Prosecution Insights
Last updated: July 17, 2026
Application No. 18/616,642

MACHINE LEARNING OF DATA PATH RULES FOR GATEWAY SERVICES

Non-Final OA §103
Filed
Mar 26, 2024
Priority
Dec 12, 2023 — provisional 63/609,196
Examiner
SHIN, KYUNG H
Art Unit
2447
Tech Center
2400 — Computer Networks
Assignee
Cisco Technology Inc.
OA Round
3 (Non-Final)
82%
Grant Probability
Favorable
3-4
OA Rounds
8m
Est. Remaining
93%
With Interview

Examiner Intelligence

Grants 82% — above average
82%
Career Allowance Rate
796 granted / 970 resolved
+24.1% vs TC avg
Moderate +11% lift
Without
With
+10.8%
Interview Lift
resolved cases with interview
Typical timeline
2y 11m
Avg Prosecution
21 currently pending
Career history
984
Total Applications
across all art units

Statute-Specific Performance

§101
0.8%
-39.2% vs TC avg
§103
86.4%
+46.4% vs TC avg
§102
11.6%
-28.4% vs TC avg
§112
0.2%
-39.8% vs TC avg
Black line = Tech Center average estimate • Based on career data from 970 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION Continued Examination Under 37 CFR 1.114 1. A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 4-13-2026 has been entered. 2. Claims 1 - 20 are pending. Claims 1, 11 have been amended. Claims 1, 11 are independent. File date on 5-1-2024. Claim Rejections - 35 USC § 103 3. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 4. Claims 1, 4, 8 - 11, 14, 18 - 20 are rejected under 35 U.S.C. 103 as being unpatentable over Koponen et al. (US PGPUB No. 20130125230) in view of Rizwan et al. (US PGPUB No. 20200137027) and further in view of Eaton et al. (US Patent No. 7,487,188). Regarding Claims 1, 11, Koponen discloses a method and an apparatus comprising: b) obtaining a subset of rules from a collection of rules to apply to a second instance of the firewall that replaces a first instance of the firewall; c) the second instance of the firewall; (Koponen ¶ 005: provide a system that allows several different logical firewalls to be specified for several different logical networks through one or more shared firewall elements. In some embodiments, the system distributes the logical firewall for a particular logical network across several different physical machines that also host virtual machines of the particular logical network. At each of the different physical machines, a firewall element operates that may be virtualized into several different firewall instances, each implementing a different set of firewall rules for a different logical firewall.) and e) when the second instance is available after loading the subset of rules, processing network traffic of the gateway based on the subset of rules. (Koponen ¶ 032: The firewall stores a set of rules (e.g., entered by a user), that determine whether or not the firewall drops (i.e., discards) or allows the packet through (or, in some cases, rejects the packet by dropping the packet and sending an error response back to the sender).; ¶ 125: Once a logical network has been configured, the machines (e.g., virtual machines) on that network will send and receive packets, which requires the use of the packet processing functions of both the managed switching elements and the firewall that reside on the hosts along with the virtual machines.) Koponen does not explicitly disclose for a) receiving a command related to a configuration of a firewall, and for c) loading the subset of rules. However, Rizwan discloses: a) receiving a command related to a configuration of a firewall of a gateway; and for c) loading the subset of rules. (Rizwan ¶ 043: gateway 312 receives a Command 77 (master command from device manager 302 for sending commands to connected HART field instruments), the gateway processor 202 loads the firewall configuration rules 305 along with instructions for executing firewall rules engine 306 software from memory 212.) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Koponen for a) receiving a command related to a configuration of a firewall, and for c) loading the subset of rules as taught by Rizwan. One of ordinary skill in the art would have been motivated to employ the teachings of Rizwan for the flexibility of a system that enables the loading of configuration rules for data processing by a firewall in a network environment. (Rizwan ¶ 043) Koponen-Rizwan does not explicitly disclose for d) terminating processing by a first instance and processing network traffic using a second instance in place of the first instance. However, Eaton discloses wherein for d) terminating processing by the first instance and processing network traffic using the second instance in place of the first instance. (Eaton col 9: If second DBMS instance 130b is unable to determine that first DBMS instance 130a abnormally terminated, then in one embodiment second DBMS instance 130b notifies an administrator or other user or component of the lack of status at step 408. Once the example administrator has been notified, processing may end. It will be understood that the ending of the recovery