DETAILED ACTION
Claims 1-20 are pending.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Examiner Comment
The examiner recommends filing a written authorization for Internet communication in response to the present action. Doing so permits the USPTO to communicate with Applicant using Internet email to schedule interviews or discuss other aspects of the application. Without a written authorization in place, the USPTO will not respond via Internet email to any Internet correspondence which contains information subject to the confidentiality requirement as set forth in 35 U.S.C. 122. The preferred method of providing authorization is by filing form PTO/SB/439, available at: https://www.uspto.gov/patent/forms/forms. See MPEP § 502.03 for other methods of providing written authorization.
Priority
Applicant’s claim for the benefit of a prior-filed application under 35 U.S.C. 120 is acknowledged.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 10/02/24 has been acknowledged and considered by the examiner.
Claim Interpretation
Regarding claims 1, 7, 9, 13 and 15, the claims recite alternative language, i.e. using the terms “one or more of” and “or”, and as such, the Examiner interprets certain features to not be required due to the claim language listing the features in the alternative. The rejection below specifies the particular limitations.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 1, 2 and 7-20 are rejected under 35 U.S.C. 103 as being unpatentable over Li et al. (U.S. 2009/0328024 A1) in view of Gilenson et al. (U.S. 2016/0042285 A1) and further in view of Johnson et al. (U.S. 2018/0262388 A1).
Regarding claims 1, 13 and 19, Li discloses a method comprising:
generating a comparison set by identifying lines added or removed in a new configuration file relative to an expired configuration file, the new configuration file including updated configuration data and instructions for a compliant device (see Li; paragraphs 0043 and 0084; Li discloses new configuration files contain differences, i.e. “comparison set”, with the original configuration, i.e. “expired configuration file”, of the cluster software. These differences are modifications in the configuration files in the form of lines in the files that have been added, deleted, or modified. An upgrade target configuration includes the version differences between the new and original configurations).
While Li discloses a “comparison set”, as discussed above, Li does not explicitly disclose authorizing changes in the comparison set corresponding to a predetermined list of configuration variables to generate a changed comparison set; and providing, based on a condition associated with the changed comparison set, one of a new configuration file to the compliant device or a warning.
In analogous art, Gilenson discloses authorizing changes in the comparison set corresponding to a predetermined list of configuration variables to generate a changed comparison set (see Gilenson; paragraphs 0043, 0045, 0049, 0054, 0057 and Figure 2A; Gilenson discloses comparing and analyzing differences, i.e. “comparison set”, between configurations according to a set of analysis dimensions, i.e. “configuration variables”, that represent rules for evaluating the differences. The analysis dimensions is a list that includes dimensions such as calculating the number of times a specific identified difference was changed, i.e. “a changed comparison set”, e.g. authorized and unauthorized changes, in a given time frame based on time ranges defined, i.e. “predetermined”, by a user. Further, a user defined policy can be used to calculate values for the identified differences as in policy or out of policy. For example, since a user is able to define time ranges, e.g. a time C, the identified difference of (X1’, X2’, X3’) at time B would change to (X1”, X2”, X3”) at time C);
providing, based on a condition associated with the changed comparison set, one of a new configuration file to the compliant device or a warning (see Gilenson; paragraphs 0064, 0067 and 0074; Gilenson discloses risk scores are displayed, i.e. “provide a warning”, in order to take corrective measures to prevent failure or locate errors. A greater score is provided to unauthorized changes, i.e. “a condition associated with the changed comparison set”. Further, warnings are provided if configuration parameters are inconsistent) (The claim list features in the alternative. While the claim lists a number of optional features only one feature from the list is required and needs to be met by the prior art. The Examiner has chosen the “a warning” alternative feature).
One of ordinary skill in the art would have been motivated to combine Li and Gilenson because they both disclose features of determining differences between configuration files, and as such, are within the same environment.
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention, to incorporate the feature of risk analysis as taught by Gilenson into the system Li in order to provide the benefit of efficiency by allowing the system to know the total risk involved in updating a configuration.
While Gilenson discloses “authorizing changes in the comparison set corresponding to a predetermined list of configuration variables to generate a changed comparison set”, as discussed above, the combination of Li and Gilenson does not explicitly disclose wherein the predetermined list of configuration variables comprises two or more of a first configuration variable identifying one or more organizationally unique identifiers considered trustworthy, a second configuration variable identifying a firewall host identifier listing allowed ports of a security appliance, a third configuration variable listing valid channels, and a fourth configuration variable associated with a list of per port native virtual local area networks and management of a respective native virtual local area network on each respective listed port.
