DETAILED ACTION
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
This Office Action is in response to the communication filed on 10/22/2024.
Claims 1-7 are pending for consideration.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Specification
The lengthy specification has not been checked to the extent necessary to determine the presence of all possible minor errors. Applicant’s cooperation is requested in correcting any errors of which applicant may become aware in the specification.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 6, and 7 are rejected under 35 U.S.C. 103 as being unpatentable over Weinstein et al. (U.S. 11,872,012)(hereinafter Weinstein) in view of Chen et al. (U.S. 7,996,894)(hereinafter Chen).
Regarding claims 1 and 7, Weinstein teaches a first information processing device configured to process physiological information; a second information processing device (Weinstein: see Col 41 lines 52-61, "A physiological patient monitoring system for monitoring and providing information about patients to a remote location in a continuous manner, comprising: a plurality of physiological monitoring devices that are each configured for removable attachment to a corresponding plurality of patients, wherein each of the plurality of physiological monitoring devices is configured to continuously acquire ECG data from the corresponding plurality of patients").
However, Weinstein does not teach a relay device configured to control network communication between the first information processing device and the second information processing device, wherein the relay device includes a controller configured to set network information of the first information processing device as network information of the relay device.
Nevertheless, Chen-which is in the same field of endeavor- teaches a relay device configured to control network communication between the first information processing device and the second information processing device (Chen: see Figure 1 item 102; Col 4 lines 35-50, "The integrated device 102 may provide security functions such as stateful packet inspection firewall (e.g., rule checking for inbound and/or outbound access), intrusion prevention (e.g., to protect against malicious traffic), content filtering (e.g., to enforce protection and productivity policies and to block inappropriate content), network antivirus enforcement (e.g., auto-enforcement of anti-virus policy for always-on virus protection), network access translation, virtual private networking, etc.... Furthermore, client devices may communicate wirelessly with each other (e.g., the client device 106 and the client device 108 may transfer files and/or have an instant messaging chat with each other)"), wherein the relay device includes a controller configured to set network information of the first information processing device as network information of the relay device (Chen: see Col 6 lines 39-43, "When the client devices of FIG. 2 communicate with each other, in order to process data through the security device 202, MAC address modification and management is performed by the access point devices and the security device 202 (as will be described in detail in FIGS. 3-10)"; Col 8 12-20, "The MAC assertion module 300 will modify the MAC address of the packet (e.g., associated with the client device 208) to that of the MAC address of the LAN interface 205 of the security device 202. By modifying the packet's MAC address of the client device 208 to the MAC address of the LAN interface 205 of the security device 202, the packet will be delivered to the security device 202. That way, security functions can be applied by the security device 202"; Col 8 lines 65-67 - Col 9 lines 1-3, "It will be understood that the MAC address of the packet may need to modified again with the MAC address for the client device 208 so that the packet can return to the desired destination (e.g., the MAC address may be modified by the processing logic circuit 404 of the security device 202)").
Weinstein and Chen are analogous art because they are from the same field of endeavor. Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art to utilize Chen’s integrated security device MAC address substitution with Weinstein’s physiological monitoring system. The suggestion/motivation for doing so would be to enforce firewalls/policy/compliance rules, and reduce the attack surface of the source device by hiding the network information when communicating with other network devices.
Regarding claim 6, Weinstein and Chen teach the second information processing device is configured to process physiological information (Weinstein: see Col 4 lines 40-43).
Claims 2-3 are rejected under 35 U.S.C. 103 as being unpatentable over Weinstein and Chen, as applied to claims 1, 6, and 7 above, and in further view of Mestery et al. (U.S. 11,765,146)(hereinafter Mestery).
Regarding claim 2, Weinstein and Chen teach after the controller sets the network information of the first information processing device as the network information of the relay device (Chen: see Col 6 lines 39-43; Col 8 12-20; Col 8 lines 65-67 - Col 9 lines 1-3).
However, Weinstein and Chen do not teach the relay device encrypts a packet transmitted from the first information processing device and transmits the encrypted packet to the second information processing device.
Nevertheless, Mestery-which is in the same field of endeavor- teaches the relay device encrypts a packet transmitted from the first information processing device and transmits the encrypted packet to the second information processing device (Mestery: see Col 16 claim 1 lines 40-47, "determining that a multiple of the block size corresponds to a third number of bytes that is greater than or equal to the first number of bytes; encrypting the third number of bytes including the second portion of the packet using the encryption protocol associated with the encrypted tunnel; and sending, from the client device, the packet over the network to the headend device using the encrypted tunnel").
