DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Response to Amendments
This communication is in response to the amendments filed on 10 February 2021:
	Claims 1 and 4 are amended.
	Claims 1-5 are pending.



Response to Arguments
In response to Applicant’s remarks filed on 10 February 2021:
a.	Applicant’s arguments that none of the references suggest the newly amended claim limitation of “data transmission is purely physically possible only in one direction” has been fully considered but is deemed moot in view of the new grounds of rejection presented in this Office Action.



Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-3 are rejected under 35 U.S.C. 103 as being unpatentable over Johnson et al. (U.S. PGPub. 2016/0087933), hereinafter Johnson, in view of Shin et al. (U.S. PGPub. 2015/0195198), hereinafter Shin, in further view of Neuhaus et al. (U.S. PGPub. 2007/0026892), hereinafter Neuhaus. 

	Regarding claim 1, Johnson teaches A method of operating a network having an external network with a respective external network device and an internal network with a respective internal device, and a transmitter, the method comprising the steps of (Johnson, Paragraph [0188], see “The external HTTP server on the Internet sees requests originating from the forward proxy rather than the client”, where “external HTTP server” is being read as an external network device, due to the external HTTP server being on the Internet (external network)) (Johnson, Paragraph [0210], see “When a device (first computer, first server, etc.) on a private (e.g. internal, corporate, etc.) network sends an IPv4 packet to an external (e.g. public, routable, etc.) network, the NAT device (e.g. second device, second computer, second server, etc.) replaces the internal IP address in the source field of the packet header (i.e. the sender’s address) with the external IP address of the NAT device”, where “first computer, first :
	transmitting data via the transmitter only from the internal network to the external network (Johnson, Paragraph [0210], see “the NAT device (e.g. second device, second computer, second server, etc.) replaces the internal IP address in the source field of the packet header (i.e. the sender’s address) with the external IP address of the NAT device. Port Address Translation (PAT), which is one form of NAT, may then assign the connection a port number from a pool of available ports, inserting this port number in the source port field, and forwards the packet to the external network…NAT only translates IP addresses and ports of its internal hosts, hiding the true endpoint of an internal host on a private network”, where “NAT device” is being read as the transmitter, which only transmits data from the internal network (private) to the external network (Internet));
	
	transmitting data with the internal network device from the internal network with a first (Johnson, Paragraph [0210], see “When a device on a private network sends an IPv4 packet to an external network, the NAT device replaces the internal IP address in the source field of the packet header with the external IP address of the NAT device”, where the internal network device (device on a private network) transmits a first address (internal IP address in the source field of the packet header) to the transmitter (NAT device)); 
	converting with the transmitter the address first (Johnson, Paragraph [0210], see “When a device on a private network sends an IPv4 packet to an external network, the NAT device replaces the internal IP address in the source field of the packet header with the external IP address of the NAT device”, where “internal IP address” is being read as the first address and where “external IP address” is being read as the second address); and
	transmitting the data then transmitted with the address second (Johnson, Paragraph [0210], see “When a device on a private network sends an IPv4 packet to .
	Johnson does not teach the following limitation(s) as taught by Shin: transmitting data with the internal network device from the internal network with a first MAC address to the transmitter;
	converting with the transmitter the address first MAC address into a second MAC address; and
	transmitting the data then transmitted with the address second MAC address to the external network, the second MAC address being a destination address for the external network device.
	(Shin, Paragraph [0048], see “when sending a packet generated in a node of the internal network to the external network, the wireless bridge converts a MAC source address of the packet into the address of the wireless bridge…a node of the external network recognizes all MAC addresses of the internal network as the address of the wireless bridge”, where “MAC source address” is analogous to the first MAC address and where “converts a MAC source address of the packet into the address of the wireless bridge” is analogous to converting the first MAC address into a second MAC address).
	Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for the deployment and management of network connected devices, disclosed of Johnson, by implementing techniques for relaying packet transmission, comprising of transmitting data with the internal network device from the internal network with a first MAC address and converting the first MAC address into a second MAC address, disclosed of Shin. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for network with partly unidirectional data transmission, comprising of transmitting data with the internal network device from the internal network with a first MAC address and converting the first MAC address into a second MAC address. This allows for better security 
	Johnson as modified by Shin do not teach the following limitation(s) as taught by Neuhaus: blocking transmission of data from the external network to the internal network with a diode through which data transmission is purely physically possible only in one direction from the internal network to the external network.
	(Neuhaus, Abstract, see “a method for defining the signal direction in a data line between the interfaces of a SIM card and a GSM modem, without a control signal for the direction of data and without remote access…the transmission of the data signals is detected and as a result only one direction is permitted for the transmission, whilst detection in the opposite direction is simultaneously blocked”).
	Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for the deployment and management of network connected devices, disclosed of Johnson, and techniques for relaying packet transmission, comprising of transmitting data with the internal network device from the internal network with a first MAC address and converting the first MAC address into a second MAC address, disclosed of Shin, by implementing techniques for a circuit arrangement, comprising of blocking transmission of data from the external network to the internal network with a diode through which data transmission is purely physically possible only in one direction, disclosed of Neuhaus. 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for network with partly unidirectional data transmission, comprising of blocking transmission of data from the external network to the internal network with a diode. This allows for the implementation for a network with unidirectional data transmission, by implementing a diode that blocks the transmission of data from the external network to the internal network (Neuhaus, Abstract).

