Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION

Status of Claims
Claims 26-45 are subject to examination.  
Claims 1-25 are cancelled.  
 
Applicant’s remarks, 10/14/20, page 10 contains, “Provisional Double Patenting Rejection Claims 26-45 were provisionally rejected on the ground of non-statutory obviousness-type double patenting as unpatentable over claims of the '156 patent.” Applicant’s remarks/response dated 10/14/20 was improper. The Double Patenting Rejections are not provisional as stated by the Applicant in the remarks dated 10/14/20. 
In response to the final office action dated 12/28/20, Applicant later presented remarks, 12/1/21, containing arguments regarding the Double patenting rejection at page 4. The double patenting rejection is updated in the office action, therefore, the finality of that action is withdrawn.




Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.  A nonstatutory double patenting rejection is appropriate where the claims at issue are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO internet Web site contains terminal disclaimer forms which may be used.  Please visit http://www.uspto.gov/forms/.  The filing date of the application will determine what form should be used.  A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission.  For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.  
Claims 26-45 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-22 of U.S. Patent No. 10462156. Although the claims at issue are not the claims of this application are obvious over the claims of the U.S. Patent No. 10462156. The patent claimed subject matter do not mention about, which is well-known in the art, which Kumar discloses, wherein the action is identifying malware (usage of network flow remediation system, malware analyzers and reputation service; to perform action based on the reputation of the data of the flow, para 199, to perform action(s) including quarantine, para 218). Oliver discloses the data visa includes identity information, para 104, please see annotated para 104 below in this office action. Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to include above limitations to the claimed subject matter of the Patent and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known action to identify malware. Upon identifying the malware one of ordinary skilled in the art would readily know that the malware needs to be isolated/removed/quarantine so that the malware would not hard the system. Based on the reputation of the data the malware would be identified and the system security would be maintained, para 218, 199.

Claim 26 of this application
Claim 1 of U.S. Patent No. 10462156
26.  At least one computer-readable medium encoded with instructions that, when executed by at least one processor, cause the at least one processor to perform a method comprising: 
receiving data in a data flow; extracting a data visa from the data flow, wherein the data visa includes reputation determination information, and the data visa includes control information, identity information, provenance information, context based trust network information, or environmental data information; and determining a reputation of the data from the reputation determination information in the data visa.
1.  At least one computer-readable medium comprising one or more 
instructions that, when executed by at least one processor, perform a method 
comprising: 

receiving data in a data flow;  extracting a data visa from the 
data flow, wherein the data visa travels with the data through the data flow 
and includes reputation determination information from at least one previous 
hop network element in the data flow;  bypassing a security filter based on the 
reputation determination information;  determining a reputation of the data 

reputation of the data is determined from meta data included in the data visa, 
and the meta data includes a title or role of a user, a geo-location of the 
user, or a historic data use profile of the user;  storing the reputation of 
the data in the data visa;  and communicating the data visa and the data to a 
next network element in the data flow. 


Claims 33 and 40 are independent claims that have similar limitation of claim 26. Claims 27-32, 34-39, 41-45 are dependent claims, which are similar to the dependent claims of the Patent.
Accordingly claims 26-45 of this application are anticipated by the claims 2-22 of the U.S. Patent No. 10462156. 
“A later patent claim is not patentably distinct from an earlier patent claim if the later claim is obvious over, or anticipated by, the earlier claim”. 
In re Longi, 759 F.2d at 896, 225 USPQ at 651 (affirming a holding of obviousness-type double patenting because the claims at issue were obvious over claims in four prior art patents); In re Bern, 140 F.3d at 1437, 46 USPQ2d at 1233 (Fed. Cir. 1998) (affirming a holding of obviousness-type double patenting where a patent application claim to a genus is anticipated by a patent claim to a species within that genus). '' ELI LILLY AND COMPANY v BARR LABORATORIES, INC., United States Court of Appeals for the Federal Circuit, ON PETITION FOR REHEARING EN BANC (DECIDED: May 30, 2001).