processing may be to ensure that data corruption or other complications don't occur due to executing two full instances 130. ... , the second DBMS instance 130b may determine to move forward with conversion from a shadow to full instance (transition) 130 to assist in recovery. In the illustrated embodiment, if second DBMS instance 130b is able to determine that first DBMS instance 130a abnormally terminated, then second DBMS instance 130b is converted from a shadow to full DBMS instance 130 at step 410.; Once second DBMS instance 130b has restarted, upgraded, or otherwise converted to a full DBMS instance 130, it automatically scans log 150 at step 412. Next, at step 414, second DBMS instance 130b loads a pipeline 215 of queries 216 that were received by first DBMS instance 130a and compares pipeline 215 to scanned log 150 at step 416. Based upon this comparison, second DBMS instance 130b identifies the first unexecuted query in pipeline 215 at step 418 and executes it at step 420.) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Koponen-Rizwan for d) terminating processing by a first instance and processing network traffic using a second instance in place of the first instance as taught by Eaton. One of ordinary skill in the art would have been motivated to employ the teachings of Eaton for the flexibility of a system that enables transitioning of processing from a first instance to a second instance. (Eaton col 9) Furthermore, for Claim 11, Koponen discloses wherein a storage memory configured to store instructions; and a processor configured to execute the instructions and cause the processor to perform operations. (Koponen ¶ 151: Many of the above-described features and applications are implemented as software processes that are specified as a set of instructions recorded on a computer readable storage medium (also referred to as computer readable medium). When these instructions are executed by one or more computational or processing unit(s) (e.g., one or more processors, cores of processors, or other processing units), they cause the processing unit(s) to perform the actions indicated in the instructions.) Regarding Claims 4, 14, Koponen-Rizwan-Eaton discloses the method of claim 1 and the apparatus of claim 11, further comprising: b) wherein the collection of rules is stored on a local storage medium associated with at least one processor executing the firewall. (Koponen ¶ 109: the OVS DB daemon 867 receives configuration information from the network controller 880 and stores the configuration information in a set of databases. In some embodiments, the OVS DB daemon 867 communicates with the network controller 880 through a database communication protocol. In some cases, the OVS DB daemon 867 may receive requests for configuration information from the OVS daemon 865. The OVS DB daemon 867, in these cases, retrieves the requested configuration information (e.g., from a set of databases) and sends the configuration information to the OVS daemon 865.) Koponen does not explicitly disclose for a) loading a rule of the collection of rules that is not identified in the subset of rules, and for c) wherein loading of rule is reported to a controller of gateway. However, Rizwan discloses: a) loading a rule of the collection of rules that is not identified in the subset of rules, (Rizwan ¶ 043: receives a Command 77 (master command from device manager 302 for sending commands to connected HART field instruments), the gateway processor 202 loads the firewall configuration rules 305 along with instructions for executing firewall rules engine 306 software from memory 212. The processor 202 then executes the instructions of the firewall rule engine 306.; (load configuration rule, load unidentified configuration rule)) and c) wherein the loading of the rule is reported to a controller of the gateway. (Rizwan ¶ 019: The firewall in a wireless gateway or wireless adaptor can help to filter out unintended or undesirable configuration change or to alert control and safety systems when a configuration change occurs) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Koponen for a) loading a rule of the collection of rules that is not identified in the subset of rules, and for c) wherein loading of rule is reported to a controller of gateway as taught by Rizwan. One of ordinary skill in the art would have been motivated to employ the teachings of Rizwan for the flexibility of a system that enables the loading of configuration rules for data processing by a firewall. (Rizwan ¶ 043) Regarding Claims 8, 18, Koponen-Rizwan-Eaton discloses the method of claim 1 and the apparatus of claim 11, wherein the command related to a rule of the firewall is triggered autonomously without supervision by a third-party service. (Koponen ¶ 141: the user simply specifies the network topology and flow entries are automatically generated to send the packets on the logical wire between two logical forwarding elements to the firewall.; (automatic setup