Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
Status of Claims
Claim 1 is subject to examination.
Priority
The claim for domestic priorities (CON of 17/556,318 12/20/2021 PAT 12034710, 17/556,318 is a CON of 16/356,421 03/18/2019 PAT 11233777, 16/356,421 is a CON of 16/039,896 07/19/2018 PAT 10284526, 16/039,896 has PRO 62/536,254 07/24/2017), as claimed in this application under 35 U.S.C. 119(e) is acknowledged.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the claims at issue are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO internet Web site contains terminal disclaimer forms which may be used. Please visit http://www.uspto.gov/forms/. The filing date of the application will determine what form should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Below is a comparison of limitations of claim 1, of this application versus the claim 18 (which depends upon claim 17, 14) of Patent No. 12034710.
Claim 1 is rejected on the ground of nonstatutory double patenting as being unpatentable over claim 18 (which includes limitations of claims 17, 14). The patent claim18 (which includes limitations of claims 17, 14) anticipate the claim 1 of this application.
Claim of the Patent No. 12034710
Claim of this application
14. A computing device comprising: one or more processors; and memory storing instructions that, when executed by the one or more processors, cause the computing device to:
receive one or more first packets initiating a first encrypted communication flow;
add, based on determining that the one or more first packets satisfy domain name criteria, first identification data corresponding to the first encrypted communication flow to a first list indicating packet flows to be decrypted and processed using intermediating logic; based on determining that the one or more second packets are part of the first encrypted communication flow initiated by the one or more first packets, and
based on determining that the first encrypted communication flow corresponds to the first identification data added to the first list, decrypt the one or more second packets; apply
the intermediating logic by processing plaintext of the decrypted one or more second packets and perform a corresponding action associated with the first encrypted communication flow on the decrypted one or more second packets, wherein the corresponding action comprises one or more of:
dropping subsequent packets of the first encrypted communication flow; logging one or more of the decrypted one or more second packets; capturing at least a portion of the decrypted one or more second packets; or applying a transformation to the plaintext of the decrypted one or more second packets; re-encrypt, after performing the corresponding action, at least one of the decrypted one or more second packets; and transmit the re-encrypted at least one of the one or more second packets to its intended destination,
17. The computing device of claim 14, wherein the instructions, when executed by the one or more processors, further cause the computing device to: receive Uniform Resource Identifiers (URIs), wherein the domain name criteria comprises a host name value extracted from the second list.
18. The computing device of claim 17, wherein the instructions, when executed by the one or more processors, further cause the computing device to: receive a third list comprising one or more of: one or more second domain names, or one or more URIs; and assign a first priority to the second list and a second priority to the third list, wherein the first priority is different from the second priority, and wherein the first list is generated further based on the third list, the first priority, and the second priority.
1.(New) A computing device comprising:
one or more processors; and memory storing instructions that, when executed by the one or more processors, cause the
computing device to:
receive one or more first packets initiating a first encrypted communication flow;
add, based on determining that the one or more first packets comprise a domain name
in the domain name list, first identification data corresponding to the first encrypted
communication flow to a first list indicating packet flows to be decrypted and processed
using intermediating logic;
receive one or more second packets;
based on determining that the one or more second packets are part of the first
encrypted communication flow initiated by the one or more first packets, and based on
determining that the first encrypted communication flow corresponds to the first
identification data added to the first list:
decrypt the one or more second packets;
apply the intermediating logic by
processing plaintext of the decrypted one or more second packets and
perform a corresponding action associated with the first encrypted communication flow on
the decrypted one or more second packets, wherein the corresponding action
comprises one or more of:
dropping subsequent packets of the first encrypted communication
flow; logging one or more of the decrypted one or more second packets; capturing at least a portion of the decrypted one or more second
packets; or applying a transformation to the plaintext of the decrypted one or
more second packets,
generate, based on a list of Uniform Resource Indicators (URIs), a domain name list;
based on determining that a first URI in the decrypted one or more second
packets is represented in the list of URIs
“A later patent claim is not patentably distinct from an earlier patent claim if the later claim is obvious over, or anticipated by, the earlier claim”.
In re Longi, 759 F.2d at 896, 225 USPQ at 651 (affirming a holding of obviousness-type double patenting because the claims at issue were obvious over claims in four prior art patents); In re Bern, 140 F.3d at 1437, 46 USPQ2d at 1233 (Fed. Cir. 1998) (affirming a holding of obviousness-type double patenting where a patent application claim to a genus is anticipated by a patent claim to a species within that genus). '' ELI LILLY AND COMPANY v BARR LABORATORIES, INC., United States Court of Appeals for the Federal Circuit, ON PETITION FOR REHEARING EN BANC (DECIDED: May 30, 2001).