Regarding claim 2, Johnson as modified by Shin and further modified by Neuhaus teaches The method defined in claim 1, further comprising the steps of:
transmitting with the internal network device in the internal network a request for data to be transmitted to the transmitter (Johnson, Paragraph [0213], see “Types of NAT include: traditional NAT (or outbound NAT) with unidirectional sessions, outbound from the ; and then
transmitting with the transmitter the first MAC address to the internal network device (Johnson, Paragraph [0210], see “A packet coming from the external network is mapped to a corresponding internal IP address and port number from the translation table, replacing the external IP address and port number in the incoming packet header”, where the NAT device (transmitter), replaces the external IP address and port number of the incoming packet from the external network device with the internal IP address and port number (first address) of the internal network device, where the modified packet is then transmitted to the internal network device, and the header of the modified packet transmitted to the internal network device comprises the internal IP address (first address) which was replaced by the transmitter).

Regarding claim 3, Johnson as modified by Shin and further modified by Neuhaus teaches The method defined in claim 1, further comprising the steps of:
transmitting with the external network device the address of the external network device to the transmitter (Johnson, Paragraph [0210], see “The NAT device then makes an entry in a translation table containing the internal IP address, original source port, and the translated source port…A packet coming from the external network is mapped to a corresponding internal IP address and port number from the translation table, replacing the external IP address and port number in the incoming packet header”, where the packets coming from the external network device within the external network contain the external IP address (address of the external network device) and are transmitted to the transmitter (NAT device), where the NAT .


Claims 4-5 are rejected under 35 U.S.C. 103 as being unpatentable over Johnson, in view of Shin, in further view of Neuhaus, in further view of Borella et al. (U.S. Patent 7,028,335), hereinafter Borella. 

	Regarding claim 4, Johnson teaches In a network system having an external network with a respective external network device, an internal network with a respective internal network device (Johnson, Paragraph [0188], see “The external HTTP server on the Internet sees requests originating from the forward proxy rather than the client”, where “external HTTP server” is being read as an external network device, due to the external HTTP server being on the Internet (external network)) (Johnson, Paragraph [0210], see “When a device (first computer, first server, etc.) on a private (e.g. internal, corporate, etc.) network sends an IPv4 packet to an external (e.g. public, routable, etc.) network, the NAT device (e.g. second device, second computer, second server, etc.) replaces the internal IP address in the source field of the packet header (i.e. the sender’s address) with the external IP address of the NAT device”, where “first computer, first server, etc.” is being read as an internal network device, due to the first computer/server being on a private (internal) network and where “NAT device” is being read as a transmitter), (Johnson, Paragraph [0365], see “In FIG. 21, a network router 3Y-202 and a network router 3Y-204 may be connected to the Internet 3Y-205. Of course any type and number of networks may be used”, where a network router can be considered a NAT device (transmitter) and where “any type and number of networks may be used” is being read as the transmitters (both routers) being connected to the internal network) (Johnson, Paragraph [0401], see “cell phone C1 may be connected using a router R1 (e.g., a home router, etc.)…cell phone 
	the transmitter is set up such that
		
		
		the first MAC address if converted to a second MAC address (Johnson, Paragraph [0210], see “When a device on a private network sends an IPv4 packet to an external network, the NAT device replaces the internal IP address in the source field of the packet header with the external IP address of the NAT device”, where “internal IP address” is being read as the first address and where “external IP address” is being read as the second address), and
		
		
	Johnson does not teach the following limitation(s) as taught by Shin: data with a first MAC address of the internal network are received by the first router of the transmitter;
	the first MAC address if converted to a second MAC address, and
	the data is then transmitted with the second MAC address to the external network by the second router of the transmitter.
	(Shin, Paragraph [0048], see “when sending a packet generated in a node of the internal network to the external network, the wireless bridge converts a MAC source address of the packet into the address of the wireless bridge…a node of the external network recognizes all MAC addresses of the internal network as the address of the wireless bridge”, where “MAC source address” is analogous to the first MAC address and where “converts a MAC source address of the packet into the address of the wireless bridge” is analogous to converting the first MAC address into a second MAC address).

