Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
Introduction
The office action is in response to Application filed on 9/14/2020. Claims 1-3 and 6-20 are pending in the application and have been examined. Claims 1-3 and 19 have been amended. 

Continued Examination Under 37 CFR 1.114
         A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office Action has been withdrawn pursuant to 37 CFR 1.114.   Applicant’s submission filed on 3/17/2020 has been entered.

Response to Arguments
Applicant’s arguments on 35 U.S.C 103:
Applicant’s arguments filed 9/14/2020 have been fully considered.
Applicant Argument #1:
Krishnamurthy, Raspudic, and Karasaridis, whether individually or in combination, fail to disclose or suggest, at least, "each pair for each user session comprises an active cloud computing resource for processing user and control plane traffic of the user session, and a standby cloud computing resource being a standby for the active cloud computing resource, the standby cloud computing resource being configured to also process the control plane traffic of the user session," as recited in independent claims 1 and 17 (page 15)
Examiner Response to Argument #1:
Applicant’s argument has been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of Raspudic and Hao et al. Publication No. US 2011/0075571 A1.
Hao teaches: wherein each pair for each user session comprises an active computing resource for processing user and control plane traffic of the user session (Para 0027 – primary VM 320 are configured to handle requests for the corresponding group of users during normal operations; and Para 0028 - Both data plane and control plane traffic first reach the replicator 330 and are then forwarded to the corresponding virtual machines for handling the requests), and a standby computing resource being a standby for the active computing resource, the standby computing resource being configured to also process the control plane traffic of the user session (Para 0024 - A replicator generates copies of the packets that are received by the server 205 and distributes copies of each of the packets to both the primary and backup home agents, wherein the both  the primary and backup home agents can use the copies of the packets to maintain mirror states of each other so that the backup home agent is prepared to support users in the event that the primary home agent fails or otherwise becomes unavailable; and Para 0028 - Both data plane and control plane traffic first reach the replicator 330 and are then forwarded to the corresponding virtual machines) 
Raspudic teaches that each pair for each user session comprises an active cloud computing resource […], and a standby cloud computing resource being a standby for the active cloud computing resource (Para 0051 - the primary VM 300 and standby VM 302 may be on the same or different cloud sites; and Para 0053 - the provisioning enables standby VM 302 to function as a backup VM for primary VM 300 if primary VM 300 fails)
So, a combination of Raspudic and Hao teaches the limitation above as recited in independent 1 and 17.

Applicant Argument #2:
Hao, Raspudic, and Karasaridis, whether individually or in combination, fail to disclose or suggest, at least, "the pair of cloud computing resources comprises an active cloud computing resource for processing user plane traffic of the user session, and a standby cloud computing resource being a standby for the active cloud computing resource," as recited in independent claims 2 and 19 (pages 20-21)
Examiner Response to Argument #2:
The examiner respectfully disagrees. 
Hao teaches that the pair of computing resources (Para 0026 - the a pair of primary VM 320 and backup VM2 325) comprises an active computing resource for processing user plane traffic of the user session (Para 0027 – primary VM 320 are configured to handle requests for the corresponding group of users during normal operations; and Para 0028 - Both data plane and control plane traffic first reach the replicator 330 and are then forwarded to the corresponding virtual machines for handling the requests), and a standby computing resource being a standby for the active computing resource (Para 0027 - the backup home agents 325 are configured take over when the primary home agents 320 fail or otherwise become unavailable) 
Raspudic teaches that the pair of cloud computing resources comprises an active cloud computing resource […] and a standby cloud computing resource being a standby for the active cloud computing resource (Para 0051 - the primary VM 300 and standby VM 302 may be on the same or different cloud sites; and Para 0053 - the provisioning enables standby VM 302 to function as a backup VM for primary VM 300 if primary VM 300 fails)
So, a combination of Raspudic and Hao teaches the limitation above as recited in independent 2 and 19.

Applicant Argument #3:
Hao and Karasaridis, whether individually or in combination, fail to disclose or suggest, at least, "the pair comprises an active cloud computing resource and a standby cloud computing resource," as recited in independent claim 3 (page 23)
Examiner Response to Argument #3:
Applicant’s argument has been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of Mahdavi et al. Publication No. US 2012/0198441 A1. 

Claim Rejections - 35 USC § 103
The following is a quotation of 35 USC § 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made

Claims 1, 6-8, 10-12, 15, 17-18 and 20 are rejected under AIA  35 U.S.C. 103 as being unpatentable over Krishnamurthy Publication No. US 2010/0088698 A1 (hereinafter “Krishnamurthy”), in view of Raspudic et al. Publication No. US 2013/0091376 A1 (hereinafter “Raspudic”), Hao et al. Publication No. US 2011/0075571 A1 (hereinafter “Hao”) and Karasaridis et al. Publication No. US 2012/0023153  (hereinafter “Karasaridis”).

