DETAILED ACTION
This action is in response to the claims filed 9/26/2024. Claims 1-20 are pending. Independent claims 1, 11 and 16, and corresponding dependent claims are directed towards an apparatus, method and computer program product for decentralized techniques for verification of data in transport layer security and other contexts.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-6, 9-12, 19-20, 22-23 and 25 of U.S. Patent No. 11,997,107 B2. Although the claims at issue are not identical, they are not patentably distinct from each other because of subject matter indicated below:
Application 18/897934
US Patent No. 11,997,107 B2
Claim 1
Claims 1 + 9
Claims 2-6
Claims 2-6
Claim 7-9
Claim 10-12
Claim 10
Claim 19
Claim 11
Claims 20 + 22
Claim 12
Claim 21
Claim 13
Claim 2
Claim 14
Claim 6
Claim 15
Claim 10
Claim 16
Claims 23 + 25
Claim 17
Claim 24
Claim 18
Claim 2
Claim 19
Claim 6
Claim 20
Claim 10
Claim Objections
Claims 1, 11 and 16 are objected to because of the following informalities, shown with suggested amendments: Claim 1 l. 6 “[[the]]a secure session with the server device” as this is the first recitation; Claim 11 ll. 3-4 “[[the]]a secure session with the server device” as this is the first recitation; Claim 16 l. 6 “[[the]]a secure session with the server device” as this is the first recitation. Appropriate correction is required.
Claim Rejections - 35 USC § 101
35 U.S.C. § 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-10 are rejected under 35 U.S.C. § 101 because the claimed invention is directed to non-statutory subject matter.
Regarding claim 1, the claimed invention is drawn to an “apparatus” comprising a “verifier device comprising a processor”. Which can be broadly interpreted as various types of software (e.g., virtualized hardware, data, programming code, etc.), note the “memory” is not a clearly claimed element of the “verifier device” and thus cannot be considered as hardware of the verifier device. Thus, it is not clear whether the claimed elements of the “apparatus” are tangibly-embodied structural features, or software, per se. As such the invention does not fall within at least one of the four categories of patent eligible subject matter recited in 35 U.S.C § 101 (process, machine, manufacture or composition of matter). Examiner recommends clearly including the “memory” as a claimed element of the “verifier device” as “memory” cannot be broadly interpreted as software.
Claims 2-10 further fail to recite any positive structural limitations to overcome the 35 U.S.C. §101 issues of claim 1 discussed above, and are also rejected.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-2, 5-6, 10-14 and 16-19 are rejected under 35 U.S.C. 103 as being unpatentable over Wang et al. (US 2012/0272058 A1), published Oct. 25, 2012, in view of Bhargavan et al. “A Formal Treatment of Accountable Proxying over TLS”, published 2018.
As to claim 1, Wang substantially discloses an apparatus (Wang Fig. 1 item 120; [0014] proxy) comprising: a verifier device comprising a processor coupled to a memory (Wang Fig. 2 item 220 processor and item 240 memory; [0016]); the verifier device being configured to communicate over one or more networks (Wang Fig. 2 interfaces 210 to/from network;) with a client device and a server device (Wang Fig. 5 proxy 120 communicating with client 110 and server 130); wherein the verifier device is further configured: to receive from the client device a ciphertext commitment relating to the secure session with the server device (Wang Fig. 5 proxy receiving client certificate from client as part of “client security information” for client-server security session; [0034]-[0035] for use in creating dynamic proxy-server certificate); and wherein the verifier device is further configured to operate as a proxy for the client device in conjunction with interactions between the client device and the server device (Wang Fig. 5 client-server security session with transparent proxy; [0025] proxy/firewall processing communications between client and server) such that the verifier device automatically obtains ciphertexts exchanged between the client device and the server device as part of the secure session via the verifier device operating as the proxy (Wang Fig. 6 item 655 inspect encrypted traffic at proxy device; [0042]). Wang fails to explicitly disclose to verify correctness of at least one characterization of data obtained by the client device from the server device as part of the secure session, based at least in part on the commitment. Bhargavan describes a method for accountability for proxies/middleboxes over TLS. With this in mind, Bhargavan discloses verifying correctness of at least one characterization of data obtained by the client device from the server device as part of the secure session (Bhargavan Fig. 2 showing Krs and Kws delivered to client from server, calculation of Kr and Kw, and delivery of Kr and Kw to middlebox, use of Kr and Kw to access context of application-data stream implies verified correctness; §IIB¶1-4 middleboxes are given access to portions of application-data streams based on read and write keys delivered to the middlebox from the client and server; §I¶1 middlebox functioning as malware scanner, filter, firewall), based at least in part on the commitment (Bhargavan Fig. 2 delivery of Kr and Kw to middlebox). It would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains to combine the proxy accountability of Bhargavan with the encrypted packet inspection of Wang, such that the proxy is authorized by the client and server, as it would advantageously reduce the lack of accountability for proxies/middleboxes (Bhargavan Abstract ¶1).