of configuration data (packet processing rules)) Regarding Claim 9, Koponen-Rizwan-Eaton discloses he method of claim 1, wherein the command related to the rule of the firewall is triggered based on supervision of a user. (Koponen ¶ 141: the user specifies routing policies that identify which packets go to the firewall,; (manual input of configuration data (packet processing rules)) Regarding Claims 10, 20, Koponen-Rizwan-Eaton discloses the method of claim 1 and the apparatus of claim 11. Koponen does not explicitly disclose loading remaining rules from the collection of rules. However, Rizwan discloses further comprising: loading remaining rules from the collection of rules after the subset of rules. (Rizwan ¶ 043: gateway 312 receives a Command 77 (master command from device manager 302 for sending commands to connected HART field instruments), the gateway processor 202 loads the firewall configuration rules 305 along with instructions for executing firewall rules engine 306 software from memory 212.; Loading configuration rules; initial or remaining)) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Koponen for loading remaining rules from the collection of rules. as taught by Rizwan. One of ordinary skill in the art would have been motivated to employ the teachings of Rizwan for the flexibility of a system that enables the loading of configuration rules for data processing by a firewall. (Rizwan ¶ 043) Regarding Claim 19, Koponen-Rizwan-Eaton discloses the apparatus of claim 11, wherein the command related to the pipeline rule of the firewall is triggered based on supervision of a user. (Koponen ¶ 141: the user specifies routing policies that identify which packets go to the firewall,; (manual input of configuration data (packet processing rules)) 5. Claims 2, 3, 5, 12, 13, 15 are rejected under 35 U.S.C. 103 as being unpatentable over Koponen in view of Rizwan and further in view of Eaton and Rigor et al. (US PGPUB No. 20210152520). Regarding Claims 2, 12, Koponen-Rizwan-Eaton discloses the method of claim 1 and the apparatus of claim 11, wherein the subset of rules are identified and trained to identify at least one prioritized rule when instantiating the second instance. (Koponen ¶ 009: these rules specify conditions which, if matched, result in either dropping or allowing the packet (similar to access control list (ACL) table entries). As an example, a user might specify that packets from a particular external IP address (or domain of IP addresses) are always dropped when destined for a particular subnet.; (special rule to be followed for a particular instance)) Koponen does not explicitly disclose rules are identified based on a machine learning (ML) model. However, Rigor discloses wherein rules are identified based on a machine learning (ML) model. (Rigor ¶ 015: a persistent low volume attack (PLVA) firewall that detects and protects against persistent low volume attacks in addition to or in lieu of providing protections against volumetric attacks and network traffic containing malicious traffic. The PLVA firewall can be a network firewall appliance or device (i.e., specialized hardware for detecting and protecting against network attacks).; ¶ 029: The address or client list may be provided to the PLVA firewall or derived by the PLVA firewall, for example, via prior history, information sharing, training, machine learning or other automated techniques.) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Koponen for rules are identified based on a machine learning (ML) model as taught by Rigor. One of ordinary skill in the art would have been motivated to employ the teachings of Rigor for the flexibility of a system that enables the utilization of multiple data processing techniques such as machine learning in the generation of rules associated with a firewall. (Rigor ¶ 015) Regarding Claim 3, Koponen-Rizwan-Eaton-Rigor discloses the method of claim 2, further comprising: a) obtaining event information pertaining to network traffic and firewall actions associated with the event information; (Koponen ¶ 089: Each query plan is a set of rules that specifies a set of join operations that are to be performed upon the occurrence of an input table event. The event processor of the rules engine 710 detects the occurrence of each such event.) and b) sending a message including at least event information, wherein a controller is configured to store the event information. (Koponen ¶ 089: Each query plan is a set of rules that specifies a set of join operations that are to be performed upon the occurrence of an input table event. The event processor of the rules engine 710 detects the occurrence of each such event. In some embodiments, the event processor registers for callbacks with the input tables for notification of changes to the records in the input tables 715, and detects an input table event by receiving a notification from an input table when one of its records has changed.) Koponen does not explicitly disclose for b) train the ML model. However, Rigor discloses wherein for b) train the ML model. (Rigor ¶ 029: The address or client list may be provided to the PLVA firewall or derived by the PLVA firewall, for example, via prior history, information sharing, training, machine learning (training a ML model) or other automated techniques.; ¶ 015: a persistent low volume attack (PLVA) firewall that detects and protects against persistent low volume attacks in addition to or in lieu of providing protections against volumetric attacks and network traffic containing malicious traffic. The PLVA firewall can be a network firewall appliance or device (i.e., specialized hardware for detecting and protecting against network attacks).) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Koponen for b) train the ML model as taught by Rigor. One of ordinary skill in the art would have been motivated to employ the teachings of Rigor for the flexibility of a system that enables the utilization of multiple data processing techniques such as machine learning in the generation of rules associated with a firewall. (Rigor ¶ 015) Regarding Claims 5, 15, Koponen-Rizwan-Eaton discloses the method of claim 1 and the apparatus of claim 11. Koponen does not explicitly disclose filtering malicious traffic from network traffic using the subset of rules. However, Rigor discloses wherein processing the network traffic comprises: filtering malicious traffic from the network traffic using the subset of rules. (Rigor ¶ 015: a persistent low volume attack (PLVA) firewall that detects and protects against persistent low volume attacks in addition to or in lieu of providing protections against volumetric attacks and network traffic containing malicious traffic. The PLVA firewall can be a network firewall appliance or device (i.e., specialized hardware for detecting and protecting against network attacks).) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Koponen for filtering malicious traffic from network traffic using the subset of rules as taught by Rigor. One of ordinary skill in the art would have been motivated to employ the teachings of Rigor for the flexibility of a system that enables the utilization of multiple data processing techniques such as machine learning in the generation of rules associated with a firewall. (Rigor ¶ 015) Regarding Claim 13, Koponen-Rizwan-Rigor-Eaton discloses the apparatus of claim 12, wherein the processor is configured to: a) obtain flow information pertaining to network traffic associated with the first instance; (Koponen ¶ 089: Each query plan is a set of rules that specifies a set of join operations that are to be performed upon the occurrence of an input table event. The event processor of the rules engine 710 detects the occurrence of each such event.) and b) send a message including at least flow information to a controller of the gateway, wherein the controller is configured to store the flow information. (Koponen ¶ 089: Each query plan is a set of rules that specifies a set of join operations that are to be performed upon the occurrence of an input table event (message). The event processor of the rules engine 710 detects the occurrence of each such event. In some embodiments, the event processor registers for callbacks with the input tables for notification of changes to the records in the input tables 715, and detects an input table event by receiving a notification from an input table when one of its records has changed.) Koponen does not explicitly disclose for b) train the ML model. However, Rigor discloses wherein for b) train the ML model. (Rigor ¶ 029: The address or client list may be provided to the PLVA firewall or derived by the PLVA firewall, for example, via prior history, information sharing, training, machine learning (training a ML model) or other automated techniques.; ¶ 015: a persistent low volume attack (PLVA) firewall that detects and protects against persistent low volume attacks in addition to or in lieu of providing protections against volumetric attacks and network traffic containing malicious traffic. The PLVA firewall can be a network firewall appliance or device (i.e., specialized hardware for detecting and protecting against network attacks).) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Koponen for b) train the ML model as taught by Rigor. One of ordinary skill in the art would have been motivated to employ the teachings of Rigor for the flexibility of a system that enables the utilization of multiple data processing techniques such as machine learning in the generation of rules associated with a firewall. (Rigor ¶ 015) 6. Claims 6, 16 are rejected under 35 U.S.C. 103 as being unpatentable over Koponen in view of Rizwan and further in view of Eaton and Fischer et al. (US PGPUB No. 20060023716). Regarding Claims 6, 16, Koponen-Rizwan-Eaton discloses the method of claim 1 and the apparatus of claim 11. Koponen does not explicitly disclose firewall is terminated when all flows in