Regarding claim 1, 

Krishnamurthy teaches a method comprising:

allocating computing resources to process a user session (Abstract - the virtual machines is allocated for managing a communication session) by a gateway (Para 0075 - the communication session management system includes a gateway device 401; and Para 0080 - the plurality of virtual machines are allocated on the single gateway device 401)

allocating the computing resources to user sessions (Abstract - the allocated virtual machines assume ownership roles and backup roles for managing the communication session to provide failover support for the communication sessions)

determining a failure of one computing resource from computing resources allocated to the user session (Para 0073 - the session manager detects a non-responsive first virtual machine); and allocating a computing resource (Para 0073 - the session manager automatically and dynamically transitions the principal and the protected resource to continue to interact with one another on a virtual machine that is different from the first virtual machine during the communication session)

Krishnamurthy does not explicitly disclose:

a mobile communications network.

allocating cloud computing resources.

allocating the cloud computing resources in pairs.

wherein each pair for each user session comprises an active cloud computing resource for processing user and control plane traffic of the user session, and a standby cloud computing resource being a standby for the active cloud computing resource, the standby cloud computing resource being configured to also process the control plane traffic of the user session

allocating a new cloud computing resource to the pair.

obtaining information on the new allocation of at least one cloud computing resource allocated to the user session for processing user plane traffic of the user session; and 

updating a current allocation between a user session and a cloud computing resource allocated to the user session, on the basis of the obtained new allocation.

obtaining and updating, by the gateway, rules from a controller.

Raspudic teaches:

a mobile communications network (Fig. 1 - mobile phone 54A may communication with cloud computing nodes 10 via mobile network 50)

allocating the cloud computing resources (Para 0051 - the primary VM 300 and standby VM 302 may be on the same or different cloud sites)

allocating the cloud computing resources in pairs (Para 0051 - the primary VM 300 and standby VM 302 may be on the same physical computer system/server 200; and Para 0053 - the provisioning enables standby VM 302 to function as a backup VM for primary VM 300 if primary VM 300 fails)

allocating a new cloud computing resource to the pair (Para 0057 and 0065 - self-repair application 264 promotes the backup standby VM 304 to a new standby VM to replace standby VM 302. In one embodiment, when self-repair application 264 promotes a given standby VM 302 to primary VM 300, self-repair application 264 may also promote one backup standby VM 304 to standby VM)

obtaining information on the new allocation of at least one cloud computing resource allocated to the user session for processing user plane traffic of the user session (Para 0057 - After self-repair application 264 detects a failure associated with a primary VM, the standby VM 302 is taken out of its role as a replica (e.g., a backup) and become a new primary VM, so all user plane data are processed by the new primary VM.  At this time, a procedure is initiated to provision a new standby VM to replace old standby VM 302) 

updating a current allocation between a user session and a cloud computing resource allocated to the user session, on the basis of the obtained new allocation (Para 0057 - after standby VM 302 is promoted to become a new primary VM, the previous primary VM (e.g., primary VM 300) is deleted. In one embodiment, data associated with the previous primary VM is deleted from the system. Since VM 302 becomes the new primary VM, all transaction of session is performed at database of the new primary VM 302)


Hao teaches:

wherein each pair for each user session comprises an active computing resource for processing user and control plane traffic of the user session (Para 0027 – primary VM 320 are configured to handle requests for the corresponding group of users during normal operations; and Para 0028 - Both data plane and control plane traffic first reach the replicator 330 and are then forwarded to the corresponding virtual machines for handling the requests), and a standby computing resource being a standby for the active computing resource, the standby computing resource being configured to also process the control plane traffic of the user session (Para 0024 - A replicator generates copies of the packets that are received by the server 205 and distributes copies of each of the packets to both the primary and backup home agents, wherein the both  the primary and backup home agents can use the copies of the packets to maintain mirror states of each other so that the backup home agent is prepared to support users in the event that the primary home agent fails or otherwise becomes unavailable; and Para 0028 - Both data plane and control plane traffic first reach the replicator 330 and are then forwarded to the corresponding virtual machines)

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Krishnamurthy and Raspudic to include the teachings of Hao. The motivation for doing so is to hand off the users from a primary VM to a backup VM in the event of the primary VM failure can occur without any substantial decrease in the resource allocation during normal operation.
Karasaridis teaches:

obtaining and updating, by the gateway, rules from a controller (Para 0030 - dynamic DNS forwarder (DDF) 130 of gateway device 106 receives and updates the forwarding rules 132 from server controller 104)



