METHOD FOR PROCESSING AT LEAST ONE DATA PACKET, AND ASSOCIATED DEVICE AND SYSTEM

§102 §112

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claims 1-18 have been examined and are pending. Priority Receipt is acknowledged of certified copies of papers required by 37 CFR 1.55. Examiner Comments Claim 18 is directed towards “...one intermediate device comprises a processing device for processing...one communication terminal…an entity” and has been analyzed for 35 USC 112(b). The claim comprises wherein each of the at least one communication terminal and the at least one intermediate device comprises a processing device for processing at least one data packet generated by the at least one communication terminal, said at least one data packet having as destination a destination equipment item accessible via said network, items of identification information relating to an identity and/or environment of an entity, respectively. No 35 USC 112(b) deemed necessary since specification states: “As illustrated by figure 2, the processing device DT_UE possesses the hardware architecture of a computer.” [para 0123]. “The transmission of these data is conventionally based on the exchange of data packets emitted by terminals in possession of the users. These can of course be data whose user knows they will be transmitted, for example when a telephone call is made by means of a mobile phone.” [para 0003] “It will therefore be understood that when the term "entity" refers to a physical person.” [para 0017] Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 1-18 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claims 1, 13, and 18 are unclear and appear to have complex, compound sentences that are not conveying the scope clearly. As such, claim 1 recites “…items of identification information relating to an/identity and/or environment of an entity to which said at least one terminal belongs being able to be predetermined from sensitive data having been inserted into said at least one packet before the at least one data packet reaches said destination equipment item.” Examiner suggests clarifying and distinctly separating thoughts for a smoother flow. This will make the metes and bounds of the claim clearer and more distinguished. Claim Objections Claims 1-3, 5, 8-9, and 13-18 are objected to because of the following informalities: Claim 1, lines 3, 6, 8, and 13: use of intentional use term – “being.” Claim limitations to positively recite. Claim 2, line 6: : use of intentional use term – “being.” Claim limitations to positively recite. Claim 3, line 4: use of intentional use term – “being.” Claim limitations to positively recite. Claim 5, lines 8-9: use of intentional use term – “being.” Claim limitations to positively recite. Claim 8, line 7: use of intentional use term – “being.” Claim limitations to positively recite. Claim 9, lines 5 and 7: use of intentional use term – “being.” Claim limitations to positively recite. Claim 13, lines 6, 8, and 19: use of intentional use term – “being.” Claim limitations to positively recite. Claim 14, lines 4-5: use of intentional use term – “being.” Claim limitations to positively recite. Claim 15, lines 3, 9, and 11: use of intentional use term – “being.” Claim limitations to positively recite. Claim 16, line 2: use of intentional use term – “being.” Claim limitations to positively recite. Claim 17, line 2: use of intentional use term – “being.” Claim limitations to positively recite. Claim 18, lines 11, 13, 22, 27, 29 and 35: use of intentional use term – “being.” Claim limitations to positively recite. Claims 13 and 15: limitation is absent a transitional phrase; scope is not clear. MPEP 2111.03 Appropriate correction is required. Claim Rejections - 35 USC § 102 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention. Claim(s) 1-18 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Nanda et al, hereinafter (“Nanda”), US PG Publication 20160191545 A1, was submitted in 07/31/2024 IDS. Regarding currently amended claims 1 and 13, Nanda teaches a method comprising; and : [Nanda ¶¶0005 0012 0025 0027 and 0030-0033] processing at least one data packet generated by at least one terminal items of identification information relating to an identity and/or environment of an entity to which said at least one terminal belongs being able to be predetermined based on the at least one packet reaches the destination equipment item, said method processing being implemented by at least one processing device systems and methods for monitoring virtual networks where packets having properties indicative of potential security threats may forward copies of suspicious packets to a virtual tap port to analyze the packet copies for malware attacks, data leaks, etc. As shown in FIG. 2, system 200 may include a virtual switch 202 in communication with a destination port 206 and a virtual tap port 208 via a virtual network 204. One or more of modules 102 from FIG. 1 may, when executed by at least one processor of virtual switch 202, enable virtual switch 202 to monitor virtual networks. Identification module 104 may cause virtual switch 202 to identify a virtual network 204 containing at least one virtualized switching device/ virtual switch 202 routes network traffic from a source port 210 within virtual network 204 to a destination port 206.] control rule datum, [Nanda ¶0032 providing module 106 may cause virtual switch 202 to provide, within virtual switch 202, a set of software-defined network rules 212 containing criteria for identifying packets having at least one predetermined property associated with a security policy. ¶0033 Virtual switch 202 generally represents any type or form of software emulation or replication of a physical switching device. The terms “switching device” and “switch,” any computing device capable of receiving data packets at an input port and directing packets to their intended destinations by forwarding the packets from an output port.] and, in response to said at least one sensitive datum being detected in said at least one data packet, the applying interception module 108 may cause virtual switch 202 to intercept, at source port 210, a packet 214 destined for destination port 206. Furthermore, determination module 110 may cause virtual switch 202 to determine that at least one characteristic 216 of packet 214 satisfies