DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 are pending for examination.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1, 2, 4-9, 11-16 and 18-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Regarding Claims 1, 2, 4-9, 11-16 and 18-20, the meaning of “MAC”, “IOT”, “IP”, “DHCP”, “NAC”, “RADIUS” are unclear. This could be overcome by spelling-out the acronyms the first time used in the claim.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.
Claims 1-20 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by US 2024/0179168 (Manthiramoorthy et al.).
Regarding Claim 1, Manthiramoorthy teaches a method for detecting an intruder in a network ([¶ 0006], detect and mitigate unauthorized client devices from attempting to gain access to the network, such as by spoofing a MAC address of authorized devices), the method comprising: receiving an authentication request, by the network, including a MAC address from an IOT device ([¶ 0031], Client devices may include multiple different categories of devices with respect to a given enterprise, such as IoT devices. [¶ 0039], receive a request to access network from client device…If client device is a new client device requesting access to network, fingerprinting module may store the fingerprinting information of client device mapped to a MAC address of client device in a database); transmitting a valid response, by the network, for an authentic MAC address to the IOT device ([¶ 0037], authenticated for network access via Media Access Control Authentication Bypass (MAB). MAB uses port-based access control by using a MAC address of the client device. For example, a switch or access point may learn the MAC address of the client device and forwards the learned MAC address to an authentication server. The authentication server may determine whether the MAC address of the client device is valid, and in response to determining that the MAC address is valid, the switch or access point may permit the client device to access the network); receiving, by the network, a request for an IP address via DHCP including a DHCP option from the IOT device ([¶¶ 0118-0119] receives a network access request for a client device to access a network…In response to receiving the network access request, obtains fingerprinting information of the client device associated with the network access request…fingerprinting information may include DHCP options used to request IP addresses); and determining, by the network, whether the MAC address and the DHCP options sufficiently match ([¶¶ 0120-0122], determine whether a MAC address of the client device associated with the network access request is recognized…use the information stored in fingerprint information to authenticate client devices requesting to access the network. For example, receive a subsequent network access request for a client device associated with the subsequent network access request. In response to receiving the subsequent network access request, obtains fingerprinting information of the client device. ..the client device associated with the subsequent network access request may have a MAC address that matches a MAC address of authorized client device…determine whether the fingerprinting information of the client device associated with the subsequent network access request to previously obtained fingerprinting information of an authorized client device. For example, may determine whether DHCP option information of the client device associated with the subsequent network access request match DHCP options information of the authorized client device), and if so allowing access to IOT device ([¶ 0125] In response to determining that the fingerprinting information of the client device associated with the subsequent network access request does not have an anomaly to previously obtained fingerprinting information of the authorized client device, permit network access by the client device associated with the subsequent network access request, if not: outputting, by the network, the mismatch ([¶ 0124], In response to determining that the fingerprinting information of the client device associated with the subsequent network access request has an anomaly to previously obtained fingerprinting information of the authorized client device, execute an access policy to manage access to the network by the client device, for examples, may generate and send a notification to the administrator based on the implemented access policy).
Regarding Claim 2, Manthiramoorthy teaches the method of claim 1 wherein the DHCP options are received from a DHCP cloud based database that is populated with DHCP data received from multiple locations ([Fig. 1, ¶ 0022], Example network system 100 includes various networking components for providing networking services within the wired network including, as examples, a Dynamic Host Configuration Protocol (DHCP) server 116 for dynamically assigning network addresses (e.g., IP addresses) to UEs 148 upon authentication. [¶ 0030], network access control (NAC) systems 180 may identify client devices 148 by analyzing network behavior of the client devices, referred to as fingerprinting. Identification of client devices may be performed based on media access control (MAC) addresses, DHCP options used to request IP addresses, [¶ 0027], each of NAC systems 180 comprises a cloud-based network access control service at multiple, geographically distributed points of presence. Offering cloud-based network access control services avoids the limitations and improves network administration. A centralized, cloud-based deployment of network access control. [¶ 0039], fingerprinting information may include DHCP options used to request IP addresses, … fingerprinting module 156 may store the fingerprinting information of client device 148A-1 mapped to a MAC address of client device 148A-1 in a database (illustrated in FIG. 1A as “fingerprint information 158”)).
Regarding Claim 3, Manthiramoorthy teaches the method of claim 1 wherein the authentication request is an 802.lx authentication request ([¶ 0037] Client devices in enterprise networks can be authenticated for network access via Institute of Electrical and Electronics Engineers (IEEE) 802.1X Port-based Network Access Control (PNAC)).