Regarding claim 6, the method of claim 1 above,

Krishnamurthy teaches:

determining a failure of one computing resource from cloud computing resources comprising an active computing resource and a standby computing resource allocated to the user session (Para 0073 - after the session manager detects a non-responsive first virtual machine, the session manager automatically and dynamically transitions the principal and the protected resource to continue to interact with one another on a virtual machine that is different from the first virtual machine during the communication session)

Krishnamurthy does not explicitly disclose:

cloud computing resources.

a failure of one cloud computing resource from a pair of cloud computing resources.

Raspudic teaches:

cloud computing resources (Para 0051 - the primary VM 300 and standby VM 302 may be on the same or different cloud sites)

a failure of one cloud computing resource from a pair of cloud computing resources (Para 0056 - self-repair application 264 detects a failure associated with the primary VM 300 or standby VM 302 at step 406)

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Krishnamurthy to include the teachings of Raspudic. The motivation for doing so is to determine that the allocated VMs for processing the user session is allocated in a pairs of VMs.

Regarding claim 7, the method of claim 6 above,

Krishnamurthy does not explicitly disclose

replacing the failed cloud computing resource by a new cloud computing resource, when the failed cloud computing resources comprise the standby cloud computing resource.

Raspudic teaches 

replacing the failed cloud computing resource by a new cloud computing resource, when the failed cloud computing resources comprise the standby cloud computing resource (Para 0064-0065 - self-repair application 264 detects a failure, the failure may be associated with the database of the standby VM 302, so the self-repair application promotes the backup standby VM 304 to a new standby VM to replace standby VM 302)

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Krishnamurthy to include the teachings of Raspudic. The motivation for doing so is to provide a new resource for replacing a failed resource when the failed resource is a standby resource.

Regarding claim 8, the method of claim 6 above,

Krishnamurthy does not explicitly disclose:

setting the standby cloud computing resource as active, when the failed cloud computing resources comprise the active cloud computing resource; and allocating the new cloud computing resources as active to the pair.

Raspudic teaches:

setting the standby cloud computing resource as active, when the failed cloud computing resources comprise the active cloud computing resource; and allocating the new cloud computing resources as active to the pair (Para 0057 - After self-repair application 264 detects a failure associated with a primary VM, the standby VM 302 is taken out of its role as a replica (e.g., a backup) and 

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Krishnamurthy to include the teachings of Raspudic. The motivation for doing so is to replace a standby VM by a backup standby VM to proactively minimize any vulnerability caused by a failure of a primary or a standby VM.

Regarding claim 10, the method of claim 1 above,

Krishnamurthy teaches:

allocating a first pair of computing resource to the user session, wherein a first computing resources is active and processing user plane traffic of the user session (Para 0070 - at 341, the session manager sets an owner for the communication session to initially be the first virtual machine within the session metadata), and a second cloud commuting resources is a standby for the active cloud computing resource (Para 0073 - after the session manager detects a non-responsive first virtual machine, the session manager automatically and dynamically transitions the principal and the protected resource to continue to interact with one another on a virtual machine that is different from the first virtual machine during the communication session)

Krishnamurthy does not explicitly disclose:

allocating a pair of cloud computing resources.

first cloud computing resources in the pair is active and a second cloud commuting resources in the pair is a standby for the active cloud computing resource.

Raspudic teaches:

allocating a pair of cloud computing resources (Para 0051 - the primary VM 300 and standby VM 302 may be on the same or different cloud sites)

first cloud computing resources in the pair is active and a second cloud commuting resources in the pair is a standby for the active cloud computing resource (Para 0051 - the primary VM 300 and standby VM 302 may be on the same physical computer system/server 200; and [para 0053] the provisioning enables standby VM 302 to function as a backup VM for primary VM 300 if primary VM 300 fails)

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Krishnamurthy to include the teachings of Raspudic. The motivation for doing so is to determine that the allocated VMs for processing the user session is allocated in a pairs of VMs.

Regarding claim 11, the method of claim 1 above,

Krishnamurthy teaches 

receiving control plane traffic of a user session forwarding the control plane traffic to both computing resources from computing resources allocated to the user session (Para 0021 - the port session broadcasting service broadcasts the access authorization within the secure network. The secure network includes the first virtual machine and second virtual machines. The first virtual machine and each of the second virtual machines are capable of servicing the request for access to the protected resource)

Krishnamurthy does not explicitly disclose:

both cloud computing resources from a pair of cloud computing resources.