Claim Limitation Interpreted under 35 U.S.C. 112(f) or 
pre-AIA  35 USC § 112, Sixth Paragraph

Claim 33 limitations “data reputation module to” has/have been interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because it uses/they use a generic placeholder “module” coupled with functional language “cause” without reciting sufficient structure to achieve the function.  Furthermore, the generic placeholder is not preceded by a structural modifier.  
Since the claim limitation(s) invokes 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, claim(s) 33 has/have been interpreted to cover the corresponding structure described in the specification that achieves the claimed function, and equivalents thereof.  
A review of the specification shows that the following appears to be the corresponding structure described in the specification 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph limitation: figures 1 and 2, para 29 and its description in the specification the hardware structure of the communication system for the data reputation module.
Applicant’s remarks 10/14/20 is acknowledged, which doesn’t contain any concern for the above interpretations under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.




 
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claim(s) 26-28, 31, 33-35, 38, 40-42, 45 is/are rejected under 35 U.S.C. 103 as being unpatentable over Davie et al., 2006/0089988 in view of Oliver et al., 2005/0052998 and Kumar et al., 2013/0298244.
Referring to claim(s) 26, Davie discloses non-transitory computer-readable medium encoded with instructions that, when executed by processor, cause the processor to perform a method comprising: receiving data in a data flow; extracting a data visa from the data flow, and the data visa includes identity information

    PNG
    media_image1.png
    562
    1076
    media_image1.png
    Greyscale

[0068] Each intermediate node 200 in network 100 maintains information associated with reservations for data flows processed by the node 200 in the node's reservation data structure 800.  FIG. 8 is an illustration of a reservation data structure 800 that may be advantageously used with the present invention.  Data structure 800 is illustratively represented as a table comprising one or more entries 810 wherein each entry 810 is associated with a data flow and contains information related to the data flow including a reservation ID field 830, a sender address field 840, a sender port field 850, a receiver address field 860, a receiver port field 870, a resource allocation field 880 and a GID set field 890.  It should be noted that entry 810 may contain other fields, such as a previous hop field that holds an address of a previous hop in the path traversed by the data flow or a valid field that indicates whether the entry 810 contains valid information.  Further, data structure 800 may be organized as a series of tables that may include, for example, a session table that holds information (e.g., state) about RSVP sessions, a sender table that holds information about senders and a reservation table that holds information about RSVP reservations processed by the intermediate node 200.
[0079] At Step 1080, the reservation data structure entry 810 associated with the new data flow is updated to reflect the resources (if any) allocated to the new data flow.  In addition, illustratively, the receiver address 565 and port 567 contained in the Resv message 500 are used to update the contents of the new data flow's receiver address 860 and receiver port 870 fields, respectively.  At Step 1085, the reservation request message is forwarded to the next upstream node.  

    PNG
    media_image2.png
    473
    747
    media_image2.png
    Greyscale

Davie does not specifically mention about, which is well-known in the art, which Oliver discloses, reputation determination information, and determining a reputation of the data from the reputation determination information in the data visa, performing an action based on the determined reputation of the data from the data visa,
[0104] Referring to FIG. 8 herein, there is illustrated schematically a message format for sending a reputation data message between computer entities within the network.  The message comprises a source node identifier field 800 for identifying a computer entity generating the message; a target node identifier 801 identifying a computer node in the network which is subject of the message, and to which the reputation data applies; a plurality of reputation data type fields 803, 805, 807 each defining a type of reputation data which attaches to the target identified; and a plurality of reputation data value fields 804, 806, 808 respectively, each value field giving a value for a particular reputation data type which applies to the target node subject of the message. [0105] Reputation data messages may be transferred asynchronously between different computer nodes within the network, so that an individual computer node can build up a picture of a reputation data of other individual computer nodes in the network, without directly collecting reputation for each and every node within the network in order to gain an appreciation of the performance of those other individual nodes.  [0106] Once a particular computer entity has determined that a target node in the network has a poor performance parameter, that is it has a poor reputation, then it communicates that information to other peer computers within the network, of which it is aware, so that the reputation data, or changes in reputation data, concerning that selected target node propagates through the network to other peer computers within the network.  Typically, the other peer computers within the network may not have a prior knowledge, i.e. a prior stored data, concerning the reputation of the target node, and so effectively, a reputation message sent from the computer entity concerning the target node to the other peer nodes in the network comprises a reputation service provided by the local computer entity to the other peer perform an automated reputation service in which individual nodes of the network are monitored, and any significant changes in reputation of a node may propagate by way of reputation data messages throughout the network to other computer entities in the network. 


