DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 are presented for examination.
Specification
The title of the invention is not descriptive. A new title is required that is clearly indicative of the invention to which the claims are directed.
The disclosure is objected to because of the following informalities: on page 7, paragraph 66, line 2, Applicants write, “information used as baits.” It was thought that Applicants meant to write, “information used as bait.” Appropriate correction is required.
Claim Objections
Claim 8 is objected to because of the following informalities: in line 3, Applicants write, “prohibit the access traffic leaded into the Honeypot service.” It is unclear what the term “leaded” is supposed to connote here. Appropriate correction is required.
Claim 18 is objected to because of the following informalities: in line 4, Applicants write, “prohibit the access traffic leaded into the Honeypot service.” It is unclear what the term “leaded” is supposed to connote here. Appropriate correction is required.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claim 9 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. It is unclear what an establishment result is, within the scope of the claim, and how one would determine “a number of establishment times” of either the Honeypot service or the probe service. Additionally, it follows that it is unclear what reestablishing would entail given that it is unknown what establishment means. Further clarification of these terms and concepts, within the metes and bounds of the Specification, is requested.
Claim 19 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. It is unclear what an establishment result is, within the scope of the claim, and how one would determine “a number of establishment times” of either the Honeypot service or the probe service. Additionally, it follows that it is unclear what reestablishing would entail given that it is unknown what establishment means. Further clarification of these terms and concepts, within the metes and bounds of the Specification, is requested.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 9-12, 19, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Borak (U.S. 2022/0182412) and further in view of Xiao et al. (U.S. 11,757,936).
With respect to claim 1, Borak teaches a method for processing a security service (Borak, page 4, paragraph 69), the method being performed by a cloud server (Borak, page 5, paragraph 73) and comprising: receiving a Honeypot service deployment request transmitted by (Borak, page 14, paragraph 177 and page 15, paragraph 193) a network content provider (Borak, page 5, paragraph 75), the Honeypot service deployment request being configured to indicate (Borak, page 14, paragraph 177) a probe service type (Borak, page 15, paragraph 192) and a Honeypot service type (Borak, page 14, paragraph 177), and the probe service type (Borak, page 15, paragraph 192) being configured to indicate a traffic leading mode (Borak, page 14, paragraph 180); establishing, based on the Honeypot service type (Borak, page 14, paragraph 177), corresponding to target network content the target network content being network content provided by the network content provider (Borak, page 5, paragraph 75); and establishing a probe service of the probe service type, the probe service (Borak, page 15, paragraph 192) being configured to lead access traffic (Borak, page 14, paragraph 180) to the target network content (Borak, page 5, paragraph 75) to the Honeypot service (Borak, Fig. 21, element 2110; page 14, paragraph 180).
Borak does not explicitly teach a Honeypot service in a cloud.
However, Xiao teaches a Honeypot service in a cloud (Xiao, col. 26, lines 33-37).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Borak in view of Xiao in order to enable a Honeypot service in a cloud. One would be motivated to do so in order to address advanced security threats (e.g., advanced cyber-attacks) that are employing stealthy, persistent methods to evade traditional security measures. To address this, new and improved techniques are needed to efficiently and effectively identify such new and evolving advanced threats (Xiao, col. 4, lines 50-60).
With respect to claim 9, the combination of Borak and Xiao teaches the invention described in claim 1, including the method wherein the method further comprises: obtaining an establishment result and a number of establishment times of (Borak, page 15, paragraph 189) the Honeypot service (Borak, page 14, paragraph 177 and page 15, paragraph 193) or the probe service (Borak, pages 7-8, paragraph 115 and page 15, paragraph 192); and reestablishing (Borak, page 15, paragraph 190), in response to that the establishment result is that establishment fails and the number of establishment times does not reach a number of times threshold (Borak, page 15, paragraph 189), the Honeypot service (Borak, page 14, paragraph 177 and page 15, paragraph 193) or the probe service (Borak, pages 7-8, paragraph 115 and page 15, paragraph 192) failed to be established (Borak, page 15, paragraph 189).
The combination of references is made under the same rationale as claim 1 above.