Raspudic teaches:

both cloud computing resources from a pair of cloud computing resources (Para 0051 - the primary VM 300 and standby VM 302 may be on the same physical computer system/server 200; and para 0053 - the provisioning enables standby VM 302 to function as a backup VM for primary VM 300 if primary VM 300 fails)

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Krishnamurthy to 

Regarding claim 12, the method of claim 1 above,

Krishnamurthy teaches:

receiving user plane traffic of a user session; and processing the received user plane traffic by an active computing resource from computing resources allocated to the user session (Para 0023 - the first virtual machine assumes ownership role, i.e. active VM, so the session request is received and initially handled by the first virtual machine)

Krishnamurthy does not explicitly disclose:

an active cloud computing resource from a pair of cloud computing resources.

Raspudic teaches:

an active cloud computing resource from a pair of cloud computing resources (Para 0051 - the primary VM 300 and standby VM 302 may be on the same physical computer system/server 200; and [para 0053] the provisioning enables standby VM 302 to function as a backup VM for primary VM 300 if primary VM 300 fails)

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Krishnamurthy to include the teachings of Raspudic. The motivation for doing so is to determine that the allocated VMs for processing the user session is allocated in a pairs of VMs.

Regarding claim 15, the method of claim 1 above,

Krishnamurthy teaches

wherein the computing resources are allocated to groups for user sessions (Para 0071 - the session manager manages the session metadata as a list of lists. The first list is based on identifiers for communication sessions and each first list 

Krishnamurthy does not explicitly disclose:

the cloud computing resources.

Raspudic teaches:

the  cloud computing resources (Para 0051 - the primary VM 300 and standby VM 302 may be on the same or different cloud sites)

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Krishnamurthy to include the teachings of Raspudic. The motivation for doing so is to proactively minimize any vulnerability caused by a failure of a primary or a standby VM.


Regarding claim 17,

Krishnamurthy teaches an apparatus comprising: at least one processor; and at least one memory including computer code, wherein the at least one memory and the computer code are configured to, with the at least one processor, cause the apparatus at least to:

allocate computing resources to process a user session (Abstract - the virtual machines is allocated for managing a communication session) by a gateway (Para 0075 - the communication session management system includes a gateway device 401; and Para 0080 - the plurality of virtual machines are allocated on the single gateway device 401)

allocate the computing resources to user sessions (Abstract - the allocated virtual machines assume ownership roles and backup roles for managing the communication session to provide failover support for the communication sessions)

determine a failure of one computing resource from computing resources allocated to the user session (Para 0073 - the session manager detects a non-responsive first virtual machine) and allocate a computing resource (Para 0073 - the session manager automatically and dynamically transitions the principal and 

Krishnamurthy does not explicitly disclose:

allocating cloud computing resources.

allocating the cloud computing resources in pairs.

wherein each pair for each user session comprises an active cloud computing resource for processing user and control plane traffic of the user session, and a standby cloud computing resource being a standby for the active cloud computing resource, the standby cloud computing resource being configured to also process the control plane traffic of the user session

allocate a new cloud computing resource to the pair.

obtaining information on the new allocation of at least one cloud computing resource allocated to the user session for processing user plane traffic of the user session; and 

updating a current allocation between a user session and a cloud computing resource allocated to the user session, on the basis of the obtained new allocation.

obtaining rules from a controller.

Raspudic teaches:

a mobile communications network (Fig. 1 - mobile phone 54A may communication with cloud computing nodes 10 via mobile network 50)

allocating the cloud computing resources (Para 0051 - the primary VM 300 and standby VM 302 may be on the same or different cloud sites)

allocating the cloud computing resources in pairs (Para 0051 - the primary VM 300 and standby VM 302 may be on the same physical computer system/server 200; and Para 0053 - the provisioning enables standby VM 302 to function as a backup VM for primary VM 300 if primary VM 300 fails)

allocate a new cloud computing resource to the pair (Para 0057 and 0065 - self-repair application 264 promotes the backup standby VM 304 to a new standby VM to replace standby VM 302. In one embodiment, when self-repair application 

obtaining information on the new allocation of at least one cloud computing resource allocated to the user session for processing user plane traffic of the user session (Para 0057 - After self-repair application 264 detects a failure associated with a primary VM, the standby VM 302 is taken out of its role as a replica (e.g., a backup) and become a new primary VM, so all user plane data are processed by the new primary VM.  At this time, a procedure is initiated to provision a new standby VM to replace old standby VM 302) 

updating a current allocation between a user session and a cloud computing resource allocated to the user session, on the basis of the obtained new allocation (Para 0057 - after standby VM 302 is promoted to become a new primary VM, the previous primary VM (e.g., primary VM 300) is deleted. In one embodiment, data associated with the previous primary VM is deleted from the system. Since VM 302 becomes the new primary VM, all transaction of session is performed at database of the new primary VM 302)

