 16, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
85%
Grant Probability
82%
With Interview (-2.1%)
2y 10m (~4m remaining)
Median Time to Grant
High
PTA Risk
Based on 949 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month