As to claim 2, Wang and Bhargavan disclose the invention as claimed as described in claim 1, including wherein the verifier device is further configured to initiate one or more automated actions responsive to the verification of the correctness of the at least one characterization of the data obtained by the client device from the server device (Wang Fig. 6 item 655 inspect encrypted traffic at proxy device; [0003] inspect packets and permit or deny traversal).
As to claim 5, Wang and Bhargavan disclose the invention as claimed as described in claim 1, including wherein the server device comprises a transport layer security (TLS) enabled server device and the secure session comprises a TLS session (Wang [0044] TLS security session).
As to claim 6, Wang and Bhargavan disclose the invention as claimed as described in claim 1, including wherein the commitment relating to the secure session comprises a commitment to query response data obtained by the client device from the server device as part of the secure session (Wang Fig. 1 data obtained by client device from server through established session must pass through proxy/firewall).
As to claim 10, Wang and Bhargavan disclose the invention as claimed as described in claim 1, including wherein verifying correctness of at least one characterization of data obtained by the client device from the server device as part of the secure session comprises: obtaining data derived from at least a portion of at least one ciphertext of the secure session (Bhargavan §IIB¶1-4 middleboxes are given access to portions of application-data streams based on read and write keys delivered to the middlebox from the client and server; §I¶1 middlebox functioning as malware scanner, filter, firewall); and verifying correctness of at least one characterization of that data by the client device (Bhargavan §IIB¶1-4 middleboxes are given access to portions of application-data streams based on read and write keys delivered to the middlebox from the client and server; §I¶1 middlebox functioning as malware scanner, filter, firewall).
As to claim 11, Wang substantially discloses a method (Wang [Claim 1] method) performed by a verifier device configured to communicate over one or more networks with a client device and a server device (Wang Fig. 5 proxy 120 communicating with client 110 and server 130), the method comprising: receiving from the client device a cyphertext commitment relating to the secure session with the server device (Wang Fig. 5 proxy receiving client certificate from client as part of “client security information” for client-server security session; [0034]-[0035] for use in creating dynamic proxy-server certificate); responsive to receipt of the commitment (Wang Fig. 6 item 635 proxy receives client security information from client; [0042]), releasing to the client device additional information relating to the secure session that was not previously accessible to the client device (Wang Fig. 6 item 640 proxy generates dynamic certificate for client for proxy-sever session enabling client-server security session with server (i.e. data from server is provided over security session; [0042]); and wherein the verifier device performing the method comprises a processor coupled to a memory and wherein the verifier device is further configured to operate as a proxy for the client device in conjunction with interactions between the client device and the server device (Wang Fig. 5 client-server security session with transparent proxy; [0025] proxy/firewall processing communications between client and server) such that the verifier device automatically obtains ciphertexts exchanged between the client device and the server device as part of the secure session via the verifier device operating as the proxy (Wang Fig. 6 item 655 inspect encrypted traffic at proxy device; [0042]). Wang fails to disclose verifying correctness of at least one characterization of data obtained by the client device from the server device as part of the secure session, based at least in part on the commitment. Bhargavan discloses verifying correctness of at least one characterization of data obtained by the client device from the server device as part of the secure session (Bhargavan Fig. 2 showing Krs and Kws delivered to client from server, calculation of Kr and Kw, and delivery of Kr and Kw to middlebox, use of Kr and Kw to access context of application-data stream implies verified correctness); §IIB¶1-4 middleboxes are given access to portions of application-data streams based on read and write keys delivered to the middlebox from the client and server; §I¶1 middlebox functioning as malware scanner, filter, firewall), based at least in part on the commitment (Bhargavan Fig. 2 delivery of Kr and Kw to middlebox). It would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains to combine the proxy accountability of Bhargavan with the encrypted packet inspection of Wang, such that the proxy is authorized by the client and server, as it would advantageously reduce the lack of accountability for proxies/middleboxes (Bhargavan Abstract ¶1).