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Krishnamurthy to include the teachings of Raspudic. The motivation for doing so is to proactively minimize any vulnerability caused by a failure of a primary or a standby VM.
Hao teaches:

wherein each pair for each user session comprises an active computing resource for processing user and control plane traffic of the user session (Para 0027 – primary VM 320 are configured to handle requests for the corresponding group of users during normal operations; and Para 0028 - Both data plane and control plane traffic first reach the replicator 330 and are then forwarded to the corresponding virtual machines for handling the requests), and a standby computing resource being a standby for the active computing resource, the standby computing resource being configured to also process the control plane traffic of the user session (Para 0024 - A replicator generates copies of the packets that are received by the server 205 and distributes copies of each of the packets to both the primary and backup home agents, wherein the both  the primary and backup home agents can use the copies of the packets to maintain mirror states of each other so that the backup home agent is prepared to support users in the event that the primary home agent fails or otherwise becomes 

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Krishnamurthy and Raspudic to include the teachings of Hao. The motivation for doing so is to hand off the users from a primary VM to a backup VM in the event of the primary VM failure can occur without any substantial decrease in the resource allocation during normal operation.
Karasaridis teaches:

obtaining rules from a controller (Para 0030 - dynamic DNS forwarder (DDF) 130 of gateway device 106 receives and updates the forwarding rules 132 from server controller 104)

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Krishnamurthy to include the teachings of Karasaridis. The motivation for doing so is to monitor and track traffic in a domain name system forwarding.

Regarding claim 18, the apparatus of claim 17 above,

Krishnamurthy teaches:

wherein the apparatus is a controller of computing resources, a controller of software defined switches for a communications network, a gateway or a software defined switch for a communications network (Para 0075 - the communication session management system includes a gateway device 401; and Para 0080 - the plurality of virtual machines are allocated on the single gateway device 401)

Krishnamurthy does not explicitly disclose:

cloud computing resources.

a mobile communications network.

Raspudic teaches:

cloud computing resources (Para 0051 - the primary VM 300 and standby VM 302 may be on the same or different cloud sites).

a mobile communications network (Fig. 1 - mobile phone 54A may communication with cloud computing nodes 10 via mobile network 50)

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Krishnamurthy to include the teachings of Raspudic. The motivation for doing so is to determine that the apparatus is a gateway in a mobile communications network.

Regarding claim 20:

Claim 20 is analyzed and interpreted as a computer program product embodied in a non- transitory computer-readable medium of claim 1.

Claims 9, 13-14 and 16 are rejected under AIA  35 U.S.C. 103 as being unpatentable over Krishnamurthy in view of Raspudic and Karasaridis, and further in view of Kempf et al. Publication No. US 2012/0300615 A1 (hereinafter “Kempf”).

Regarding claim 9, the method of claim 1 above,

Krishnamurthy does not explicitly disclose 

wherein a cloud computing resource comprises an instance of allocatable computing resources in a software defined switch under control of a centralized controller.

Kempf teaches 

wherein a cloud computing resource comprises an instance of allocatable computing resources in a software defined switch under control of a centralized controller (Para 0044 and Fig. 1 - the OpenFlow protocol enables a 

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Krishnamurthy to include the teachings of Kempf. The motivation for doing so is to determine that allocated resources to a virtual switch are controlled by a controller.

Regarding claim 13, the method of claim 1 above,

Krishnamurthy does not explicitly disclose:

receiving tunneled traffic originating from a network addressable host.

deriving a tunnel end point identifier, TEID, and a network address of the originator from the received traffic.

determining a session associated with the received traffic on the basis of the derived information.

forwarding the received traffic for processing by a pair of cloud computing resources allocated to the session.

Kempf teaches:

receiving tunneled traffic originating from a network addressable host (Para 0079 -traffic from a UE 1607 that needs to be routed to another peering operator)

deriving a tunnel end point identifier, TEID, and a network address of the originator from the received traffic (Para 0086 - The TEID field contains the GTP TEID for the tunnel and the tunnel origin source IP address contains the address on the encapsulating gateway to which any control traffic involving the tunnel should be directed)

determining a session associated with the received traffic on the basis of the derived information and forwarding the received traffic for processing by a pair of cloud computing resources allocated to the session (Para 0090 - based on the derived information, the switch determines whether the derived 

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Krishnamurthy to include the teachings of Kempf. The motivation for doing so is to provide derived information from a tunnel traffic to allocated resource for processing the session that is associated to the traffic.