the first instance are drained. However, Fischer discloses wherein the first instance of the firewall is terminated when all flows in the first instance are drained, wherein the second instance becomes available before all flows in the first instance are drained. (Fischer ¶ 048: provides a mechanism and method for blocking data in a respective transmit FIFO from being output to a network and draining the data from the MAC data path connected to the transmit FIFO, (first instance data flows drained, first firewall instance terminated; second instance started before first instance terminated)) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Koponen for firewall is terminated when all flows in the first instance are drained as taught by Fischer. One of ordinary skill in the art would have been motivated to employ the teachings of Fischer for the flexibility of a system that enables the termination of a firewall instance by draining all data flows. (Fischer ¶ 048) 7. Claims 7, 17 are rejected under 35 U.S.C. 103 as being unpatentable over Koponen in view of Rizwan and further in view of Eaton and Talur et al. (US Patent No. 11,652,848). Regarding Claims 7, 17, Koponen-Rizwan-Eaton discloses the method of claim 1 and the apparatus of claim 11. Koponen does not explicitly disclose a size of the collection of rules is greater than an amount of memory available. However, Talur discloses wherein a size of the collection of rules is greater than an available amount of memory available to the gateway in user space. (Talur col 25: consider a scenario in which the bottleneck resource at a particular logical partition is the amount of memory needed to store the networking configuration information (security rules, mappings between IVNs and security groups/VNIs, etc.) at each SRPN of the partition, while memory does not appear to be a bottleneck at one or more other logical partitions. Recall that the configuration information may be replicated at each SRPN of the partition in at least some embodiments. If servers with larger memories are not available for the SRPNs, any new SRPN added to the partition may suffer from the same memory bottleneck, since it too would have to store the same amount of configuration information in the same amount of memory as the other SRPNs.) It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Koponen for a size of the collection of rules is greater than an amount of memory available as taught by Talur. One of ordinary skill in the art would have been motivated to employ the teachings of Talur for the flexibility of a system that enables a determination of available memory in the processing of firewall configuration information within a network environment. (Talur col 25) Response to Amendments 8 Applicant’s arguments, see Arguments/Remarks Made in an amendment, filed 4-13-2026, with respect to the rejection(s) under Koponen in view of Rizwan have been fully considered and are persuasive, Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of Koponen in view of Rizwan and further in view of Eaton. A. Applicant argues on pages 6-7 of Remarks: ... 103 obviousness rejection ... . The Examiner respectfully disagrees. A 103 obviousness rejection based on multiple references is a legitimate technique according to the MPEP. The 103 rejection allows portions of the rejection citations for a claimed invention to come from different prior art references. The rejection to each independent and dependent claim includes a citation from the referenced prior art that discloses the basis for the rejection. Each obviousness combination clearly indicates the claim limitation(s) the combined referenced prior art teaches. In addition, a cited passage from the referenced prior art indicates the motivation for the obviousness combination. Each obviousness combination’s disclosure is equivalent to the Applicant’s claim limitation(s) for the claimed invention. Achieved advantage is a valid motivation for the combination of referenced prior art. The rejection of each referenced prior art combination states a motivation for the combination, which translates to an achieved advantage for the combination. B. Applicant argues on page 8 of Remarks: ... Neither reference, alone or in combination, teaches or suggests terminating processing by a first firewall instance and transitioning to a second firewall instance that processes traffic in place of the first instance. The Examiner respectfully disagrees. Eaton discloses a first instance is terminated and processing transitioning to a second instance for further processing. (Eaton col 9: If second DBMS instance 130b is unable to determine that first DBMS instance 130a abnormally terminated, then in one embodiment second DBMS instance 130b notifies an administrator or other user or component of the lack of status at step 408. Once the example administrator has been notified, processing may end. It will be understood that the ending of the recovery processing may be to ensure that data