With respect to claim 10, the combination of Borak and Xiao teaches the invention described in claim 9, including the method wherein the method further comprises: returning, in response to that the establishment result is that establishment fails and the number of establishment times reaches the number of times threshold (Borak, page 15, paragraph 189), information indicating that the Honeypot service (Borak, page 14, paragraph 177 and page 15, paragraph 193) or the probe service (Borak, pages 7-8, paragraph 115 and page 15, paragraph 192) fails to be established to (Borak, page 14, paragraphs 181-184 and page 15, paragraph 189) a console (Borak, page 14, paragraph 185) of the cloud server (Borak, page 5, paragraph 73).
The combination of references is made under the same rationale as claim 1 above.
With respect to claim 11, the combination of Borak and Xiao teaches the invention described in claim 1, including the method wherein the method further comprises: recording a behavior record of (Borak, page 14, paragraph 179-180) the access traffic (Borak, page 14, paragraph 180) in the Honeypot service Borak, page 14, paragraph 177 and page 15, paragraph 193); and returning the behavior record to (Borak, page 14, paragraph 181-185) the network content provider (Borak, page 5, paragraph 75).
The combination of references is made under the same rationale as claim 1 above.
With respect to claim 12, Borak teaches a computer device comprising a processor and a memory, the memory having at least one computer program stored therein, and the at least one computer program being loaded and performed by the processor to: receive a Honeypot service deployment request transmitted by (Borak, page 14, paragraph 177 and page 15, paragraph 193) a network content provider (Borak, page 5, paragraph 75), the Honeypot service deployment request being configured to indicate (Borak, page 14, paragraph 177) a probe service type (Borak, page 15, paragraph 192) and a Honeypot service type (Borak, page 14, paragraph 177), and the probe service type (Borak, page 15, paragraph 192) being configured to indicate a traffic leading mode (Borak, page 14, paragraph 180); establish, based on the Honeypot service type (Borak, page 14, paragraph 177), corresponding to target network content, the target network content being network content provided by the network content provider (Borak, page 5, paragraph 75); and establish a probe service of the probe service type, the probe service (Borak, page 15, paragraph 192) being configured to lead access traffic (Borak, page 14, paragraph 180) to the target network content (Borak, page 5, paragraph 75) to the Honeypot service (Borak, Fig. 21, element 2110; page 14, paragraph 180).
Borak does not explicitly teach a Honeypot service in a cloud.
However, Xiao teaches a Honeypot service in a cloud (Xiao, col. 26, lines 33-37).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Borak in view of Xiao in order to enable a Honeypot service in a cloud. One would be motivated to do so in order to address advanced security threats (e.g., advanced cyber-attacks) that are employing stealthy, persistent methods to evade traditional security measures. To address this, new and improved techniques are needed to efficiently and effectively identify such new and evolving advanced threats (Xiao, col. 4, lines 50-60).
With respect to claim 20, Borak teaches a non-transitory computer-readable storage medium having at least one computer program stored therein, the at least one computer program being loaded and performed by a processor to: receive a Honeypot service deployment request transmitted by (Borak, page 14, paragraph 177 and page 15, paragraph 193) a network content provider (Borak, page 5, paragraph 75), the Honeypot service deployment request being configured to indicate (Borak, page 14, paragraph 177) a probe service type (Borak, page 15, paragraph 192) and a Honeypot service type (Borak, page 14, paragraph 177), and the probe service type (Borak, page 15, paragraph 192) being configured to indicate a traffic leading mode (Borak, page 14, paragraph 180); establish, based on the Honeypot service type (Borak, page 14, paragraph 177), corresponding to target network content, the target network content being network content provided by the network content provider (Borak, page 5, paragraph 75); and establish a probe service of the probe service type, the probe service (Borak, page 15, paragraph 192) being configured to lead access traffic (Borak, page 14, paragraph 180) to the target network content (Borak, page 5, paragraph 75) to the Honeypot service (Borak, Fig. 21, element 2110; page 14, paragraph 180).
Borak does not explicitly teach a Honeypot service in a cloud.
However, Xiao teaches a Honeypot service in a cloud (Xiao, col. 26, lines 33-37).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Borak in view of Xiao in order to enable a Honeypot service in a cloud. One would be motivated to do so in order to address advanced security threats (e.g., advanced cyber-attacks) that are employing stealthy, persistent methods to evade traditional security measures. To address this, new and improved techniques are needed to efficiently and effectively identify such new and evolving advanced threats (Xiao, col. 4, lines 50-60).
Claim 19 does not teach or define any new limitations above claim 9 and therefore is rejected for similar reasons.