Regarding claim 14, the method of claim 1 above,

Krishnamurthy does not explicitly disclose

wherein received in the user session is forwarded for processing by the allocated computing resources on the basis of information derived from the received traffic, said information defining a portion of tunnel end point identifier, TEID, value range and a sub-network originating the received traffic.

Kempf teaches

wherein received in the user session is forwarded for processing by the allocated cloud computing resources on the basis of information derived from the received traffic, said information defining a portion of tunnel end point identifier, TEID, value range and a sub-network originating the received traffic (Para 0103 - The OpenFlow message also includes information on the values for the sequence number, N-PDU number, or the type and contents of the extension header, as well as the packet header fields designating the decapsulation gateway and bearer transport and the GTP TEID tunnel end-point ID)

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Krishnamurthy to include the teachings of Kempf. The motivation for doing so is to provide derived 

Regarding claim 16, the method of claim 1 above,

Krishnamurthy does not explicitly disclose

wherein information indicating allocated cloud computing resources are communicated from a controller of cloud computing resources to a controller of software defined switches by a control protocol, for example OpenFlow.

Kempf teaches 

wherein information indicating allocated cloud computing resources are communicated from a controller of cloud computing resources to a controller of software defined switches by a control protocol, for example OpenFlow (Para 0044 - The OpenFlow 1.0 protocol enables a controller 101 to connect to an OpenFlow 1.0 enabled switch 109 using a secure channel 103 and control a single forwarding table 107 in the switch 109)

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Krishnamurthy to include the teachings of Kempf. The motivation for doing so is to use a control protocol OpenFlow for sending control messages.

Claims 2 and 19 are rejected under AIA  35 U.S.C. 103 as being unpatentable over Hao et al. Publication No. US 2011/0075571 A1 (hereinafter “Hao”) in view of Raspudic et al. Publication No. US 2013/0091376 A1 (hereinafter “Raspudic”) and Karasaridis et al. Publication No. US 2012/0023153  (hereinafter “Karasaridis”).


Regarding claim 2, 

Hao teaches a method comprising:

obtaining information cloud computing resources allocated to a user session by a gateway in a mobile communications network (Para 0020 - server 205 that is configured to implement distributed virtual home agents that are used to provide access to a public network 210 and a private network 215. The server 205 and the networks 210, 215 shown in FIG. 2 operate in accordance with the mobile Internet Protocol (IP), i.e. the server 205 is functioned as a gateway in a mobile communication network; Para 0026 - the backup home agent 325 pairs up with a primary home agent 320; and Para 0032 - the server may monitor operation of the primary home agents to determine whether any of the primary home agents have failed or otherwise become unavailable) wherein the pair of computing resources comprises an active computing resource for processing user plane traffic of the user session (Para 0027 – primary VM 320 are configured to handle requests for the corresponding group of users during normal operations; and Para 0028 - Both data plane and control plane traffic first reach the replicator 330 and are then forwarded to the corresponding virtual machines for handling the requests), and a standby computing resource being a standby for the active computing resource (Para 0024 - A replicator generates copies of the packets that are received by the server 205 and distributes copies of each of the packets to both the primary and backup home agents, wherein the both  the primary and backup home agents can use the copies of the packets to maintain mirror states of each other so that the backup home agent is prepared to support users in the event that the primary home agent fails or otherwise becomes unavailable; and Para 0028 - Both data plane and control plane traffic first reach the replicator 330 and are then forwarded to the corresponding virtual machines)

determining rules for the pair configured to enable forwarding of that incoming control plane traffic associated with the session to the both cloud computing resources forming the pair (Para 0028 - the replicator 330 can maintain a database indicating the mapping between virtual machines and the mobile prefixes that they handle. Based on information of virtual machines, control plane traffic first reach the replicator 330 and are then forwarded to the corresponding virtual machines) 

deploying the rules wherein the user session is processed according to the rules (Para 0028 - the replicator 330 makes copies of the received packets and distributes the copies to the virtual machines on the blades 305 so that the primary home agents 320 and backup home agents 325 can mirror each other's states)

Hao teaches that VMs are allocated in pairs and information of primary VMs are obtained (para 0026, 0032). However, Hao does not explicitly disclose:

obtaining information on a pair of cloud computing resources;

wherein rules are sent to the gateway;

obtaining information on the new allocation of at least one cloud computing resource allocated to the user session for processing user plane traffic of the user session; and 

updating a current allocation between a user session and a cloud computing resource allocated to the user session, on the basis of the obtained new allocation.