In analogous art, Johnson discloses wherein the predetermined list of configuration variables comprises two or more of a first configuration variable identifying one or more organizationally unique identifiers considered trustworthy (see Johnson; paragraphs 0495 and 0497; Johnson discloses adding one or more configuration options to change a configuration file. For example, customer data, i.e. “organizationally unique identifier”, authentication settings and permissions, i.e. “trustworthy”. A configuration option may be a combination of these. As such, a configuration option, i.e. “a first configuration variable”, may include the combination of authentication and permissions for customer data, i.e. a “unique identifier considered trustworthy”), a second configuration variable identifying a firewall host identifier listing allowed ports of a security appliance (see Johnson; paragraphs 0249, 0495 and 0497; Johnson discloses allowing firewall rules for a device. And adding one or more configuration options to change a configuration file. For example, port settings, application ports, application information, device data, security settings and port information. A configuration option may be a combination of these. As such, a configuration option, i.e. “a second configuration variable”, may include the combination of information for the firewall application ports, i.e. “firewall host identifier listing allowed ports”, of a device, i.e. “security appliance”, to be allowed corresponding to security settings of the device), a third configuration variable listing valid channels, and a fourth configuration variable associated with a list of per port native virtual local area networks and management of a respective native virtual local area network on each respective listed port (see) (The claim list features in the alternative. While the claim lists a number of optional features only one feature from the list is required and needs to be met by the prior art. The Examiner has chosen the “a first configuration variable identifying one or more organizationally unique identifiers considered trustworthy” and “a second configuration variable identifying a firewall host identifier listing allowed ports of a security appliance” alternative features).
One of ordinary skill in the art would have been motivated to combine Li, Gilenson and Johnson because they all disclose features of determining differences between configuration files, and as such, are within the same environment.
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention, to incorporate the feature of updating configuration files as taught by Johnson into the combined system of Li and Gilenson in order to provide the benefit of efficiency by allowing the system to determine differences using analysis dimensions as a function of location/station (see Gilenson; paragraphs 0044 and 0051) that can specify configuration options that can be added to the configuration file (see Johnson; paragraph 0495).
Li discloses the additional limitations of claim 13, a non-transitory computer readable medium storing instructions, which when executed by at least one processor (see Li; paragraphs 0012 and 0026; Li discloses a computer readable medium and processors).
Li discloses the additional limitations of claim 19, a processor (see Li; paragraphs 0012 and 0026; Li discloses processors); and a non-transitory memory including computer readable instructions that when executed by the processor (see Li; paragraphs 0012 and 0026; Li discloses a computer readable medium and processors).
Regarding claim 2, Li, Gilenson and Johnson disclose all the limitations of claim 1, as discussed above, and further the combination of Li, Gilenson and Johnson clearly discloses wherein the expired configuration file is a copy of a last known configuration file sent to the compliant device (see Li; paragraph 0043; Li discloses for new release versions of the cluster software, the new configuration comprises new configuration files. The new configuration files contain differences with the original configuration of the cluster software).
Regarding claim 7, Li, Gilenson and Johnson disclose all the limitations of claim 1, as discussed above, and further the combination of Li, Gilenson and Johnson clearly discloses determining whether the new configuration file matches the expired configuration file within a match threshold (see Gilenson; paragraph 0025; Gilenson discloses analyzing the determined differences between configurations according to a set of analysis dimensions and assigning a score representing the level of conformity, i.e. “match threshold”, of the differences to each of the analysis dimensions); and
determining a match result as a function of whether the comparison is an empty set or a safe set based on association with a green-light list (see Gilenson; paragraphs 0025, 0044, and 0063-0065; Gilenson discloses determining a score, i.e. “match result”, representing the level of conformity based on the importance of the analysis dimensions. A score and weight list is generated and a risk is determined based on the relevancy, i.e. weight, of the parameter changes. As such, the “green-light list” would be that of the parameters that are considered least relevant, i.e. low risk) (The claim list features in the alternative. While the claim lists a number of optional features only one feature from the list is required and needs to be met by the prior art. The Examiner has chosen the “safe set” alternative feature).
