DETAILED ACTION
Claims 1-21 are presented on 03/03/2025 for examination on merits. Claims 1, 11, and 12 are independent base claims.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Examiner's Instructions for filing Response to this Office Action
When the Applicant submits amendments regarding to the claims in response the Office Action, the Examiner would appreciate Applicant if a clean copy of the claims is provided to facilitate the prosecution which otherwise requires extra time for editing the marked-up claims from OCR.
Please submit two sets of claims:
Set #1 as in a typical filing which includes indicators for the status of claim and all marked amendments to the claims; and
Set #2 as an appendix to the Arguments/Remarks for a clean version of the claims which has all the markups removed for entry by the Examiner.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 1-21 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-21 of Application No. 19/229651 (hereinafter “APP 651”).
APP 651 anticipates claim 1 of the instant application:
A method for performing authorization based active inspection of network paths for a resource deployed in a cloud computing environment (APP 651, CLM. 1: A method for performing active inspection of a computing environment), comprising:
receiving at least one network path to access the resource, wherein the resource is deployed in a cloud computing environment, the cloud computing environment connected to an external network (APP 651, CLM. 1: receiving at least one network path to access a first resource, wherein the first resource is deployed in the computing environment, and potentially accessible from an external network which is external to the computing environment);
actively inspecting the at least one network path by an active inspector to determine if the resource is accessible by the active inspector through the at least one network path utilizing the external network, wherein the active inspector is deployed in an inspection environment utilizing a processing circuitry, a memory coupled to the circuitry, and a network interface for accessing the external network (APP 651, CLM. 2: actively inspecting a plurality of second resources to determine accessibility through another network path from the external network; CLMS. 4 and 15: an active inspector);
generating an access instruction of a first type to access the resource based on a reachability parameter designated in the at least one network path (APP 651, CLM. 1: );
executing the generated access instruction (APP 651, CLM. 1: generating a network instruction to access the first resource based on a plurality of reachability parameters designated in the at least one network path);
determining the at least a network path is accessible from the external network when the executed instruction results in a first predetermined response (APP 651, CLM. 1: determining that the first resource is inaccessible over the at least one network path when the network instruction returns an error); and
determining that the at least a network path is inaccessible from the external network when the executed instruction results in a second predetermined response (APP 651, CLM. 1: determining that the first resource is accessible over the at least one network path when the network instruction does not return an error).
Independent claims 11 and 12 are rejected for the same reason as claim 1, because they each recites the same limitations as claim 1 in similar language.
Regarding dependent claims of the present application, they are obvious variants of the same subject matter as found in the reference application, and thereby rejected under the judicially created doctrine of obviousness-type double patenting.
Secondly,
Claims 1-21 are rejected on the ground of non-statutory double patenting as being unpatentable over claims 1-21 of US Patent # US 12395488 B2, hereinafter “USPAT 488” (aka, Application No. 17/659165), in view of Litichever (US 20200389469 A1; hereinafter “Liti”).
Although the claims at issue are not identical, they are not patentably distinct from each other because they both claim the same subject matter of performing inspection of a cloud computing environment by using a received network path.
USPAT 488 teaches all the limitations as discussed in previous office action except for that the resource requires access authorization. This aspect of the claim is identified as a further difference.
It is noted that USPAT 488 teaches, at CLM. 1: determining that each of the second resources is accessible through the another network path from the network external to the cloud computing environment when the executed instruction does not return an error for the subset of the plurality of second resources. And at CLM. 2, USPAT 488 also teaches: further comprising: generating a first instruction to access the first resource based on a plurality of reachability parameters designated in the at least one network path; causing execution of the generated first instruction to access the first resource; and determining that the at least a network path is accessible from the external network when the executed instruction does not return an error.
In a related art, Liti teaches:
The resource requires access authorization (Liti par. 0044-0046: authentication procedure; If authentication is successful, the authenticator sets the port to the “authorized” state and normal traffic is allowed; par. 0598-0601: suspected message or the message represents a normal or authorized traffic).
Liti are analogous art to the claimed invention in a similar field of endeavor in improving analysis of network vulnerability as the claimed invention. Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to combine them and to modify the instant system with Liti’s teachings of receiving at least one network path to access a resource which requires access authorization. For this combination, the motivation would have been to improve the level of security with the network path being verified by access authorization.