As to claim 12, Wang and Bhargavan disclose the invention as claimed as described in claim 11, including wherein verifying correctness of at least one characterization of data obtained by the client device from the server device as part of the secure session comprises: obtaining data derived from at least a portion of at least one ciphertext of the secure session (Bhargavan §IIB¶1-4 middleboxes are given access to portions of application-data streams based on read and write keys delivered to the middlebox from the client and server; §I¶1 middlebox functioning as malware scanner, filter, firewall); and verifying correctness of at least one characterization of that data by the client device (Bhargavan §IIB¶1-4 middleboxes are given access to portions of application-data streams based on read and write keys delivered to the middlebox from the client and server; §I¶1 middlebox functioning as malware scanner, filter, firewall).
As to claim 13, Wang and Bhargavan disclose the invention as claimed as described in claim 11, including further comprising initiating one or more automated actions responsive to the verification of the correctness of the at least one characterization of the data obtained by the client device from the server device (Wang Fig. 6 item 655 inspect encrypted traffic at proxy device; [0003] inspect packets and permit or deny traversal).
As to claim 14, Wang and Bhargavan disclose the invention as claimed as described in claim 11, including wherein the commitment relating to the secure session comprises a commitment to query response data obtained by the client device from the server device as part of the secure session (Wang Fig. 1 data obtained by client device from server through established session must pass through proxy/firewall).
As to claim 16, Wang substantially discloses a computer program product comprising a non-transitory processor-readable storage medium having stored therein program code of one or more software programs (Wang [0045] computer-readable medium with program instructions for execution), wherein the program code when executed by a verifier device configured to communicate over one or more networks with a client device and a server device (Wang Fig. 5 proxy 120 communicating with client 110 and server 130), the verifier device comprising a processor coupled to a memory (Wang Fig. 2 item 220 processor and item 240 memory; [0016]), causes the verifier device: to receive from the client device a commitment relating to the secure session with the server device (Wang Fig. 5 proxy receiving client certificate from client as part of “client security information” for client-server security session; [0034]-[0035] for use in creating dynamic proxy-server certificate); responsive to receipt of the commitment (Wang Fig. 6 item 635 proxy receives client security information from client; [0042]), to release to the client device additional information relating to the secure session that was not previously accessible to the client device (Wang Fig. 6 item 640 proxy generates dynamic certificate for client for proxy-sever session enabling client-server security session with server (i.e. data from server is provided over security session; [0042]); and wherein the verifier device is further configured to operate as a proxy for the client device in conjunction with interactions between the client device and the server device (Wang Fig. 5 client-server security session with transparent proxy; [0025] proxy/firewall processing communications between client and server) such that the verifier device automatically obtains ciphertexts exchanged between the client device and the server device as part of the secure session via the verifier device operating as the proxy (Wang Fig. 6 item 655 inspect encrypted traffic at proxy device; [0042]). Wang fails to disclose verifying correctness of at least one characterization of data obtained by the client device from the server device as part of the secure session, based at least in part on the commitment. Bhargavan discloses verifying correctness of at least one characterization of data obtained by the client device from the server device as part of the secure session (Bhargavan Fig. 2 showing Krs and Kws delivered to client from server, calculation of Kr and Kw, and delivery of Kr and Kw to middlebox, use of Kr and Kw to access context of application-data stream implies verified correctness); §IIB¶1-4 middleboxes are given access to portions of application-data streams based on read and write keys delivered to the middlebox from the client and server; §I¶1 middlebox functioning as malware scanner, filter, firewall), based at least in part on the commitment (Bhargavan Fig. 2 delivery of Kr and Kw to middlebox). It would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains to combine the proxy accountability of Bhargavan with the encrypted packet inspection of Wang, such that the proxy is authorized by the client and server, as it would advantageously reduce the lack of accountability for proxies/middleboxes (Bhargavan Abstract ¶1).
As to claim 17, Wang and Bhargavan disclose the invention as claimed as described in claim 16, including wherein verifying correctness of at least one characterization of data obtained by the client device from the server device as part of the secure session comprises: obtaining data derived from at least a portion of at least one ciphertext of the secure session (Bhargavan §IIB¶1-4 middleboxes are given access to portions of application-data streams based on read and write keys delivered to the middlebox from the client and server; §I¶1 middlebox functioning as malware scanner, filter, firewall); and verifying correctness of at least one characterization of that data by the client device (Bhargavan §IIB¶1-4 middleboxes are given access to portions of application-data streams based on read and write keys delivered to the middlebox from the client and server; §I¶1 middlebox functioning as malware scanner, filter, firewall).