One of ordinary skill in the art would have been motivated to combine Li, Gilenson and Johnson because they all disclose features of determining differences between configuration files, and as such, are within the same environment.
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention, to incorporate the feature of risk analysis as taught by Gilenson into the system Li and Johnson in order to provide the benefit of efficiency by allowing the system to know the total risk involved in updating a configuration.
Regarding claims 8 and 16, Li, Gilenson and Johnson disclose all the limitations of claims 7 and 15, as discussed above, and further the combination of Li, Gilenson and Johnson clearly discloses wherein the green-light list includes a list of configuration variables that can be added, removed or changed from a configuration file with little or no risk of causing service disruptions or connectivity failures at an out-of-date compliant device that ultimately receives the configuration file with changes (see Gilenson; paragraphs 0050, 0051, 0063-0065; Gilenson discloses a specific identified difference impact rank is assigned based on impact area and severity of change, i.e. “little or no risk of causing service disruptions”. The identified differences are either an added, deleted or modified value. Further, a score and weight list is generated and a risk is determined based on the relevancy, i.e. weight, of the parameter changes. As such, the green-light list would be that of the parameters that are considered least relevant, i.e. low risk).
The prior art used in the rejection of the current claim is combined using the same motivation as was applied in claims 7 and 15.
Regarding claim 9, Li, Gilenson and Johnson disclose all the limitations of claim 7, as discussed above, and further the combination of Li, Gilenson and Johnson clearly discloses wherein determining the match result as the function of whether the comparison set is the empty set or the safe set based on the green-light list includes permitting changes in lines that are in the new configuration file and the comparison set when those lines are associated with the green-light list (see Gilenson; paragraphs 0025, 0054 and 0063-0065; Gilenson discloses determining risk analysis for difference in configuration parameters. Authorized changes, i.e. “permitted changes”, are determined in the identified differences. A score and weight list is generated and a risk is determined based on the relevancy, i.e. weight, of the parameter changes. As such, the green-light list would be that of the parameters that are considered least relevant, i.e. low risk) (The claim list features in the alternative. While the claim lists a number of optional features only one feature from the list is required and needs to be met by the prior art. The Examiner has chosen the “safe set” alternative feature).
The prior art used in the rejection of the current claim is combined using the same motivation as was applied in claim 7.
Regarding claims 10 and 17, Li, Gilenson and Johnson disclose all the limitations of claims 9 and 14, as discussed above, and further the combination of Li, Gilenson and Johnson clearly discloses when the comparison set is determined to include lines not associated with the green-light list, another match result is determined, the another match based on whether one or more remaining lines in the comparison set represent a tolerable mismatch of a corresponding one or more configuration variables associated with a yellow-light list (see Gilenson; paragraphs 0025, 0050 and 0063-0065; Gilenson discloses comparing configuration parameters on an application by determining differences in the configuration parameters according to a set of analysis dimensions that represent rules for evaluating the differences. A specific identified difference impact rank is assigned based on impact area and severity of change. Determining a score representing the level of conformity based on the importance of the analysis dimensions. A score and weight list is generated and a risk is determined based on the relevancy, i.e. weight, of the parameter changes. As such, the yellow-light list would be that of the parameters that are considered more relevant, i.e. higher risk).
The prior art used in the rejection of the current claim is combined using the same motivation as was applied in claims 7 and 14.
Regarding claims 11 and 18, Li, Gilenson and Johnson disclose all the limitations of claims 10 and 17, as discussed above, and further the combination of Li, Gilenson and Johnson clearly discloses wherein the yellow-light list includes a list of configuration variables that cannot optionally be added, removed or changed from a configuration file with little or no risk of causing service disruptions or connectivity failures at an out-of-date compliant device that receives the configuration new file (see Gilenson; paragraphs 0025, 0037, 0039 and 0050; Gilenson discloses that the configuration parameters include firmware details such as BIOS version and size, application drivers, and registry content which arbitrarily changed or removed with risk. Such as impact on the area or severity of change).
The prior art used in the rejection of the current claim is combined using the same motivation as was applied in claims 7 and 14.