Independent claim 11 and 12 are rejected for the same reason as claim 1, because they each recite the same limitations as the limitations that claim 1 recites in similar language.
Regarding dependent claims of the present application, they are obvious variants of the same subject matter as found in the reference application, and thereby rejected under the judicially created doctrine of obviousness-type double patenting.
Thirdly,
Claims 1-21 are rejected on the ground of non-statutory double patenting as being unpatentable over claims 1-15 of US Patent No. US 12244627 B2, hereinafter “USPAT 627” (aks, Application No. 17/659164) in view of Litichever (US 20200389469 A1; hereinafter “Liti”).
USPAT 627 teaches a method for performing active inspection of a cloud computing environment and all the limitations as discussed in the previous office action, expect for the resource requiring access authorization described in the dependent claims. This aspect of the claim is identified as a further difference. In a related art, Liti teaches:
The resource requires access authorization (Liti par. 0044-0046: authentication procedure; If authentication is successful, the authenticator sets the port to the “authorized” state and normal traffic is allowed; par. 0598-0601: suspected message or the message represents a normal or authorized traffic).
Liti are analogous art to the claimed invention in a similar field of endeavor in improving analysis of network vulnerability as the claimed invention. Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to combine them for modification including Liti’s teachings of receiving at least one network path to access a resource which requires access authorization. For this combination, the motivation would have been to improve the level of security with the network path being verified by access authorization.
Independent claim 11 and 12 are rejected for the same reason as claim 1, because they each recite the same limitations as the limitations that claim 1 recites in similar language.
Regarding dependent claims of the present application, they are obvious variants of the same subject matter as found in the reference application, and thereby rejected under the judicially created doctrine of obviousness-type double patenting.
Fourthly,
Claims 1-21 are rejected on the ground of non-statutory double patenting as being unpatentable over claims 1-17 of US Patent No. US 12267326 B2, hereinafter “USPAT 326” (aks, Application No. 17/6591643) in view of Litichever (US 20200389469 A1; hereinafter “Liti”).
USPAT 326 teaches a method for performing active inspection of a cloud computing environment and all the limitations as discussed in the previous office action, expect for the resource requiring access authorization described in the dependent claims. This aspect of the claim is identified as a further difference. In a related art, Liti teaches:
The resource requires access authorization (Liti par. 0044-0046: authentication procedure; If authentication is successful, the authenticator sets the port to the “authorized” state and normal traffic is allowed; par. 0598-0601: suspected message or the message represents a normal or authorized traffic).
Liti are analogous art to the claimed invention in a similar field of endeavor in improving analysis of network vulnerability as the claimed invention. Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to combine them for modification including Liti’s teachings of receiving at least one network path to access a resource which requires access authorization. For this combination, the motivation would have been to improve the level of security with the network path being verified by access authorization.
Independent claim 11 and 12 are rejected for the same reason as claim 1, because they each recite the same limitations as the limitations that claim 1 recites in similar language.
Regarding dependent claims of the present application, they are obvious variants of the same subject matter as found in the reference application, and thereby rejected under the judicially created doctrine of obviousness-type double patenting.
Claim Objections
Claims 1, 11, and 12 are objected to because of the following informalities:
Claims 1, 11, and 12 each recite “authorization based” deficiently, as the term should be a compound term. For formality reasons, the Examiner suggests “authorization-based.”
Appropriate correction is required.
Allowable Subject Matter
Claims 1-21 are allowable over prior art for the following reasons:
Independent claims 1-21 repeat a substantial portion of the allowable subject matter of the parent case Application No. 17659163 OC516, filed 04/13/2022, now U.S. Patent # 12267326. Therefore, independent claims 1, 11, and 12 are allowable. Dependent claims are allowed by virtue of their dependencies on claims 1, 11, and 12 as they further limit the scope of the claimed invention.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure as the prior art additionally discloses certain parts of the claim features (See “PTO-892 Notice of Reference Cited”).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DON ZHAO whose telephone number is (571)272.9953. The examiner can normally be reached on Monday to Friday, 7:30 A.M to 5:00 P.M EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl G Colin can be reached on 571.272.3862. The fax phone number for the organization where this application or proceeding is assigned is 571.273.8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866.217.9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800.786.9199 (IN USA OR CANADA) or 571.272.1000.
/Don G Zhao/Primary Examiner, Art Unit 2493 06/05/2026