at least one of software-defined network rules 212.] Regarding currently amended claim 2, Nanda teaches claim 1 as described above. Nanda teaches wherein a processing device among the at least one processing device is incorporated into said at least one terminal[See Nanda ¶¶0030-0033 computing device(s) virtual tap port 208 executing one or more software applications/programs enable to obtain, analyze, and intercept packets]; the set of steps executed by said processing device further including a step in response to said at least one sensitive datum being detected in said at least one data packet. [Nanda ¶0032 Finally, in response to the determination that characteristic 216 of packet 214 satisfies at least one of software-defined network rules 212, forward module 112 may cause virtual switch 202 to forward a copy of packet 214/ packet copy 218 to a virtual tap port 208 that analyzes packet copy 218 for security threats.] Regarding currently amended claim 3, Nanda teaches claim 2 as described above. Nanda teaches the obtaining step executed by the processing device ¶0053 providing module 106 may receive a request to detect the distribution of sensitive data via emails from virtual network 204 and configure software-defined network rules 212 to identify emails distributed from all or a portion of the ports] Regarding currently amended claim 4, Nanda teaches claim 2 as described above. Nanda teaches wherein the set of steps executed by the processing device ¶0073 security module 116 may update software-defined network rules 212 ] Regarding currently amended claim 5, Nanda teaches claim 1 as described above. Nanda teaches wherein a processing deviceamong the at least one processing device is incorporated into at least one device separate from said at least one terminalincluding relaying said at least one data packet to the destination equipment item, said emission being implemented after the applying stepin response to said at least one sensitive datum being detected in said at least one data packet. [Nanda ¶¶0033-0035 0039 0095-0096 0107 and 0110 FIG. 2 system 200 may include a virtual switch 202 in communication with a destination port 206 and a virtual tap port 208 via a virtual network 204; computing system 710 in FIG. 7, and/or portions of exemplary network architecture 800 in FIG. 8. Fig. 8 receives, forwards/emits, copies, intercepts and replicates packets out from an output port] Regarding currently amended claim 6, Nanda teaches claim 5 as described above. Nanda teaches wherein said set of steps executed by the processing device¶¶0030-0032 software-defined network rules (e.g., software-defined network rules 212) containing criteria for identifying packets having at least one predetermined property ¶¶0033-0035 0039 0095-0096 0107 and 0110 destination port 206 and a virtual tap port 208 via a virtual network 204; computing system 710 i] Regarding currently amended claim 7, Nanda teaches claim 5 as described above. Nanda teaches wherein said set of steps executed by the processing devicetransmitting, on said processing device's own initiative, ¶¶0012 0029-0032 and 0072 analysis module 114 of virtual switch 202 may analyze packet copy 218 for security threats once packet copy 218 has been forwarded to virtual tap port 208; determines if packet 214 represents a security threat ] Regarding currently amended claim 8, Nanda teaches claim 5 as described above. Nanda teaches said method further including a step of implementing, by the processing deviceomprising executing a learning algorithm to detect at least one recurring data pattern contained in a set of data packets emitted by said at least one terminalin response to at least one recurring data pattern being detected, applying a rule for controlling the broadcasting of said at least one detected recurring data pattern. [Nanda ¶¶0050-0053 distribution channels relaying generated criteria from providing module 106 to apply software-defined network rules 212 from a tenant of virtual network 204 to detect sensitive data via emails from all or portions of the ports within or outside of virtual network 204] Regarding currently amended claim 9, Nanda teaches claim 5 as described above. Nanda teaches wherein said set of steps executed by the processing devicein response to a criterion being satisfied¶0105 portion of exemplary system 100 in FIG. 1 may represent portions of, interact with, consume data produced by, and/or produce data consumed by one or more systems for information management; data search systems] Regarding currently amended claim 10, Nanda teaches claim 1 as described above. Nanda teaches wherein the sensitive data are inserted into said at least one packet by at least any one of the components from among: an operating system¶0102 A server programmed in this manner may share an application, operating system, processing system, and/or storage system among multiple customers (i.e., tenants). One or more of the modules described herein may also partition data and/or configuration information of a multi-tenant application for each customer. ¶¶0033-0035 0039 and 0095-0096 Fig. 8 client systems 810, 820, and/or 830 coupled to network 850] Regarding currently amended claim 11, Nanda teaches claim 1 as described above. Nanda teaches wherein the at least one control rule of the at least one sensitive datum is any of the items of a listconsisting of: an order of appearance of said at least one sensitive datum in said at least one packet. [Nanda ¶0053 providing module 106 may receive a request from a tenant of virtual network 204 to generate software-defined network rules 212 based on a physical wiretap and/or a certain security policy; identify attempts to access certain servers or virtual machines within virtual network 204 based on a request to detect malicious intrusions into a cloud-based application hosted within virtual network 204. Examiner interprets the malicious feature as modifying/altering the original packet and packet appearance] Regarding currently amended claim 12, Nanda teaches claim 1 as described above. Nanda teaches a non-transitory computer readable medium having stored thereon instructions which, when executed by a processor of the at least one processing device, cause the processor to implement the method of claim 1 ¶0013] Regarding currently amended claim 14, Nanda teaches claim 13 as described