DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment

2.	Claims 1, 3-9, 11-16 and 18-20 are pending.
 Claims 1, 9 and 16 have been amended.

Response to Arguments
3.	Applicant's arguments filed on 11/04/ 2020 have been fully considered but they are not persuasive.
Applicant argues that Karasaridis fails to teach  “determining, based on a policy associated with the DNS request, whether the DNS request is to be surrogated, the policy defining which types of DNS request to be surrogated” features in claim 1, and similar features in claims 9 and 16. Examiner respectfully disagrees because the cited paragraph [0028] teaches the above claimed limitation. In paragraph [0028] of Karasaridis, a dynamic DNS forwarder (DDF) uses a forwarding rule in order to forward DNS request to appropriate regional DNS server. The regional DNS servers can be selected based on the requested domain name type. The forwarding rule determines a specific type of requested domain names should be forwarded (surrogated) to selected regional DNS servers. Therefore, the forwarding rule determines that the “surrogate” interpreted as forwarding DNS request for DNS resolution based on policy.

Examiner note: Examiner suggests claim amendments for types of DNS request that require DNS surrogating. For example, applicant’s specification paragraph [0064] discloses a DNS request must be surrogated when direct server return is required.

Claim Rejections - 35 USC § 103
	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

	The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

4.	Claims 1,3-9, 11-16, and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over Slocombe  (US  2003/0079027 hereinafter referred to as Slocombe), in view of Gardner (US 2011/0191455 hereinafter referred to as Gardner), further in view of Karasaridis (US 2012023153 hereinafter referred to as Karasaridis). 


5.	Regarding claim 1,
Slocombe teaches:
“A method implemented in a cloud network, the method comprising: receiving a Domain Name System (DNS) request” Slocombe [0038] and Fig. 4, teaches receiving a DNS request from client device).
 “the DNS request to a surrogate of a plurality of surrogates that resolves the DNS request by performing recursion to determine a result of the DNS resolution, wherein one or more of the plurality of surrogates comprise clients……..”(Slocombe [0038] and Fig. 3 and Fig. 4, teaches transmitting the DNS request to one of the plurality of distributed local DNS system associated with user device according to routing algorithm and shortest paths from plurality of paths. Slocombe further teaches the plurality of local DNS servers perform a recursion by requesting DNS resolution from the nearest authoritative DNS server located in the CDN. The plurality of local DNS system comprises plurality of end user devices using services form distributed content delivery network ([0026]).
Slocombe [0038], teaches resolving DNS request).
Slocombe does not teach:
“determining, based on a policy associated with the DNS request, whether the DNS request is to be surrogated, the policy defining which types of DNS request to be surrogated; relaying, responsive to the determination that the DNS request is to be surrogated” 
“and wherein the policy includes evaluation of status of the plurality of surrogates and location”
“…..receiving service from the cloud network”
“wherein the clients are user equipment associated with a user that is configured for use of the service provided by the cloud network and the clients are the surrogates performing the DNS resolution”
Karasaridis teaches:
 “determining, based on a policy associated with the DNS request, whether the DNS request is to be surrogated the policy defining which types of DNS request to be surrogated; relaying, responsive to the determination that the DNS request is to be surrogated” (Karasaridis [0028], teaches DNS request forwarding based on a forwarding rule. The forwarding is based on requested domain name type, and the forwarding rule determines the corresponding regional DNS for the requested domain name).  
 “and wherein the policy includes evaluation of status of the plurality of surrogates and location;” (Karasaridis [0028] [0038], the forwarding rule select the crossest regional DNS server from the plurality of regional DNS server. Inherently, the forwarding rule knows each regional DNS servers’ distances or location).
Both Slocombe and Karasaridis teaches domain name system (DNS), therefore, it would have been obvious to one with ordinary skill in the art before the effective filling date of the claimed invention to combine to modify Slocombe to include a forwarding rule for DNS system as disclosed by Karasaridis, such inclusion allows the system to select the closest DNS server for DNS request (Karasaridis [0028]). 
Slocombe and Karasaridis do not teach:
“…..receiving service from the cloud network”
“wherein the clients are user equipment associated with a user that is configured for use of the service provided by the cloud network and the clients are the surrogate performing the DNS resolution.
Gardner teaches:
“…..receiving service from the cloud network” “wherein the clients are user equipment associated with a user that is configured for use of the service provided by the cloud network” (Gardner Fig. 3, teaches plurality user device configured with cloud based DNS security service) and “the clients are the surrogate performing the DNS resolution” (Gardner [0028], teaches resolving a DNS query locally by the client device without sending the query over the network).
Slocombe, Karasaridis and Gardner teaches domain name system (DNS), therefore, it would have been obvious to one with ordinary skill in the art before the effective filling date of the claimed invention to modify Slocombe and Karasaridis to provide cloud based service for plurality of client devices in DNS system, and for providing DNS resolution by client devices as 