Claims 2-4, 13, and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Borak in view of Xiao and further in view of Purushothaman (U.S. 10,574,559).
With respect to claim 2, Borak teaches the invention described in claim 1, including a method for processing a security service (Borak, page 4, paragraph 69), the method being performed by a cloud server (Borak, page 5, paragraph 73) and comprising: receiving a Honeypot service deployment request transmitted by (Borak, page 14, paragraph 177 and page 15, paragraph 193) a network content provider (Borak, page 5, paragraph 75), the Honeypot service deployment request being configured to indicate (Borak, page 14, paragraph 177) a probe service type (Borak, page 15, paragraph 192) and a Honeypot service type (Borak, page 14, paragraph 177), and the probe service type (Borak, page 15, paragraph 192) being configured to indicate a traffic leading mode (Borak, page 14, paragraph 180); establishing, based on the Honeypot service type (Borak, page 14, paragraph 177), corresponding to target network content the target network content being network content provided by the network content provider (Borak, page 5, paragraph 75); and establishing a probe service of the probe service type, the probe service (Borak, page 15, paragraph 192) being configured to lead access traffic (Borak, page 14, paragraph 180) to the target network content (Borak, page 5, paragraph 75) to the Honeypot service (Borak, Fig. 21, element 2110; page 14, paragraph 180).
Borak does not explicitly teach a Honeypot service in a cloud.
However, Xiao teaches a Honeypot service in a cloud (Xiao, col. 26, lines 33-37).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Borak in view of Xiao in order to enable a Honeypot service in a cloud. One would be motivated to do so in order to address advanced security threats (e.g., advanced cyber-attacks) that are employing stealthy, persistent methods to evade traditional security measures. To address this, new and improved techniques are needed to efficiently and effectively identify such new and evolving advanced threats (Xiao, col. 4, lines 50-60).
The combination of Borak and Xiao does not explicitly teach an intrusive traffic leading type or a non-intrusive traffic leading type.
However, Purushothaman teaches an intrusive traffic leading type or a non-intrusive traffic leading type (Purushothaman, col. 10, lines 46-59).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Borak and Xiao in view of Purushothaman in order to enable an intrusive traffic leading type or a non-intrusive traffic leading type. One would be motivated to do so in order to define monitors associated with a component (i.e., application/software, middleware, hardware or the like) to be implemented with a computing environment infrastructure. The present invention relies on deploying, on demand or the like, one or more probes that scan through various layers of the computing environment infrastructure to identify possible monitoring requirements (Purushothaman, col. 5, lines 5-13).
With respect to claim 3, the combination of Borak, Xiao, and Purushothaman teaches the invention described in claim 2, including the method wherein, in response to the probe service type being an intrusive traffic leading type (Purushothaman, col. 10, lines 46-59), the establishing a probe service of the probe service type (Borak, page 15, paragraph 192) comprises: creating a rule engine (Borak, page 14, paragraphs 181-185) and a leading engine (Borak, page 14, paragraphs 180-185) of the probe service (Borak, page 15, paragraph 192) in the cloud (Borak, page 5, paragraph 73), wherein the rule engine is configured to identify whether the access traffic to the target network content is an access traffic of a specified type (Borak, page 14, paragraphs 181-185); and the leading engine is configured to lead, based on an identification result of the rule engine, the access traffic of a specified type to the Honeypot service (Borak, page 14, paragraphs 180-185).
The combination of references is made under the same rationale as claim 2 above.
With respect to claim 4, the combination of Borak, Xiao, and Purushothaman teaches the invention described in claim 3, including the method wherein the method further comprises: receiving a traffic identification rule transmitted by a first device, the traffic identification rule being configured to indicate a determining condition for the access traffic of the specified type; and delivering the traffic identification rule to the rule engine (Borak, page 14, paragraphs 181-185).
The combination of references is made under the same rationale as claim 2 above.
Claims 13 and 14 do not teach or define any new limitations above claims 2 and 3 and therefore are rejected for similar reasons.
Claims 5, 6, 8, 15, 16, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Borak in view of Xiao in view of Purushothaman and further in view of Islam et al. (U.S. 11,089,119).