corruption or other complications don't occur due to executing two full instances 130. It will further be understood however that, in another embodiments, second DBMS instance 130b may determine to move forward with conversion from a shadow to full instance (transition) 130 to assist in recovery. In the illustrated embodiment, if second DBMS instance 130b is able to determine that first DBMS instance 130a abnormally terminated, then second DBMS instance 130b is converted from a shadow to full DBMS instance (transitioning) 130 at step 410.; Once second DBMS instance 130b has restarted, upgraded, or otherwise converted to a full DBMS instance 130, it automatically scans log 150 at step 412. Next, at step 414, second DBMS instance 130b loads a pipeline 215 of queries 216 that were received by first DBMS instance 130a and compares pipeline 215 to scanned log 150 at step 416. Based upon this comparison, second DBMS instance 130b identifies the first unexecuted query in pipeline 215 at step 418 and executes it at step 420.) C. Applicant argues on page 9 of Remarks: ... Neither reference requires that a prior firewall instance be terminated when rules are loaded or executed, nor do they require that traffic processing be transferred between instances. The Examiner respectfully disagrees. Eaton discloses a first instance is terminated and processing transitioning to a second instance for further processing. (Eaton col 9: If second DBMS instance 130b is unable to determine that first DBMS instance 130a abnormally terminated, then in one embodiment second DBMS instance 130b notifies an administrator or other user or component of the lack of status at step 408. Once the example administrator has been notified, processing may end. It will be understood that the ending of the recovery processing may be to ensure that data corruption or other complications don't occur due to executing two full instances 130. It will further be understood however that, in another embodiments, second DBMS instance 130b may determine to move forward with conversion from a shadow to full instance (transition) 130 to assist in recovery. In the illustrated embodiment, if second DBMS instance 130b is able to determine that first DBMS instance 130a abnormally terminated, then second DBMS instance 130b is converted from a shadow to full DBMS instance (transitioning) 130 at step 410.; Once second DBMS instance 130b has restarted, upgraded, or otherwise converted to a full DBMS instance 130, it automatically scans log 150 at step 412. Next, at step 414, second DBMS instance 130b loads a pipeline 215 of queries 216 that were received by first DBMS instance 130a and compares pipeline 215 to scanned log 150 at step 416. Based upon this comparison, second DBMS instance 130b identifies the first unexecuted query in pipeline 215 at step 418 and executes it at step 420.) D. Applicant argues on page 9 of Remarks: ... Claim 11 while different in scope includes similar limitations to Claim 1 and should therefore be allowable for the same reasons asserted above. Independent claim 11 contains similar limitations as independent claim 1. Responses against independent claim 1 also answer current arguments against independent claim 11. E. Applicant argues on page 9 of Remarks: ... claims 2-10, 12-20 should also be allowable at least by virtue of their dependency on allowable independent claims. Responses to arguments against independent claims also answer current arguments against dependent claims. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Kyung H Shin whose telephone number is (571)272-3920. The examiner can normally be reached M - F: 12pm - 8pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joon H Hwang can be reached at 571-272-4036. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /KYUNG H SHIN/ 5-2-2026Primary Examiner, Art Unit 2447
Read full office action

Prosecution Timeline

Mar 26, 2024
Application Filed
Aug 19, 2025
Non-Final Rejection mailed — §103
Nov 19, 2025
Response Filed
Jan 13, 2026
Final Rejection mailed — §103
Apr 13, 2026
Request for Continued Examination
Apr 21, 2026
Response after Non-Final Action
May 06, 2026
Non-Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12683761
CONFIDENTIAL AUTOMATED SPEECH RECOGNITION
1y 10m to grant Granted Jul 14, 2026
Patent 12659320
EDGE-BASED THREAT INTELLIGENCE SHARING
2y 5m to grant Granted Jun 16, 2026
Patent 12657402
Systems and methods for utilizing Large Language Models (LLMs) for improving machine learning models in network and computer security
2y 6m to grant Granted Jun 16, 2026
Patent 12659332
SECURE PLATFORM FOR PROCESSING DATA
2y 2m to grant Granted Jun 16, 2026
Patent 12647357
ATTESTATION LOGIC ON MEMORY FOR MEMORY DIE VERIFICATION
3y 5m to grant Granted Jun 02, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
82%
Grant Probability
93%
With Interview (+10.8%)
2y 11m (~8m remaining)
Median Time to Grant
High
PTA Risk
Based on 970 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month