6.	Regarding claim 3, Slocombe, in view of Karasaridis, further in view of Gardner teaches all the limitations of claim 1.
Slocombe teaches:
“wherein the surrogate provides the result to the DNS request independent of a device receiving the DNS request” (Slocombe [0038], teaches providing the DNS resolution from the local DNS to the end user device).

7.	Regarding claim 4, Slocombe, in view of Karasaridis, further in view of Gardner teaches all the limitations of claim 1.
Karasaridis teaches:
“wherein the surrogate is determined based on the policy” (Karasaridis [0028], teaches a forwarding rule to determine to forward DNS request to one of plurality of regional DNS server).
 Slocombe, Gardner and Karasaridis teaches domain name system (DNS), therefore, it would have been obvious to one with ordinary skill in the art before the effective filling date of the claimed invention to combine to modify Slocombe to include a forwarding rule for DNS system as disclosed by Karasaridis, such inclusion allows the system to select the closest DNS server for DNS request (Karasaridis [0028]). 

, Slocombe, in view of Karasaridis, further in view of Gardner teaches all the limitations of claim 1.
Karasaridis teaches:
“wherein the surrogate is determined based on a location of a user device associated with the DNS request” (Karasaridis [0028] [0038], forwarding rule for DNS request to be forwarded to the closest regional DNS server. The forwarding rule includes location information of client device). 
 Slocombe, Gardner and Karasaridis teaches domain name system (DNS), therefore, it would have been obvious to one with ordinary skill in the art before the effective filling date of the claimed invention to combine to combine Karasaridis with Slocombe and Gardner to include a forwarding rule that includes client location information in DNS system as disclosed by Karasaridis, such inclusion allows the system to select the closest DNS server for DNS request (Karasaridis [0028]). 

9.	Regarding claim 6, Slocombe, in view of Karasaridis, further in view of Gardner teaches all the limitations of claim 1.
	Slocombe teaches:
“wherein the surrogate is configured to provide a request to an authoritative DNS server associated with a domain name of the DNS request” (Slocombe [0038], the local DNS provide request to the authoritative DNS server).

10.	Regarding claim 7, Slocombe, in view of Karasaridis, further in view of Gardner teaches all the limitations of claim 1.

“ wherein the result of the DNS resolution is based on a location or source Internet Protocol address of the surrogate instead of based on a DNS server performing the receiving “ (Slocombe Fig. 3, DNS resolution based the location).

11.	Regarding claim 8, Slocombe, in view of Karasaridis, further in view of Gardner teaches all the limitations of claim 1.
Gardner teaches:
“wherein the service from the cloud network comprises security monitoring” (Gardner Fig. 3, teaches plurality user device configured cloud based DNS security service).
Therefore, it would have been obvious to one with ordinary skill in the art before the effective filling date of the claimed invention to combine the teachings of Gardner, Slocombe and Karasaridis to provide cloud based service for plurality of client devices in DNS system in order to prevent DNS attack by implementing cloud based DNS security system for client devices (Fig.3).