With respect to claim 5, Borak teaches the invention described in claim 2, including a method for processing a security service (Borak, page 4, paragraph 69), the method being performed by a cloud server (Borak, page 5, paragraph 73) and comprising: receiving a Honeypot service deployment request transmitted by (Borak, page 14, paragraph 177 and page 15, paragraph 193) a network content provider (Borak, page 5, paragraph 75), the Honeypot service deployment request being configured to indicate (Borak, page 14, paragraph 177) a probe service type (Borak, page 15, paragraph 192) and a Honeypot service type (Borak, page 14, paragraph 177), and the probe service type (Borak, page 15, paragraph 192) being configured to indicate a traffic leading mode (Borak, page 14, paragraph 180); establishing, based on the Honeypot service type (Borak, page 14, paragraph 177), corresponding to target network content the target network content being network content provided by the network content provider (Borak, page 5, paragraph 75); establishing a probe service of the probe service type, the probe service (Borak, page 15, paragraph 192) being configured to lead access traffic (Borak, page 14, paragraph 180) to the target network content (Borak, page 5, paragraph 75) to the Honeypot service (Borak, Fig. 21, element 2110; page 14, paragraph 180); and the establishing a probe service of the probe service type (Borak, page 15, paragraph 192) comprises: a provider network (Borak, page 5, paragraph 75) and the Honeypot service (Borak, page 14, paragraph 177 and page 15, paragraph 193), the provider network being a network providing the target network content (Borak, page 5, paragraph 75); the provider network (Borak, page 5, paragraph 75) and the Honeypot service (Borak, page 14, paragraph 177 and page 15, paragraph 193); and the access traffic (Borak, page 14, paragraphs 180-185) to the target network content (Borak, page 5, paragraph 75) to the Honeypot service (Borak, page 14, paragraphs 180-185).
Borak does not explicitly teach a Honeypot service in a cloud.
However, Xiao teaches a Honeypot service in a cloud (Xiao, col. 26, lines 33-37).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Borak in view of Xiao in order to enable a Honeypot service in a cloud. One would be motivated to do so in order to address advanced security threats (e.g., advanced cyber-attacks) that are employing stealthy, persistent methods to evade traditional security measures. To address this, new and improved techniques are needed to efficiently and effectively identify such new and evolving advanced threats (Xiao, col. 4, lines 50-60).
The combination of Borak and Xiao does not explicitly teach an intrusive traffic leading type or a non-intrusive traffic leading type; and the method wherein, in response to the probe service type being the non-intrusive traffic leading type.
However, Purushothaman teaches an intrusive traffic leading type or a non-intrusive traffic leading type (Purushothaman, col. 10, lines 46-59); and the method wherein, in response to the probe service type being the non-intrusive traffic leading type (Purushothaman, col. 10, lines 46-59).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Borak and Xiao in view of Purushothaman in order to enable an intrusive traffic leading type or a non-intrusive traffic leading type; and the method wherein, in response to the probe service type being the non-intrusive traffic leading type. One would be motivated to do so in order to define monitors associated with a component (i.e., application/software, middleware, hardware or the like) to be implemented with a computing environment infrastructure. The present invention relies on deploying, on demand or the like, one or more probes that scan through various layers of the computing environment infrastructure to identify possible monitoring requirements (Purushothaman, col. 5, lines 5-13).
The combination of Borak, Xiao, and Purushothaman does not explicitly teach creating an elastic network interface (ENI) between; and configuring, based on the ENI, a network address translation (NAT) rule between; and the NAT rule being configured to instruct the ENI to forward.
However, Islam teaches creating an elastic network interface (ENI) between (Islam, col. 8, line 52 – col. 9, line 3); and configuring, based on the ENI, a network address translation (NAT) rule (Islam, col. 14, lines 12-37) between (Islam, col. 8, line 52 – col. 9, line 3); and the NAT rule being configured to instruct the ENI to forward (Islam, col. 14, lines 12-37).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Borak, Xiao, and Purushothaman in view of Islam in order to enable creating an elastic network interface (ENI) between; and configuring, based on the ENI, a network address translation (NAT) rule between; and the NAT rule being configured to instruct the ENI to forward. One would be motivated to do so in order to provide computer data security in network data storage (Islam, col. 1, lines 15-16).