    PNG
    media_image3.png
    613
    763
    media_image3.png
    Greyscale


    PNG
    media_image4.png
    553
    891
    media_image4.png
    Greyscale


Davie and Oliver do not specifically mention about, which is well-known in the art, which Kumar discloses, wherein the action is identifying malware (usage of network flow remediation system, malware analyzers and reputation service; to perform action based on the reputation of the data of the flow, para 199, to perform action(s) including quarantine, para 218). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known action to identify malware. Upon identifying the malware one of ordinary skilled in the art would readily know that the malware needs to be isolated/removed/quarantine so that the malware would not hard the system. Based on the reputation of the data the malware would be identified and the system security would be maintained, para 218, 199.
 
Referring to claim 27, Davie discloses updating the data visa and communicating the updated data visa and the data to a next network element in the data flow (updated structure is sent to next hop in the data flow, para 68, 79).

Referring to claim 28, Davie discloses the action is removing the data from the data flow (updated structure is sent to next hop in the data flow, updating includes removing the data based on the determination, para 68, 79), reputation of the data (Oliver, para 104).

Referring to claim 31, Davie discloses wherein the identity information indicates information about a user or device that originated the data (address field of the device, para 68).

Referring to claim(s) 33, 40, Davie discloses an apparatus/method for: receiving data in a data flow; extracting a data visa from the data flow, and the data visa includes identity information

    PNG
    media_image1.png
    562
    1076
    media_image1.png
    Greyscale

[0068] Each intermediate node 200 in network 100 maintains information associated with reservations for data flows processed by the node 200 in the node's reservation data structure 800.  FIG. 8 is an illustration of a reservation data structure 800 that may be advantageously used with the present invention.  Data structure 800 is illustratively represented as a table comprising one or more entries 810 wherein each entry 810 is associated with a data flow and contains information related to the data flow including a reservation ID field 830, a sender address field 840, a sender port field 850, a receiver address field 860, a receiver port field 870, a resource allocation field 880 and a GID set field 890.  It should be noted that entry 810 may contain other fields, such as a previous hop field that holds an address of a previous hop in the path traversed by the data flow or a valid field that indicates whether the entry 810 contains valid information.  Further, data structure 800 may be organized as a series of tables that may include, for example, a session table that holds information (e.g., state) about RSVP 
[0079] At Step 1080, the reservation data structure entry 810 associated with the new data flow is updated to reflect the resources (if any) allocated to the new data flow.  In addition, illustratively, the receiver address 565 and port 567 contained in the Resv message 500 are used to update the contents of the new data flow's receiver address 860 and receiver port 870 fields, respectively.  At Step 1085, the reservation request message is forwarded to the next upstream node.  