Regarding claim 12, Li, Gilenson and Johnson disclose all the limitations of claim 10, as discussed above, and further the combination of Li, Gilenson and Johnson clearly discloses wherein a configuration variable on the yellow-light list is bound by respective threshold range that limits how much a configuration variable value can change with little or no risk of causing service disruptions or connectivity failures at an out-of- date compliant device that receives the new configuration file with changes (see Gilenson; paragraphs 0025, 0037, 0039, 0044 and 0063-0065; Gilenson discloses determining a score representing the level of conformity based on the importance of the analysis dimensions. The determination is based on a function of time, i.e. a threshold range. Further, a score and weight list is generated and a risk is determined based on the relevancy, i.e. weight, of the parameter changes. As such, the yellow-light list would be that of the parameters that are considered most relevant. In other words, higher risk).
The prior art used in the rejection of the current claim is combined using the same motivation as was applied in claim 7.
Regarding claim 14, Li, Gilenson and Johnson disclose all the limitations of claim 10, as discussed above, and further the combination of Li, Gilenson and Johnson clearly discloses assess whether the new configuration file matches the expired configuration file in accordance within a match threshold (see Gilenson; paragraph 0025; Gilenson discloses analyzing the determined differences between configurations according to a set of analysis dimensions and assigning a score representing the level of conformity, i.e. “match threshold”, of the differences to each of the analysis dimensions).
The prior art used in the rejection of the current claim is combined using the same motivation as was applied in claim 13.
Regarding claim 15, Li, Gilenson and Johnson disclose all the limitations of claim 14, as discussed above, and further the combination of Li, Gilenson and Johnson clearly discloses generate a comparison set based on the comparison (see Gilenson; paragraph 0025; Gilenson discloses analyzing the determined differences, i.e. “comparison set”, between configurations according to a set of analysis dimensions and assigning a score representing the level of conformity of the differences to each of the analysis dimensions); and
determining a match result as a function of whether the comparison is an empty set or a safe set based on association with a green-light list (see Gilenson; paragraphs 0025, 0044, and 0063-0065; Gilenson discloses determining a score, i.e. “match result”, representing the level of conformity based on the importance of the analysis dimensions. A score and weight list is generated and a risk is determined based on the relevancy, i.e. weight, of the parameter changes. As such, the “green-light list” would be that of the parameters that are considered least relevant, i.e. low risk) (The claim list features in the alternative. While the claim lists a number of optional features only one feature from the list is required and needs to be met by the prior art. The Examiner has chosen the “safe set” alternative feature).
One of ordinary skill in the art would have been motivated to combine Li, Gilenson and Johnson because they all disclose features of determining differences between configuration files, and as such, are within the same environment.
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention, to incorporate the feature of risk analysis as taught by Gilenson into the combined system Li and Johnson in order to provide the benefit of efficiency by allowing the system to know the total risk involved in updating a configuration.
Regarding claim 20, Li, Gilenson and Johnson disclose all the limitations of claim 19, as discussed above, and further the combination of Li, Gilenson and Johnson clearly discloses wherein the warning and the expired configuration file is provided to the compliant device when the new configuration file does not match the expired configuration file within a match threshold and a time out expires after providing the warning to the compliant device (see Gilenson; paragraphs 0064, 0067 and 0074; Gilenson discloses risk scores are displayed, i.e. “provide a warning”, in order to take corrective measures to prevent failure or locate errors. A greater score is provided to unauthorized changes. Further, warnings are provided if configuration parameters are inconsistent).
The prior art used in the rejection of the current claim is combined using the same motivation as was applied in claim 19.
Claims 3 and 4 are rejected under 35 U.S.C. 103 as being unpatentable over Li et al. (U.S. 2009/0328024 A1) in view of Gilenson et al. (U.S. 2016/0042285 A1) and Johnson et al. (U.S. 2018/0262388 A1), as applied to claim 1 above, and further in view of Nakagawa et al. (U.S. 5,835,911).
Regarding claim 3, Li, Gilenson and Johnson disclose all the limitations of claim 1, as discussed above. The combination of Li, Gilenson and Johnson does not explicitly disclose receiving a fetch request from the compliant device, the fetch request including at least a portion of a configuration pull process initiated by the compliant device.
In analogous art, Nakagawa discloses receiving a fetch request from the compliant device, the fetch request including at least a portion of a configuration pull process initiated by the compliant device (see Nakagawa; column 5 lines 33-38, column 33 lines 22-29, column 34 lines 59-67 and column 39 lines 58-613; Nakagawa discloses once the user activates the software the request is sent to the vendor server for an answer. That is, initiating a request for the vendor to pull the updated software).