above. Nanda teaches said instructions further configuring the processing device further including an emitting module in response to said at least one sensitive datum being detected in said at least one data packet. [See Nanda ¶0053 providing module; ¶0065 forward module forward a copy of packet 214 to virtual tap port 208 in response the determination that characteristic 216 satisfies at least one of software-defined network rules 212. ] Regarding currently amended claim 15, Nanda teaches claim 13 as described above. Nanda teaches said intermediate device being separate from said at least one terminal instructions further configuring the processing device to: and one received data packet being done after said at least one control rule in response to said sensitive datumbeing detected in said at least one data packet. [Nanda ¶0032 and 0065 0068-0071 determination 110 module and forward module 112] Regarding currently amended claim 16, Nanda teaches claim 15 as described above. Nanda teaches said intermediate device being located on a route for routing said at least one data packet toward said destination equipment item ¶0054 a tunnel used to route the packets between VLANs] Regarding currently amended claim 17, Nanda teaches claim 15 as described above. Nanda teaches said intermediate device being deployed in: the network See Nanda ¶¶0033-0035 0039 0095-0096 0107 and 0110 Fig. 8 virtual switch 202 in network 850 receives, forwards, copies, intercepts and replicates packets out from an output port. ¶¶0033-0035 0039 and 0095-0096 Fig. 8 client systems 810, 820, and/or 830 coupled network 850] Regarding currently amended claim 18, Nanda teaches a sensitive data managing systemcomprising: at least one communication terminal connectable to a network; [Nanda ¶0079 client-side terminals, handheld devices, etc.] and at least one intermediate device [Nanda ¶0065 a virtual switch 202], wherein each of the at least one communication terminal and the at least one intermediate device comprises a processing device for processing at least one data packet generated by the at least one communication terminal, said at least one data packet having as destination a destination equipment item accessible via said network, items of identification information relating to an identity and/or environment of an entity to which said at least one communication terminal belongs being able to be predetermined from sensitive data having been inserted into said at least one data packet before the at least one data packet reaches said destination equipment item, said processing device being separate from said destination equipment item and comprising: [Nanda ¶¶0028-0033 and 0078-0080 Exemplary system 100 may also include a determination module 110 that determines that at least one characteristic of the packet satisfies at least one of the rules. Exemplary system 100 may include an analysis module 114 that determines, based on an analysis of the copy of the packet at the virtual tap port, that the packet represents a security threat. One or more of modules 102 may represent software modules stored and configured to run on one or more computing devices, such as the devices illustrated in FIG. 2 system 200 may include a virtual switch 202 in communication with a destination port 206 and a virtual tap port 208 via a virtual network 204; computing system 710 in FIG. 7, and/or portions of exemplary network architecture 800 in FIG. 8. ] at least one processor; [Nanda ¶0080] and at least one non-transitory computer readable medium comprising instructions [Nanda ¶¶0013 and 0091] stored thereon which when executed by the at least one processor configure the processing device to: [Nanda ¶0091] obtain at least one control rule for controlling broadcasting at least one predetermined sensitive datum; [Nanda ¶¶0030-0032 software-defined network rules (e.g., software-defined network rules 212) containing criteria for identifying packets having at least one predetermined property] and apply said at least one control rule to said at least one data packet in response to said sensitive datum associated with said at least one control rule being detected in said at least one data packet, [Nanda ¶¶0038-0039 and 0107 “endpoint security” may refer to the protection of endpoint systems from unauthorized and/or illegitimate use, access, and/or control.] wherein the instructions stored in the processing device of the at least one communication terminal further configure the at least one communication terminal to: generate the at least one data packet; [Nanda ¶¶0033-0035 0039 and 0095-0096 Fig. 8 client systems 810, 820, and/or 830 ] and to emit said at least one packet, said emitting being done after said at least one control rule is applied in response to said at least one sensitive datum being detected in said at least one data packet , wherein the instructions stored in the processing device of the at least one intermediate device further configure the at least one intermediate device to: [Nanda ¶¶0033-0035 0039 0095-0096 0107 and 0110 Fig. 8 virtual switch 202 in network 850 receives, forwards, copies, intercepts and replicates packets out from an output port] receive said at least one data packet, [Nanda ¶0110 …receive a packet to be transformed, transform the packet, output a result of the transformation to a virtual tap port] and relay said at least one data packet to the destination equipment item, the relaying of said at least one received data packet being done after said at least one control rule is applied in response to said sensitive datum being detected in said at least one received data packet. [Nanda ¶¶0033-0035 0039 and 0095-0096 Fig. 8 shows the SAN fabric 880 may also facilitate, via network 850 and servers 840 and 845] Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Ahmed et al 10320813 B1 teaches Threat detection and mitigation in a virtualized computing environment. Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAKINAH W TAYLOR whose telephone number is (571)270-0682. The examiner can normally be reached Monday-Friday, 10:45a-6:45p. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, CATHERINE THIAW can be reached at 571-270-1138. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. SAKINAH WHITE-TAYLOR Primary Examiner Art Unit 2407 /Sakinah White-Taylor/Primary Examiner, Art Unit 2407