DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
1. This Action is in response to application 18/634,500, filed on 04/12/2024.
2. Claims 1-20 are pending.
Oath or Declaration
3. Applicant(s) oath or declaration filed on 04/18/2024 are approved by the office.
Drawings
4. The drawings and specifications filed on 04/12/2024 are approved by the office.
Information Disclosure Statement
5. IDS filed on 04/12/2024 and 08/28/2025 have been considered.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
6. Claims 1-20 is rejected under 35 U.S.C. 102(a)(1) as being unpatentable over Andrews et al. (USPUB 2017/0180414 A1 from applicant’s IDS filed on 08/28/2025) hereinafter Andrews.
7. Regarding Claim 1, Andrews disclosed a non-transitory computer readable medium having program instructions stored therein that are executable by a first computing system implementing a content distribution network (CDN) to perform operations (see Fig.1, [0017-0018] and [0058]) comprising:
receiving, at the CDN, network traffic requesting access to a service associated with an on-premise network; sending, to a second computing system deployed in the on-premise network, a request to decide whether to rate constrain the network traffic, wherein the second computing system is configured to perform an analysis on the network traffic (see [0020-0023]);
in response to the request, receiving a decision from the second computing system; and implementing the decision for the network traffic at the CDN (see Fig.2, [0030-0032]).
8. Regarding Claim 2, Andrews disclosed the computer readable medium of claim 1, wherein the request is a request for the second computer system to determine whether the network traffic is associated with a denial of service attack (see [0014] and [0023]).
9. Regarding Claim 3, Andrews disclosed the computer readable medium of claim 1, wherein the decision includes one of blocking the network traffic, permitting the network traffic to pass to the on-premise network, and issuing a challenge to a source of the network traffic (see [0054]).
10. Regarding Claim 4, Andrews disclosed the computer readable medium of claim 3, wherein issuing the challenge includes: sending a challenge that asks for a response indicative of whether a human is present at the source; and based on the response, permitting the source to access the service (see [0020-0025]).
11. Regarding Claim 5, Andrews disclosed the computer readable medium of claim 1, wherein the decision specifies one or more internet protocol (IP) addresses applicable to the decision (see [0027]).
12. Regarding Claim 6, Andrews disclosed the computer readable medium of claim 1, wherein the decision specifies a time duration for which the decision is applicable; and wherein the implementing includes applying the decision to the network traffic for the specified time duration (see [0035]).
13. Regarding Claim 7, Andrews disclosed the computer readable medium of claim 1, further comprising: storing, at the CDN, the received decision in a cache including a plurality of decisions; in response to receiving additional network traffic, identifying a particular one of the decisions associated with the additional network traffic; and implementing the particular cached decision for the additional network traffic (see [0020]).
14. Regarding Claim 8, Andrews disclosed the computer readable medium of claim 1, wherein the operations further comprise: deploying, at the first computing system implementing the CDN, a container including a rate limiter application that sends the request to the second computing system deployed in the on-premise network and implements the decision for the network traffic at the CDN (see [0020-0027]).
15. Regarding Claim 9, Andrews disclosed the computer readable medium of claim 8, wherein the operations further comprise: receiving, at the container, the network traffic requesting access to the service; and rate constraining, by the container, the network traffic to implement the decision (see [0020-0027]).
16. Regarding Claim 10, Andrews disclosed the computer readable medium of claim 8, wherein the implementing includes: providing, by the container, one or more instructions to network hardware to rate constrain the network traffic in accordance with the decision (see [0020-0027]).
17. Regarding Claim 11, Andrews disclosed a non-transitory computer readable medium having program instructions stored therein that are executable by a first computing system implementing an on-premise network to perform operations (see Fig.1, [0017-0018] and [0058]) comprising:
receiving, from a second computer system implementing a content distribution network (CDN), a request to decide whether to rate constrain network traffic received at the CDN and requesting access to a service associated with the on-premise network; analyzing the network traffic to determine a decision indicating how to rate constrain the network traffic based on one or more criteria (see [0020-0023]); and sending the decision to the second computer system for implementation at the CDN (see Fig.2, [0030-0032]).
18. Regarding Claim 12, Andrews disclosed the computer readable medium of claim 11, wherein the sending includes: instructing the second computing system to perform one of blocking network traffic at the CDN, permitting the network traffic to pass to the on-premise network, and issuing a challenge to a source of the network traffic (see [0020-0023] and [0030-0032]).