As to claim 18, Wang and Bhargavan disclose the invention as claimed as described in claim 16, including wherein the program code when executed by the verifier device further causes the verifier device to initiate one or more automated actions responsive to the verification of the correctness of the at least one characterization of the data obtained by the client device from the server device (Wang Fig. 6 item 655 inspect encrypted traffic at proxy device; [0003] inspect packets and permit or deny traversal).
As to claim 19, Wang and Bhargavan disclose the invention as claimed as described in claim 16, including wherein the commitment relating to the secure session comprises a commitment to query response data obtained by the client device from the server device as part of the secure session (Wang Fig. 1 data obtained by client device from server through established session must pass through proxy/firewall).
Claims 3-4 are rejected under 35 U.S.C. 103 as being unpatentable over Wang et al. (US 2012/0272058 A1), published Oct. 25, 2012, in view of Bhargavan et al. “A Formal Treatment of Accountable Proxying over TLS”, published 2018, in view of Wardell et al. (US 2017/0331791 A1), published Nov. 16, 2017.
As to claim 3, Wang and Bhargavan substantially disclose the invention as claimed as described in claim 1, including wherein the verifier device comprises a particular node (Fig. 1 item 120 proxy device) of a set of nodes (Wang [0014] network of nodes). Wang and Bhargavan fail to explicitly disclose where the node is an oracle node in a set of oracle nodes of an oracle system. Wardell describes a policy enforcement point for a multi-tenant identity and data security management cloud service. With this in mind, Wardell discloses a node is an oracle node in a set of oracle nodes of an oracle system (Wardell [0207]-[0209] five data nodes oracle coherence data grid). It would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains to combine the oracle coherence data grid with the network environment of Wang and Bhargavan, such that the nodes are oracle nodes in an oracle network, as it would advantageously provide “low response time, high throughput, predictable scalability, continuous availability, and information reliability” (Wardell [0207]).
As to claim 4, Wang and Bhargavan substantially disclose the invention as claimed as described in claim 1, including a verifier device (See above claim 1 rejection) comprises a distributed verifier device in which functionality of the verifier device is distributed across multiple distinct processing devices (Wang [0014] network of nodes). Wang and Bhargavan fail to explicitly disclose wherein the verifier device comprises a distributed verifier device in which functionality of the verifier device is distributed across multiple distinct processing devices. Wardell discloses a distributed device in which functionality of the device is distributed across multiple distinct processing devices (Wardell [0207]-[0209] five data nodes in an oracle coherence data grid). It would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains to combine the oracle coherence data grid with the network environment of Wang and Bhargavan, such that the nodes are in a distributed node network, as it would advantageously provide “low response time, high throughput, predictable scalability, continuous availability, and information reliability” (Wardell [0207]).
Allowable Subject Matter
Claims 15 and 20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Claims 7-9 would be allowable if rewritten or amended to overcome the rejection(s) under 35 U.S.C. 101, set forth in this Office action and to include all of the limitations of the base claim and any intervening claims.
The following is a statement of reasons for the indication of allowable subject matter:
Regarding claims 7, 15 and 20, and their dependent claims, the prior art of record fails to disclose or fairly suggest, in combination, an apparatus, method or computer program product in which a verifier device acting as a proxy between a client and a server receives a ciphertext commitment from the client relating to a secure session with the server, verifies at least one characterization of data obtained by the client from the server as part of the session based on the commitment, the verifier automatically obtaining ciphertexts between the client and server, as specified in claims 1, 11 and 16, respectively, further including receiving from the client a statement characterizing the data obtained by the client from the server as part of the secure session, in the specific manner and combination as recited in claims 7, 15 and 20.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Felsher et al. (US 8,316,237 B1) is related to secure three-party communications.
Benson (US 2016/0261630 A1) is related to a server commitment in a client-server session.
Juels (US 9,185,100 B1) is related to a cryptographic commitment including a TLS secure channel setup.
Wang et al. (US 2008/0126794 A1) is related to a transparent proxy of encrypted sessions.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ERIC W SHEPPERD whose telephone number is (571)270-5654. The examiner can normally be reached on Monday - Thursday, Alt. Friday, 7:30AM - 5:00PM, EST.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rupal Dharia can be reached on (571)272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Eric W Shepperd/Primary Examiner, Art Unit 2492