Weinstein, Chen, and Mestery are analogous art because they are from the same field of endeavor. Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art to utilize Weinstein’s processing devices with Chen’s integrated security device network address substitution and Mestery’s encryption method to enforce encryption of a network packet. The suggestion/motivation for doing so would be to improve security and protect sensitive medical data when transmitting the data via a network interface.
Regarding claim 3, Weinstein, Chen, and Mestery teach after the controller sets the network information of the first information processing device as the network information of the relay device (Chen: see Col 6 lines 39-43; Col 8 12-20; Col 8 lines 65-67 - Col 9 lines 1-3), the relay device decrypts a packet transmitted from the second information processing device (Mestery: see Col 2 lines 62-66, "Further, the method may additionally include determining that a first portion of the packet is encrypted using a first encryption protocol associated with the encrypted tunnel, and decrypting the first portion of the packet according to the first encryption protocol"), and transmits the decrypted packet to the first information processing device (Mestery: see Col 9 lines 44-51, "At “9,” the headend device 108 may provide 108 the packet 118 to one or more destination devices that are indicated by a destination address in the packet 118 header (and/or forward the packet 118 to a next hop in the path), such as one or more of the servers 112. The packet 118 may be partially decrypted in that the first portion 120 of the packet 118 may still be encrypted using the initial encryption protocol (e.g., TLS, DTLS, SSL, etc.)"). Motivation to combine Weinstein, Chen, and Mestery, in the instant claim, is the same as that in claim 2.
Claims 4-5 are rejected under 35 U.S.C. 103 as being unpatentable over Weinstein and Chen, as applied to claims 1, 6, and 7 above, and in further view of Bharrat et al. (U.S. 2011/0271096)(hereinafter Bharrat).
Regarding claim 4, Weinstein and Chen teach the invention detailed above.
However, Weinstein and Chen do not teach the controller is configured to set an encryption mode of a packet that the relay device transmits, based on encryption mode information included in a packet transmitted from the second information processing device.
Nevertheless, Bharrat-which is in the same field of endeavor- teaches the controller is configured to set an encryption mode of a packet that the relay device transmits, based on encryption mode information included in a packet transmitted from the second information processing device (Bharrat: see Page 2 paragraph 0012 lines 3-18, "The operating system is configured to determine encryption information including one or more parameters for encrypting and decrypting data packets transmitted between the first computing device and the remote computer.....The first computing device includes a negotiation module in communication with the operating system and the second computing device configured to transmit a message including data indicative of the encryption information to the second computing device").
Weinstein, Chen, and Bharrat are analogous art because they are from the same field of endeavor. Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art to utilize Weinstein’s processing devices with Chen’s integrated security device network address substitution and Bharrat’s dynamic encryption method determination based on packet encryption information. The suggestion/motivation for doing so would be to enforce different levels of encryption and optimize system performance while providing a protection level that is acceptable.
Regarding claim 5, Weinstein, Chen, and Bharrat teach a first mode that does not support an encrypted packet and that supports a non-encrypted packet; a second mode that supports the encrypted packet and that supports the non-encrypted packet; or a third mode that supports the encrypted packet and that does not support the non-encrypted packet (Bharrat: see Page 1 paragraph 0006, "The XFRM framework supports both a transport mode and a tunnel mode for IPsec. In transport mode, the original IP source and destination addresses are unchanged by the transform, and just the IP contents are encrypted. In tunnel mode, the original packet, including the IP header, is encapsulated in another IP packet with its own IP header. After the encapsulation by the XFRM layer, the packet goes through the Internet Layer again (e.g., the router layer)"; Page 11 paragraph 0093, "Referring to step 706, when the encrypted packets are received by the second computing device 104, the encryption module 114 uses the encryption information (e.g., SA information stored in the database 116 of FIG. 1) to decrypt the packet and forward to the link driver module 320 in the operating system 106. In some embodiments, the encryption module 114 is configured to not remove encryption header information. For example, for IPsec, the encryption module 114 can be configured to not remove the encapsulating security payload (ESP, which provides origin authenticity, integrity, and confidentiality) header and/or IPsec authentication headers (AH, which protects the data packet header, unlike ESP). For IPsec tunnel mode, the encryption module 114 can be configured to not remove the outer IP header"). Motivation to combine Weinstein, Chen, and Bharrat, in the instant claim, is the same as that in claim 4.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KELAH JANAE MCFARLAND-BARNES whose telephone number is (571)272-5953. The examiner can normally be reached Monday through Friday 8:00am until 4:00pm Central Time.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn D Feild can be reached at 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/KELAH JANAE MCFARLAND-BARNES/Examiner, Art Unit 2431
/LYNN D FEILD/Supervisory Patent Examiner, Art Unit 2431