12.	Regarding claim 9,
Slocombe teaches:
“A Domain Name Server (DNS) system in a cloud network, comprising: a network interface; a processor communicatively coupled to the network interface; memory storing instructions that, when executed, cause the processor to” (Slocombe Fig. 3 and claim 11). 
 “receive a DNS request “(Slocombe [0038] and Fig. 4, teaches receiving a DNS request from client device).
Slocombe [0038] and Fig. 3 and Fig. 4, teaches transmitting the DNS request to one of the plurality of distributed local DNS system associated with user device according to routing algorithm and shortest paths from plurality of paths. Slocombe further teaches the plurality of local DNS servers perform a recursion by requesting DNS resolution from the nearest authoritative DNS server located in the CDN. The plurality of local DNS system comprises plurality of end user devices using services form distributed content delivery network ([0026]).
“wherein, responsive to DNS resolution performed by the surrogate, the result of the DNS resolution is provided as a response to the DNS request” (Slocombe [0038], teaches resolving the DNS request).
Slocombe does not teach:
“determine, based on a policy associated with the DNS request, whether the DNS request is to be surrogated, the policy defining which types of DNS request to be surrogated, the policy defining which types of DNS request to be surrogated; and relay, responsive to the determination that the DNS request is to be surrogated” and “wherein the policy includes evaluation of status of the plurality of surrogates and location”
“….receiving service from the cloud network”
“wherein the clients are user equipment associated with a user that is configured for use of the service provided by the cloud network and the clients are the surrogates performing the DNS resolution”
Karasaridis teaches:
Karasaridis [0028], teaches DNS request forwarding based on a forwarding rule. The forwarding is based on requested domain name type, and the forwarding rule determines the corresponding regional DNS for the requested domain name).  
 “and wherein the policy includes evaluation of status of the plurality of surrogates and location;” (Karasaridis [0028] [0038], the forwarding rule select the crossest regional DNS server from the plurality of regional DNS server. Inherently, the forwarding rule knows each regional DNS servers’ distances or location).
Both Slocombe and Karasaridis teaches domain name system (DNS), therefore, it would have been obvious to one with ordinary skill in the art before the effective filling date of the claimed invention to combine to modify Slocombe to include a forwarding rule for DNS system as disclosed by Karasaridis, such inclusion allows the system to select the closest DNS server for DNS request (Karasaridis [0028]). 
Slocombe and Karasaridis do not teach:
“…..receiving service from the cloud network”
“wherein the clients are user equipment associated with a user that is configured for use of the service provided by the cloud network and the clients are the surrogate performing the DNS resolution”
Gardner teaches:
“…..receiving service from the cloud network” “wherein the clients are user equipment associated with a user that is configured for use of the service provided by the cloud network” (Gardner Fig. 3, teaches plurality user device configured with cloud based DNS security service) and “the clients are the surrogate performing the DNS resolution” (Gardner [0028], teaches resolving a DNS query locally by the client device without sending the query over the network).
Slocombe, Karasaridis and Gardner teaches domain name system (DNS), therefore, it would have been obvious to one with ordinary skill in the art before the effective filling date of the claimed invention to modify Slocombe and Karasaridis to provide cloud based service for plurality of client devices in DNS system, and for providing DNS resolution by client devices as disclosed by Gardner, such services prevents DNS attacks using cloud based DNS security system, and the local DNS resolution by client devices (Gardner [0028] and Fig. 3).

13.	Claims 11-15 are system claims to perform the methods in claims 3, 5-8. Therefore, claims 11-15 are rejected under the same rationale set forth above in claims 3, 5-8. 