With respect to claim 6, the combination of Borak, Xiao, Purushothaman, and Islam teaches the invention described in claim 5, including the method wherein the creating an ENI between (Islam, col. 8, line 52 – col. 9, line 3) a provider network (Borak, page 5, paragraph 75) and the Honeypot service (Borak, page 14, paragraph 177 and page 15, paragraph 193) comprises: creating a virtual private cloud (VPC) in (Islam, col. 6, lines 32-57) the provider network (Borak, page 5, paragraph 75); inserting the ENI in (Islam, col. 8, line 52 – col. 9, line 3) the VPC (Islam, col. 6, lines 32-57), the ENI being bound to (Islam, col. 14, lines 12-37) the Honeypot service (Borak, page 14, paragraphs 180-185); applying for, in the VPC (Islam, col. 6, lines 32-57), a virtual address of the ENI; and binding the virtual address of the ENI to a public network address (Islam, col. 8, line 52 – col. 9, line 3) or an Intranet address of the provider network.
The combination of references is made under the same rationale as claim 5 above.
With respect to claim 8, the combination of Borak, Xiao, Purushothaman, and Islam teaches the invention described in claim 5, including the method wherein the method further comprises: binding a security group rule (Borak, page 11, paragraph 153) for the ENI (Islam, col. 8, line 52 – col. 9, line 3), the security group rule being configured to prohibit(Borak, page 11, paragraph 153) the access traffic (Borak, page 14, paragraph 180) leaded into the Honeypot service (Borak, Fig. 21, element 2110; page 14, paragraph 180) from actively accessing (Borak, page 11, paragraph 153) the provider network (Borak, page 5, paragraph 75).
The combination of references is made under the same rationale as claim 5 above.
Claims 15, 16, and 18 do not teach or define any new limitations above claims 5, 6, and 8 and therefore are rejected for similar reasons.
Claims 7 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Borak in view of Xiao in view of Purushothaman in view of Islam and further in view of Demmer et al. (U.S. 8,473,620).
With respect to claim 7, Borak teaches the invention described in claim 5, including a method for processing a security service (Borak, page 4, paragraph 69), the method being performed by a cloud server (Borak, page 5, paragraph 73) and comprising: receiving a Honeypot service deployment request transmitted by (Borak, page 14, paragraph 177 and page 15, paragraph 193) a network content provider (Borak, page 5, paragraph 75), the Honeypot service deployment request being configured to indicate (Borak, page 14, paragraph 177) a probe service type (Borak, page 15, paragraph 192) and a Honeypot service type (Borak, page 14, paragraph 177), and the probe service type (Borak, page 15, paragraph 192) being configured to indicate a traffic leading mode (Borak, page 14, paragraph 180); establishing, based on the Honeypot service type (Borak, page 14, paragraph 177), corresponding to target network content the target network content being network content provided by the network content provider (Borak, page 5, paragraph 75); establishing a probe service of the probe service type, the probe service (Borak, page 15, paragraph 192) being configured to lead access traffic (Borak, page 14, paragraph 180) to the target network content (Borak, page 5, paragraph 75) to the Honeypot service (Borak, Fig. 21, element 2110; page 14, paragraph 180); and the establishing a probe service of the probe service type (Borak, page 15, paragraph 192) comprises: a provider network (Borak, page 5, paragraph 75) and the Honeypot service (Borak, page 14, paragraph 177 and page 15, paragraph 193), the provider network being a network providing the target network content (Borak, page 5, paragraph 75); the provider network (Borak, page 5, paragraph 75) and the Honeypot service (Borak, page 14, paragraph 177 and page 15, paragraph 193); the access traffic (Borak, page 14, paragraphs 180-185) to the target network content (Borak, page 5, paragraph 75) to the Honeypot service (Borak, page 14, paragraphs 180-185); a provider network (Borak, page 5, paragraph 75) and the Honeypot service (Borak, page 14, paragraph 177 and page 15, paragraph 193) comprises: the provider network (Borak, page 5, paragraph 75); the Honeypot service (Borak, page 14, paragraph 177 and page 15, paragraph 193); the Honeypot service (Borak, page 14, paragraph 177 and page 15, paragraph 193).
Borak does not explicitly teach a Honeypot service in a cloud.
However, Xiao teaches a Honeypot service in a cloud (Xiao, col. 26, lines 33-37).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Borak in view of Xiao in order to enable a Honeypot service in a cloud. One would be motivated to do so in order to address advanced security threats (e.g., advanced cyber-attacks) that are employing stealthy, persistent methods to evade traditional security measures. To address this, new and improved techniques are needed to efficiently and effectively identify such new and evolving advanced threats (Xiao, col. 4, lines 50-60).