One of ordinary skill in the art would have been motivated to combine Li, Gilenson, Johnson and Nakagawa because they all disclose features of updating configuration, and as such, are within the same environment.
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention, to incorporate the feature of requesting updated software as taught by Nakagawa into the combined system Li, Gilenson and Johnson in order to provide the benefit of efficiency by allowing the system to automatically request updated software configuration when new release versions are available (see Li; paragraph 0043).
Regarding claim 4, Li, Gilenson and Johnson disclose all the limitations of claim 1, as discussed above. The combination of Li, Gilenson and Johnson does not explicitly disclose wherein the updated configuration data and instructions include a combination of configuration data, instructions, software and firmware updates, and rules provided by a hosted network management system.
In analogous art, Nakagawa discloses wherein the updated configuration data and instructions include a combination of configuration data, instructions, software and firmware updates, and rules provided by a hosted network management system (see Nakagawa; column 33 lines 35-41 and 47-58; Nakagawa discloses that the vendor server sends instruction/rules to update, i.e. delete/add, the software and rules to update).
One of ordinary skill in the art would have been motivated to combine Li, Gilenson, Johnson and Nakagawa because they all disclose features of updating configuration, and as such, are within the same environment.
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention, to incorporate the feature of software configuration update as taught by Nakagawa into the combined system Li, Gilenson and Johnson in order to provide the benefit of determining which module is required, unnecessary or an old version in the software configuration (see Nakagawa; column 33 lines 35-38).
Claims 5 and 6 are rejected under 35 U.S.C. 103 as being unpatentable over Li et al. (U.S. 2009/0328024 A1) in view of Gilenson et al. (U.S. 2016/0042285 A1) and Johnson et al. (U.S. 2018/0262388 A1), as applied to claim 1 above, and further in view of Chen et al. (U.S. 2015/0339132 A1).
Regarding claim 5, Li, Gilenson and Johnson disclose all the limitations of claim 1, as discussed above. The combination of Li, Gilenson and Johnson does not explicitly disclose evaluating an extent to which the expired configuration file associated with the compliant device satisfies a recency threshold in order to produce an evaluation result; and selectively serving the expired configuration file based on the evaluation result.
In analogous art, Chen discloses evaluating an extent to which the expired configuration file associated with the compliant device satisfies a recency threshold in order to produce an evaluation result (see Chen; paragraph 0068; Chen discloses determining if a configuration setting is old by exceeding a predetermined threshold, such as a timestamp of the last configuration setting); and
selectively serving the expired configuration file based on the evaluation result (see Chen; paragraphs 0068 and 0069; Chen discloses the system provides the configuration based on the determination of the age of the configuration setting).
One of ordinary skill in the art would have been motivated to combine Li, Gilenson, Johnson and Chen because they all disclose features of configuring a client device, and as such, are within the same environment.
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention, to incorporate the feature of determining the age of a configuration setting as taught by Chen into the combined system of Li, Gilenson and Johnson in order to provide the benefit of efficiency by not allowing a configuration to get too far out of date, i.e. old, by monitoring the timestamps of the configuration settings.
Regarding claim 6, the combination of Li, Gilenson, Johnson and Chen discloses all the limitations of claim 5, as discussed above, and further the combination of Li, Gilenson, Johnson and Chen clearly discloses wherein the recency threshold serves as a proxy that characterizes whether the updated configuration data satisfies local rules of an associated private network (see Chen; paragraphs 0029 and 0068; Chen discloses configuration rules within a network, such as, once the age of a configuration setting exceeds a predetermined threshold, the system determines the configuration setting as old. Therefore, the predetermined threshold helps in implementing the rule, i.e. updating all configuration settings that are considered old).
The prior art used in the rejection of the current claim is combined using the same motivation as was applied in claim 5.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Polski et al. (U.S. 2013/0179791 A1) discloses merging old (removed) and new (added) differenced results into a configuration array.
Ohsuga et al. (U.S. 2015/0215165 A1) discloses identifying whether the configuration information is old or new in a network device.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ADAM A COONEY whose telephone number is (571)270-5653. The examiner can normally be reached M-F 7:30am-5:00pm (every other Fri off).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Umar Cheema can be reached at 571-270-3037. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/A.A.C/Examiner, Art Unit 2458 03/18/26
/UMAR CHEEMA/Supervisory Patent Examiner, Art Unit 2458