Raspudic teaches:

obtaining information on a pair of cloud computing resources (Para 0051 - the primary VM 300 and standby VM 302 may be on the same or different cloud sites; and Para 0058 - self-repair application 264 may include an event detection software module to detect failures; and Para 0064 - the failure may be associated with the primary VM 300 or the standby VM 302. I.e. information on a pair of the primary VM and standby VM is obtained in order to determine whether a failure associated with the primary VM or standby VM) 

obtaining information on the new allocation of at least one cloud computing resource allocated to the user session for processing user plane traffic of the user session (Para 0057 - After self-repair application 264 detects a failure associated with a primary VM, the standby VM 302 is taken out of its role as a replica (e.g., a backup) and become a new primary VM, so all user plane data are processed by the new primary VM.  At this time, a procedure is initiated to provision a new standby VM to replace old standby VM 302) 

updating a current allocation between a user session and a cloud computing resource allocated to the user session, on the basis of the obtained new allocation (Para 0057 - after standby VM 302 is promoted to become a new primary VM, the previous primary VM (e.g., primary VM 300) is deleted. In one embodiment, data associated with the previous primary VM is deleted from the system. Since VM 302 becomes the new primary VM, all transaction of session is performed at database of the new primary VM 302)

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Hao to include the 
Karasaridis teaches:

wherein rules are sent to the gateway (Para 0030 - dynamic DNS forwarder (DDF) 130 of gateway device 106 receives and updates the forwarding rules 132 from server controller 104)

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Hao to include the teachings of Karasaridis. The motivation for doing so is to monitor and track traffic in a domain name system forwarding.

Regarding claim 19,

Hao teaches 

a gateway for a mobile communications network (Para 0020 - server 205 that is configured to implement distributed virtual home agents that are used to provide access to a public network 210 and a private network 215. The server 205 and the networks 210, 215 shown in FIG. 2 operate in accordance with the mobile Internet Protocol (IP), i.e. the server 205 is functioned as a gateway in a mobile communication network) said gateway comprising user plane traffic processors implemented by computing resources allocated in pairs to user sessions (Para 0026 - Each blade 305 includes hardware 310 such as a processing element, hypervisor 315 and a allocated pair primary VM 320 and backup VM 325), wherein each pair for each user session comprises an active computing resource for processing user and control plane traffic of the user session (Para 0027 – primary VM 320 are configured to handle requests for the corresponding group of users during normal operations; and Para 0028 - Both data plane and control plane traffic first reach the replicator 330 and are then forwarded to the corresponding virtual machines for handling the requests), and a standby computing resource being a standby for the active computing resource, the standby computing resource being configured to also process the control plane traffic of the user session (Para 0024 - A replicator generates copies of the packets that are received by the server 205 and distributes copies of each of the packets to both the primary and backup home agents, wherein the both  the primary and backup home agents can use the copies of the packets to maintain and user plane traffic is processed by an active computing resource for a session (Para 0027 - primary VM 320 are configured to handle requests for the corresponding group of users during normal operations; and Para 0029 - during normal operation, substantially all of the resources available to the blades 305 can be made available to the primary home agents 320) and control plane traffic is forwarded to both computing resources of the pair of cloud computing resources associated with the session (Para 0028 - the replicator 330 can maintain a database indicating the mapping between virtual machines and the mobile prefixes that they handle. The replicator 330 makes copies of the received packets and distributes the copies to the virtual machines on the blades 305 so that the primary home agents 320 and backup home agents 325 can mirror each other's states)

wherein the gateway is configured to determine a failure of one computing resource from the pair of computing resources (Para 0032 - the server determines (at 420) that one of the primary home agents has failed)

Hao does not explicitly disclose:

allocate a new cloud computing resource to the pair of cloud computing resources.

obtaining information on the new allocation of at least one cloud computing resource allocated to the user session for processing user plane traffic of the user session; and 

updating a current allocation between a user session and a cloud computing resource allocated to the user session, on the basis of the obtained new allocation.

obtaining and updating rules from a controller.