19. Regarding Claim 13, Andrews disclosed the computer readable medium of claim 11, wherein the analyzing further includes: applying a machine learning algorithm to identify one or more patterns in the network traffic; and determining the decision based on the network traffic having the one or more patterns (see [0020-0023] and [0030-0032]).
20. Regarding Claim 14, Andrews disclosed the computer readable medium of claim 11, wherein the analyzing further includes: determining a frequency at which the network traffic is received from a source; and determining the decision based on the frequency satisfying a threshold (see [0020-0023] and [0030-0032]).
21. Regarding Claim 15, Andrews disclosed the computer readable medium of claim 11, wherein the analyzing further includes: applying a risk assessment algorithm to determine a risk score; and determining the decision based on the risk score satisfying a threshold (see [0020-0023] and [0030-0032]).
22. Regarding Claim 16, Andrews disclosed the computer readable medium of claim 11, wherein the analyzing further includes: maintaining a list indicative of whether particular network traffic is permitted to be received by the on-premise network; and determining the decision based on the list (see [0020-0023] and [0030-0032]).
23. Regarding Claim 17, Andrews disclosed the computer readable medium of claim 11 wherein the analyzing further includes: determining whether the network traffic is associated with a denial of service attack (see [0020-0023] and [0030-0032]).
24. Regarding Claim 18, Andrews disclosed the computer readable medium of claim 11 further comprising: tracking metrics pertaining to implementation of the received decision; and sending the metrics to a datastore of the on-premise network (see [0020-0023] and [0030-0032]).
25. Regarding Claim 19, Andrews disclosed a method, comprising: receiving, by a first computing system implementing a content distribution network (CDN), network traffic requesting access to a service associated with an on-premise network; identifying, by the first computing system, a particular one of a plurality of cached decisions associated with the network traffic, wherein the particular cached decision includes one of blocking the network traffic, permitting the network traffic to pass to the on-premise network, and issuing a challenge to a source of the network traffic; and implementing the particular cached decision for the network traffic at the CDN (see Fig.1,Fig.2, [0020-0023] and [0030-0032]).
26. Regarding Claim 20, Andrews disclosed the method of claim 19, further comprising: instantiating, at the first computing system implementing the CDN, a container including a rate limiter application that implements the decision for the network traffic at the CDN; receiving, at the container, network traffic requesting access to the service of the on-premise network; and rate constraining, by the container, the network traffic to implement the decision (see [0020-0023] and [0030-0032]).
Conclusion
Relevant Prior Art Not Relied Upon
The prior art made of record and not relied upon is considered pertinent to Applicant's disclosure. The additional cited art, including but not limited to the excerpts below, further establishes the state of the art at the time of Applicant’s invention and shows the following was known:
The present disclosure is related to multi-queue management techniques and packet reordering techniques for inter-radio access technology (RAT) and intra-RAT traffic steering. The multi-queue management and packet reordering techniques may be used in Multi-Access Management Services (MAMS) framework, which is a programmable framework that provides mechanisms for the flexible selection of network paths in a multi-access (MX) communication environment, based on an application's needs. Other embodiments may be described and/or claimed. (Zhu et al. ‘588)
Testing methods and systems provide a Diagnostic Testing Service as well as an attack simulation service, for a perimeter security system, in a non-disruptive manner, so that the production targets can be tested while normally functioning, and do not have to be brought down for testing. The testing methods can be implemented, such that they are vendor and device type neutral, considering the overall strategy utilized to prevent perimeter security system attacks. (Andriani ‘032)
The paper describes methods to evaluate the QoS capability of a networked system S operating under hostile environment conditions. We evaluate the run-time compliance of system S with the QoS prescription of applications in terms of non-functional attributes that capture the QoS behavior of S (e.g., transaction latency & drop rate in an on-line web service). We benchmark the QoS capability of S by exercising stress-tests on a simulation model of S with artificially injected environment conditions. Our model-based system assessment methods are anchored on PO-MDP frameworks that are currently advocated for network reliability and performance analysis. As case study, we describe the assessment of a CDN (content distribution network) vis-a-vis the content read latency and overhead experienced by clients. Our CDN assessment employs models of the internal algorithmic processes that strive to optimally place the content caching nodes in a distribution topology. (Ravindran et al. “Assessment of QoS adaptation and cyber-defense mechanisms in networked systems”)
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DAVOUD ZAND whose telephone number is (571)272-2697, Fax (571) 273-2697. The examiner can normally be reached on Mon-Fri 9:30-5:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Oscar Louie can be reached on (571) 270-1684. The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/DAVOUD A ZAND/Primary Examiner, Art Unit 2445