Regarding Claim 4, Manthiramoorthy teaches the method of claim 1 wherein the authentication request is transmitted from the network to a NAC service in the form of a RADIUS authentication request ([¶ 0029], NAC systems provide a way of authenticating client devices to access wireless networks such as branch or campus enterprise networks. NAC systems may each include or provide access to an Authentication, Authorization, and Accounting (AAA) server, e.g., a RADIUS server, to authenticate client devices. [¶ 0077], Authentication manager enables authentication of client devices at NAS devices to access wireless networks, such as branch or campus enterprise networks, at the sub-set of enterprise sites in communication with NAC system. Authentication manager may perform the functionality of an AAA server, e.g., a RADIUS server, or provide access to an AAA server to authenticate client devices prior to providing access to the enterprise networks via the NAS devices).
Regarding Claim 5, Manthiramoorthy teaches the method of claim 1 wherein the MAC address is a preconfigured MAC to perform MAC Authentication Bypass ([¶ 0037], Client devices …may be authenticated for network access via Media Access Control Authentication Bypass (MAB). MAB uses port-based access control by using a MAC address of the client device).
Regarding Claim 6, Manthiramoorthy teaches the method of claim 1 wherein if the MAC address and the DHCP options do not sufficiently match deny access to the network, send the IoT device to a quarantine network, or any combination thereof ([¶ 0041], Based on determining that the fingerprinting information of the client device associated with the subsequent network access request has an anomaly (e.g., does not match) to the information stored in fingerprint information, fingerprinting module may execute an access policy. The administrator may configure an access policy to deny an unauthorized client device with access to network(s) if fingerprinting information of client device has an anomaly to the information stored in fingerprint information or quarantine client device to a quarantine VLAN or another less privileged VLAN to restrict access of client device. [¶ 0067], Based on the determination that there is an anomaly between the fingerprinting information of client device and fingerprinting information of client device, fingerprinting module may execute an access policy that specifies whether to permit or deny network access for client device. An administrator may configure an access policy to deny client device access to the network or quarantine the client device's access to a quarantine VLAN or another less privileged VLAN to restrict access of the client device in response to determining any of the DHCP options information deviates from the fingerprinting information of client device stored in fingerprint information).
Regarding Claim 7, Manthiramoorthy teaches the method of claim 1 wherein the IoT device can gain access to the network from multiple physical locations ([Fig. 1A, 1B, ¶ 0019], network system 100 includes a plurality sites 102A-102N…Each site 102A-102N also includes a plurality of client devices, otherwise known as user equipment devices (UEs), referred to generally as UEs or client devices 148, representing various wired and/or wireless-enabled devices within each site. For example, a plurality of UEs 148A-1 through 148A-K are currently located at site 102A. Similarly, a plurality of UEs 148N-1 through 148N-K are currently located at site 102N. Each UE 148 may be any type of wireless client device, including, IoT devices such as printers, projectors, security devices, environmental sensors, or any other device and configured to communicate over one or more wireless networks 106. [¶ 0065], if client device is a wireless client device, fingerprinting module may determine if the geolocation of client device is different than the geolocation of client device or different than the expected geolocation of client device based on a mobility pattern of client device. For example, NMS may analyze location information to identify a mobility pattern of a wireless client device. Fingerprinting module may use the mobility pattern to determine whether the geolocation of a client device is to be expected).
Regarding Claim 8, the claim limitations are identical and/or equivalent in scope to claim 1, therefore, Claim 8 is rejected under the same rationale as claim 1. Examiner further notes, Manthiramoorthy also teaches a system comprising: a processor [Fig. 2, ¶ 0071, processor 206].
Regarding Claims 9-14, the claim limitations are identical and/or equivalent in scope to claims 2-7, therefore, Claims 9-14 are rejected under the same rationale as claims 2-7.
Regarding Claim 15, the claim limitations are identical and/or equivalent in scope to claim 1, therefore, Claim 15 is rejected under the same rationale as claim 1. Examiner further notes, Manthiramoorthy also teaches a non-transitory computer program product comprising instructions which, when the program is executed cause a processor ([Fig. 2, ¶ 0072], Processor(s) 206 execute software instructions, such as those used to define a software or computer program, stored to a computer-readable storage medium (such as memory 212)].
Regarding Claims 16-20, the claim limitations are identical and/or equivalent in scope to claims 2-6, therefore, Claims 16-20 are rejected under the same rationale as claims 2-6.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMAD YOUSUF A MIAN whose telephone number is (571)272-9206. The examiner can normally be reached Monday-Friday 9am-5:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ARIO ETIENNE can be reached at 571-272-4001. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MOHAMMAD YOUSUF A. MIAN/Examiner, Art Unit 2457
/ARIO ETIENNE/Supervisory Patent Examiner, Art Unit 2457