Raspudic teaches:

cloud computing resources allocated (Para 0051 - the primary VM 300 and standby VM 302 may be on the same or different cloud sites)

allocate a new cloud computing resource to the pair of cloud computing resources (Para 0057 and 0065 - self-repair application 264 promotes the backup 

obtaining information on the new allocation of at least one cloud computing resource allocated to the user session for processing user plane traffic of the user session (Para 0057 - After self-repair application 264 detects a failure associated with a primary VM, the standby VM 302 is taken out of its role as a replica (e.g., a backup) and become a new primary VM, so all user plane data are processed by the new primary VM.  At this time, a procedure is initiated to provision a new standby VM to replace old standby VM 302) 

updating a current allocation between a user session and a cloud computing resource allocated to the user session, on the basis of the obtained new allocation (Para 0057 - after standby VM 302 is promoted to become a new primary VM, the previous primary VM (e.g., primary VM 300) is deleted. In one embodiment, data associated with the previous primary VM is deleted from the system. Since VM 302 becomes the new primary VM, all transaction of session is performed at database of the new primary VM 302)

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Hao to include the teachings of Raspudic. The motivation for doing so is to proactively minimize any vulnerability caused by a failure of a primary or a standby VM.
Karasaridis teaches:

obtaining and updating rules from a controller (Para 0030 - dynamic DNS forwarder (DDF) 130 of gateway device 106 receives and updates the forwarding rules 132 from server controller 104)

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Hao to include the teachings of Karasaridis. The motivation for doing so is to monitor and track traffic in a domain name system forwarding.


Claims 2 and 19 are rejected under AIA  35 U.S.C. 103 as being unpatentable over Hao et al. Publication No. US 2011/0075571 A1 (hereinafter “Hao”) in view of Mahdavi et al. Publication No. US 2012/0198441 A1 (hereinafter “Mahdavi”) 

Regarding claim 3, 

Hao teaches a method comprising:

maintaining information on user sessions processed by a gateway in a mobile communications network, wherein the gateway is implemented by computing resources (Para 0020 - server 205 that is configured to implement distributed virtual home agents that are used to provide access to a public network 210 and a private network 215. The server 205 and the networks 210, 215 shown in FIG. 2 operate in accordance with the mobile Internet Protocol (IP), i.e. the server 205 is functioned as a gateway in a mobile communication network; and para 0027 - the users in group 1 are assigned to the primary home agent 320 on the blade 305(1) and the corresponding backup home agent 325 on the blade 305(2). The users in group 2 are assigned to the primary home agent 320 on the blade 305(2) and to the corresponding backup home agent 325 on the blade 305(1). Both primary home agents 320 are configured to handle requests for the corresponding group of users during normal operations and the backup home agents 325 are configured take over when the primary home agents 320 fail or otherwise become unavailable)

maintaining an allocation of a pair of computing resources (Para 0026 – the virtual machine VM1 is used to implement a primary home agent 320 and the virtual machine VM2 is used to implement a backup home agent 325) for processing a user plane traffic of the user session and for processing control plane traffic of the user session (Para 0028 - the replicator 330 can maintain a database indicating the mapping between virtual machines and the mobile prefixes that they handle. Data plane and control plane traffic first reaches the replicator 330 and is then forwarded to the corresponding virtual machines) wherein the pair comprises an active computing resource and a standby computing resource (Para 0027 – the primary home agent 320 is configured to handle requests for the corresponding group of users during normal operations and the backup home agent 325 is configured take over when the primary home agent 320 fails or otherwise becomes unavailable)



the gateway is implemented by computing resources. 

an allocation of a pair of cloud computing resources.

wherein the pair comprises an active cloud computing resource and a standby cloud computing resource.

obtaining and updating, by the gateway, rules from a controller.

Mahdavi teaches:

the gateway is implemented by cloud computing resources (Para 0037 - the virtual machine 66 may run an application corresponding to a security gateway; and Fig. 5 states that network cloud 404 and network cloud 424 are connected via the security gateway 416b)

an allocation of cloud computing resources, wherein the pair comprises an active cloud computing resource and a standby cloud computing resource (Para 0047 - one of the virtual machines such as 166b may operate in a standby mode and essentially operate as a redundant backup to virtual machine 166a. Virtual bypass switch module 150 may operate to forward all or a given subset of traffic to virtual machine 166a and switch future traffic to virtual machine 166b, if a failure of virtual machine 166a is detected; and Fig. 5 states that network cloud 404 and network cloud 424 are connected via the security gateway 416b)

obtaining and updating, by the gateway, rules from a controller (Para 0046 - The virtual bypass switch module 150 may determine which of the virtual machines 166 to forward a packet based on instructions from a system administrator of the computer system 114)

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Hao to include the teachings of Mahdavi. The motivation for doing so is to monitor and track traffic between cloud networks.


Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DA T. TON whose telephone number is (571)272-9956.  The examiner can normally be reached on Mon-Fri (9am-5pm).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Oscar A. Louie can be reached on 571-270-1684.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.







/DA T TON/Acting Patent Examiner of Art Unit 2445                                                                                                                                                                                                        

/YOUNES NAJI/Primary Examiner, Art Unit 2445