14.	Regarding claim 16, 
Slocombe teaches:
“A user device configured to receive a service from a cloud network, comprising: a network interface; a processor communicatively coupled to the network interface; memory storing instructions that, when executed, cause the processor to” (Fig. 3).
“receive, responsive to a Domain Name Server (DNS) request received by the cloud network and” “a DNS surrogation request from the cloud network,” (-4-Attorney Docket No.: 5688CONPATENTSlocombe [0038] and Fig. 3 and Fig. 4, teaches transmitting the DNS request to one of the plurality of distributed local DNS system associated with user device according to routing algorithm and shortest paths from plurality of paths. Slocombe further teaches the plurality of local DNS servers perform a recursion by requesting DNS resolution from the nearest authoritative DNS server located in the CDN. The plurality of local DNS system comprises plurality of end user devices using services form distributed content delivery network ([0026]),
“perform a DNS resolution of the DNS request including recursion to determine a result of the DNS resolution; and provide a result of the DNS resolution as a response to the DNS request” (Slocombe [0038], teaches resolving DNS request).
Slocombe does not teach:
“communicate with the cloud network for the service provided by the cloud network”
“wherein the user device is user equipment associated with a user that is configured for use of the service and is further configured to act as a DNS surrogate for the cloud network in lieu of a DNS server receiving the DNS request”
“responsive to a determination, based on a policy associated with the DNS request, that the DNS request is to be surrogated, wherein the policy defines which types of DNS requests are to be surrogated and  includes evaluation of status of the surrogate and location”
Karasaridis teaches:
“responsive to a determination, based on a policy associated with the DNS request, that the DNS request is to be surrogated, wherein the policy defines which types of DNS requests are to be surrogated and includes evaluation of status of the surrogate and location” (Karasaridis [0028], teaches DNS request forwarding based on a forwarding rule. The forwarding is based on requested domain name type, and the forwarding rule determines the corresponding regional DNS for the requested domain name).
(Karasaridis [0028] [0038], the forwarding rule select the crossest regional DNS server from the plurality of regional DNS server. Inherently, the forwarding rule knows each regional DNS servers’ distances or location).
Both Slocombe and Karasaridis teaches domain name system (DNS), therefore, it would have been obvious to one with ordinary skill in the art before the effective filling date of the claimed invention to combine to modify Slocombe to include a forwarding rule for DNS system as disclosed by Karasaridis, such inclusion allows the system to select the closest DNS server for DNS request (Karasaridis [0028]). 
Slocombe and Karasaridis do not teach:
“communicate with the cloud network for the service provided by the cloud network” 
“wherein the user device is user equipment associated with a user that is configured for use of the service “and is further configured to act as a DNS surrogate for the cloud network in lieu of a DNS server receiving the DNS request”
Gardner teaches:
“communicate with the cloud network for the service provided by the cloud network” (Gardner Fig. 3).
“wherein the user device is user equipment associated with a user that is configured for use of the service” (Gardner Fig. 3, teaches plurality user device configured cloud based DNS security service).
 “and is further configured to act as a DNS surrogate for the cloud network in lieu of a DNS server receiving the DNS request” (Gardner [0028], teaches resolving a DNS query locally by the client device without sending the query over the network). A DNS server resolve a DNS request as known in the art. Therefore, when the client device resolve DNS request, inherently the client device is serving as DNS server).
Slocombe, Karasaridis and Gardner teaches domain name system (DNS), therefore, it would have been obvious to one with ordinary skill in the art before the effective filling date of the claimed invention to modify Slocombe and Karasaridis to provide cloud based service for plurality of client devices in DNS system, and for providing DNS resolution by client devices as disclosed by Gardner, such services prevents DNS attacks using cloud based DNS security system, and the local DNS resolution by client devices (Gardner [0028] and Fig. 3).

15.		Claims 18-20 are device claims to perform the methods in claims 3, 5 and 7. Therefore, claims 18-20 are rejected under the same rationale set forth above in claims 3, 5, and 7. 

Conclusion
8.	THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TESFU N MEKONEN whose telephone number is (571)270-0587.  The examiner can normally be reached on Monday - Friday, 8:00 AM to 4:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Umar Cheema can be reached on 5712703037.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.









/UMAR CHEEMA/Supervisory Patent Examiner, Art Unit 2454