Specification
The specification has not been checked to the extent necessary to determine the presence of all possible minor errors. In response to this office action, applicant's cooperation is requested in correcting any errors of which applicant may become aware in the specification. For example, status of co-pending applications should be made with --now copending-- and status of patent applications should be --now U.S. Patent number --. The specification should contain --(.com/.net)-- or --<.com>-- for hyperlinks. The trademark should be capitalized wherever it appears or, where appropriate, include a proper symbol indicating use in commerce such as ™, SM , or ® following the term.
In paragraph [0001], status of co-pending applications should be made with --now copending-- and status of patent applications should be --now U.S. Patent number --.
Drawings
The figures submitted on the filing date of this application are acknowledged.
Information Disclosure Statement
An initialed and dated copy of the applicant’s IDS form 1449(s), is attached to the instant Office action.
Allowable Subject Matter
Claim 1 is subject to double patenting rejections and not prior art rejections. Applicant is suggested to immediately file a terminal disclaimer in order to make this application allowable.
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO internet Web site contains terminal disclaimer forms which may be used. Please visit http://www.uspto.gov/forms/. The filing date of the application will determine what form should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Majumder et al., 2018/0351970 discloses [0034] Decryption manager 232 is responsible for accessing key store 220 to obtain cryptographic key information (e.g., session key or private decryption key) to decrypt any packets associated with a detected encrypted packet flow. For example, after monitoring manager 230 identifies an encrypted packet flow, decryption manager 232 creates a copy of the encrypted packet flow, decrypts the packets of the copy of the encrypted packet flow to generate a decrypted packet flow set. In some embodiments, monitoring manager 230 is also responsible for copying the encrypted packet flow for purposes of decryption and then forwarding the original encrypted packet flow 210 to virtual machine 206 (as represented by encrypted packet flow 212) in a transparent manner. Notably, the retained copy of the encrypted packet flow is then decrypted by virtual tap element 204. [0035] At this stage, decryption manager 232 may be configured to forward the entire decrypted packet flow set (as shown in FIG. 2 as decrypted flow 214) to a network packet analyzer 208. In some embodiments, network packet analyzer 208 is a virtual machine or some other virtual entity completely residing within virtual network environment 200. In other embodiments, network packet analyzer 208 is a hardware based device that is communicatively connected to the computing platform hosting the virtual tap element 204. Network packet analyzer 208 may be any element that is configured to conduct packet analysis (e.g., a net tool optimizer (NTO)) on decrypted packet flows that are communicated entirely within virtual network environment 200. In some embodiments, network packet analyzer 208 may generate statistics regarding the amount of packets and types of packets associated with each different source IP address observed for a predefined time period (e.g., every 10 minutes).
Oprisan et al., US 20200053064 A1 discloses, [0006] According to one aspect, the subject matter described herein includes a method for implementing bandwidth limitations on specific application traffic at a proxy element. The method includes receiving, at a proxy element, a packet flow from at least one source client, identifying encrypted packets associated with a specific application traffic type from among the packet flow, and directing the identified encrypted packets to a bandwidth limiter in the proxy element. The method further includes applying a bandwidth limitation operation to the identified encrypted packets and decrypting the identified encrypted packets if an accumulated amount of payload bytes of the identified encrypted packets complies with the parameters of the bandwidth limitation operation. [0039] In some embodiments, a detected overflow condition (e.g., block 306) triggers proxy element 104 to instruct source client 102 and destination server 106 to reduce the window size. Specifically, proxy element 104 can send a reduce window size message 308 to source client 102 and a reduced window size message 310 to destination server 106. Each of reduced window size message 308 and reduced window size message 310 includes an updated window size value provided by throttle manager 118. In response to receiving the reduce window size message 308, source client 102 is compelled to temporarily send a reduced amount of encrypted packet flow 312 to Proxy element 104. Specifically, source client 102 will only send an amount of data specified by the window size to proxy element 104 until an acknowledgement message (or an updated window size) is received from throttle manager 118. Likewise, destination server 106 similarly temporarily sends a reduced amount of encrypted packet flow 314 to proxy element 104 in response to reduced window size message 310. As such, destination server 106 also only sends the amount of data indicated by the window size to proxy element 104 until an acknowledgement message (or an updated window size) is received from throttle manager 118. Majumder, Oprisan and the additional art of record do not teach or suggest combination of the limitations of claim 1.
Conclusion
Pertinent prior arts: abstract of Moore et al., US-11233777-B2.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HARESH PATEL whose telephone number is (571)272-3973. The examiner can normally be reached on M-F 9-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge L. Ortiz-Criado, can be reached at (571) 272-7624. The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/HARESH N PATEL/Primary Examiner, Art Unit 2496
Prosecution Insights