The combination of Borak and Xiao does not explicitly teach an intrusive traffic leading type or a non-intrusive traffic leading type; and the method wherein, in response to the probe service type being the non-intrusive traffic leading type.
However, Purushothaman teaches an intrusive traffic leading type or a non-intrusive traffic leading type (Purushothaman, col. 10, lines 46-59); and the method wherein, in response to the probe service type being the non-intrusive traffic leading type (Purushothaman, col. 10, lines 46-59).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Borak and Xiao in view of Purushothaman in order to enable an intrusive traffic leading type or a non-intrusive traffic leading type; and the method wherein, in response to the probe service type being the non-intrusive traffic leading type. One would be motivated to do so in order to define monitors associated with a component (i.e., application/software, middleware, hardware or the like) to be implemented with a computing environment infrastructure. The present invention relies on deploying, on demand or the like, one or more probes that scan through various layers of the computing environment infrastructure to identify possible monitoring requirements (Purushothaman, col. 5, lines 5-13).
The combination of Borak, Xiao, and Purushothaman does not explicitly teach creating an elastic network interface (ENI) between; configuring, based on the ENI, a network address translation (NAT) rule between; and the NAT rule being configured to instruct the ENI to forward; the method wherein the creating an ENI between; in a virtual private cloud (VPC) of; the VPC corresponding to; applying for the ENI in the VPC; and binding the ENI to.
However, Islam teaches creating an elastic network interface (ENI) between (Islam, col. 8, line 52 – col. 9, line 3); configuring, based on the ENI, a network address translation (NAT) rule (Islam, col. 14, lines 12-37) between (Islam, col. 8, line 52 – col. 9, line 3); and the NAT rule being configured to instruct the ENI to forward (Islam, col. 14, lines 12-37); the method wherein the creating an ENI between (Islam, col. 8, line 52 – col. 9, line 3); in a virtual private cloud (VPC) of (Islam, col. 6, lines 32-57); the VPC corresponding to (Islam, col. 6, lines 32-57); applying for the ENI (Islam, col. 8, line 52 – col. 9, line 3) in the VPC (Islam, col. 6, lines 32-57); and binding the ENI to (Islam, col. 8, line 52 – col. 9, line 3).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Borak, Xiao, and Purushothaman in view of Islam in order to enable creating an elastic network interface (ENI) between; configuring, based on the ENI, a network address translation (NAT) rule between; and the NAT rule being configured to instruct the ENI to forward; the method wherein the creating an ENI between; in a virtual private cloud (VPC) of; the VPC corresponding to; applying for the ENI in the VPC; and binding the ENI to. One would be motivated to do so in order to provide computer data security in network data storage (Islam, col. 1, lines 15-16).
The combination of Borak, Xiao, Purushothaman, and Islam does not explicitly teach the use of a proxy host or the use of a destination network address translation (DNAT) rule.
However, Demmer teaches creating a proxy host (Demmer, col. 16, lines 37-67); creating, based on the proxy host (Demmer, col. 16, lines 37-67), a destination network address translation (DNAT) rule, the DNAT rule being configured to (Demmer, col. 31, lines 30-38) forward traffic of the proxy host to (Demmer, col. 16, lines 37-67); and the proxy host (Demmer, col. 16, lines 37-67).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Borak, Xiao, Purushothaman, and Islam in view of Demmer in order to enable the use of a proxy host or the use of a destination network address translation (DNAT) rule. One would be motivated to do so in order to allow for future modifications and enhancements of a protocol to be deployed in some entities, while still allowing those entities to interoperate with hosts that are not enabled to handle the new modifications (Demmer, col. 2, lines 39-43).
Claim 17 does not teach or define any new limitations above claim 7 and therefore is rejected for similar reasons.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Alicia Baturay whose telephone number is (571) 272-3981. The examiner can normally be reached at 7am – 4pm, Mondays – Thursdays, Eastern Time.
Examiner interviews are available via telephone, in person, or video conferencing using a USPTO-supplied, web-based collaboration tool. To schedule an interview, Applicants are encouraged to use the USPTO Automated Interview Request (AIR) form at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kamal Divecha can be reached at (571) 272-5863. The fax number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in .docx format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (in USA or Canada) or 571-272-1000.
/Alicia Baturay/
Primary Examiner, Art Unit 2441
February 17, 2026