One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for network with partly unidirectional data transmission, comprising of transmitting data with the internal network device from the internal network with a first MAC address and converting the first MAC address into a second MAC address. This allows for better security management by setting up the communications to accept only specific MAC addresses in order to prevent strangers from accessing a network (Shin, Paragraph [0048]). 
	Johnson as modified by Shin do not teach the following limitation(s) as taught by Neuhaus: a data diode;
	data transmission is purely physically possible only in one direction from the internal network device to the external network device through the diode;
	the data diode blocks data from being transmitted between the routers from the external network to the internal network.
	(Neuhaus, Abstract, see “a method for defining the signal direction in a data line between the interfaces of a SIM card and a GSM modem, without a control signal for the direction of data and without remote access…the transmission of the data signals is detected and as a result only one direction is permitted for the transmission, whilst detection in the opposite direction is simultaneously blocked”) (Neuhaus, Paragraph [0057], see “The outputs of the first and the second signal data direction identification devices 121, 221 is connected via first and second respective diodes 128, 228 to the inverting input of the respective first and second integrated conditioning/blocking element 130, 240”).
	Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for the deployment and management of network connected devices, disclosed of Johnson, and techniques for relaying packet transmission, comprising of transmitting data with the internal network device from the internal network with a first MAC address and converting the first MAC address into a second MAC address, disclosed of Shin, by implementing techniques 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for network with partly unidirectional data transmission, comprising of blocking transmission of data from the external network to the internal network with a diode. This allows for the implementation for a network with unidirectional data transmission, by implementing a diode that blocks the transmission of data from the external network to the internal network (Neuhaus, Abstract).
	Johnson as modified by Shin and further modified by Neuhaus do not teach the following limitation(s) as taught by Borella: data with a first MAC address of the internal network are received by the first router of the transmitter, 
	the data is then transmitted with the second MAC address to the external network by the second router of the transmitter.
	(Borella, FIG. 26, see “SOHO LAN 12”, which is being read as an internal network with a first router (26), see “INTERNET/INTRANET 30”, which is being read as an external network connected to a second router (36), where data with a first address (internal IP address) are received from router (36) by router (26) and where data with a second address (external IP address) are transmitted to the external network by the second router (36), as depicted in FIG. 26) (Borella, Column 7, Lines 43 – 47, see “In NAT schemes known in the art, the router 26 translates an internal network address such as an internal network address used on the first computer network 12 to an external network address such as a network address for outgoing traffic to the second network 30 or the third network 32”, where “router 26” is being read as the first router, which receives data with a first address (internal network address) and transmits data to a second router (36) subsequent to translating the internal network address into an external network address, in which the second router (36) transmits the data received by the first router (26) to the external network, which correlates to the second address (external network address)).
	Therefore, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the techniques for the deployment and management of network connected devices, disclosed of Johnson, techniques disclosed of Shin, and techniques disclosed of Neuhaus, by implementing techniques for controlling attacks on distributed network address translation enabled 
One of ordinary skill in the art would have been motivated to make this modification in order to implement techniques for network with partly unidirectional data transmission, comprising of the transmitter being set up such that data with a first address of the internal network are received by the first router of the transmitter and data with a second address are transmitted to the external network by the second router of the transmitter. This allows for a more conventional method of implementing techniques for partly unidirectional data transmission for networks by making the transmitter an intermediary device that is placed between the internal and external networks, which use different routers depending on which address is indicated in the data. Having a single transmitter in which two different routers are built within the single transmitter allows for a more conventional method for unidirectional data transmission by configuring the transmitter to work in that manner (Borella, FIG. 26 and Column 7, Lines 43 – 47). 

Regarding claim 5, Johnson as modified by Shin and further modified by Neuhaus and Borella teaches The system defined in claim 4, wherein the two routers are integrated in one device (Johnson, Paragraph [0402], see “Of course R1 and R2 may be the same router. Of course any number of devices (e.g., D1, D2) may be mapped”, where “R1 and R2” are being read as the two routers, where both the routers (e.g. R1 and R2) may be the same router (i.e., integrated in one device)).


Conclusion
Applicant’s amendment necessitated the new ground(s) of rejection presented in this Office Action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 
	A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to RODMAN ALEXANDER MAHMOUDI whose telephone number is (571)272-8747.  The examiner can normally be reached on M-F 11:00am – 7:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on (571) 272-6798.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/RODMAN ALEXANDER MAHMOUDI/Examiner, Art Unit 2433                                                                                                                                                                                                        
/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433