    PNG
    media_image2.png
    473
    747
    media_image2.png
    Greyscale

Davie does not specifically mention about, which is well-known in the art, which Oliver discloses, reputation determination information, and determining a reputation of the data from the reputation determination information in the data visa,
[0104] Referring to FIG. 8 herein, there is illustrated schematically a message format for sending a reputation data message between computer entities within the network.  The message comprises a source node identifier field 800 for identifying a computer entity generating the message; a target node identifier 801 identifying a computer node in the network which is subject of the message, and to which the reputation data applies; a plurality of reputation data type fields 803, 805, 807 each defining a type of reputation data which attaches to the target identified; and a plurality of reputation data value fields 804, 806, 808 respectively, each value field giving a value for a particular reputation data type which applies to the target node subject of the message. [0105] Reputation data messages may be transferred asynchronously between different computer nodes within the network, so that an individual computer node can build up a picture of a reputation data of other individual computer nodes in the network, without directly collecting reputation for each and every node within the network in order to gain an appreciation of the performance of those other individual nodes.  [0106] Once a particular computer entity has determined that a target node in the network has a poor performance parameter, that is it has a poor reputation, then it communicates that information to other peer computers within the network, of which it is aware, so that the reputation data, or changes in reputation data, concerning that selected target node propagates through the network to other peer computers within the network.  Typically, the other peer computers within the network may not have a prior knowledge, i.e. a prior stored data, concerning the reputation of the target node, and so effectively, a reputation message sent from the computer entity concerning the target node to the other peer nodes in the network comprises a reputation service provided by the local computer entity to the other peer computers in the network.  [0112] Reputation data collected from a plurality of human users of a peer to peer network is accumulated at individual nodes within the network, and is used to perform an automated reputation service in which individual nodes of the network are monitored, and any significant changes in reputation of a node may propagate by way of reputation data messages throughout the network to other computer entities in the network. 


    PNG
    media_image3.png
    613
    763
    media_image3.png
    Greyscale

    PNG
    media_image4.png
    553
    891
    media_image4.png
    Greyscale


Davie and Oliver do not specifically mention about, which is well-known in the art, which Kumar discloses, wherein the action is identifying malware (usage of network flow remediation system, malware analyzers and reputation service; to perform action based on the reputation of the data of the flow, para 199, to perform action(s) including quarantine, para 218). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known action to identify malware. Upon identifying the malware one of ordinary skilled in the art would readily know that the malware needs to be isolated/removed/quarantine so that the malware would not hard the system. Based on the reputation of the data the malware would be identified and the system security would be maintained, para 218, 199.
 
Referring to claim 34, 41, Davie discloses updating the data visa and communicating the updated data visa and the data to a next network element in the data flow (updated structure is sent to next hop in the data flow, para 68, 79).

Referring to claim 35, 42, Davie discloses removing the data from the data flow based on the determined information from the data visa (updated structure is sent to next hop in the data flow, updating includes removing the data, para 68, 79), reputation of the data (Oliver, para 104).

Referring to claim 38, 45, Davie discloses wherein the identity information indicates information about a user or device that originated the data (address field of the device, para 68).

Claim(s) 29, 36, 43, is/are rejected under 35 U.S.C. 103 as being unpatentable over Davie in view of Oliver, Kumar and Daoud et al., 2012/0124057.
Referring to claim(s) 36, 43, Davie, Kumar and Oliver do not disclose, which is well-known in the art, which Daoud discloses wherein the reputation of the data is determined from meta data included in the data visa and the meta data includes a title or role of a user, a geo-location of the user, or a historic data use profile of the user (a reputation value for the user is generated/determined from the collected data, abstract, the metadata including reputation information, user location, user history, para 29, 32, retrieve user reputational data, 404, determine based on the user reputational data, 406, figure 4, usage of networks such as client/server or peer-to-peer or distributed network architectures, para 12).
Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known meta data and user information. The meta data would provide association between the information related to reputation and the user information. The user information/profile would be available for determining the conditions associated with the information related to reputation for processing the reputation information, para 29, 32.  

Referring to claim(s) 29, Davie, Kumar and Oliver do not disclose, which is well-known in the art, which Daoud discloses wherein the reputation of the data is determined from meta data included in the data visa and the meta data includes a title or role of a user, a geo-location of the user, or a historic data use profile of the user (a reputation value for the user is generated/determined from the collected data, abstract, the metadata including reputation information, user location, user history, para 29, 32, retrieve user reputational data, 404, determine based on the user reputational data, 406, figure 4, usage of networks such as client/server or peer-to-peer or distributed network architectures, para 12).
Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known meta data and user information. The meta data would provide association between the information related to reputation and the user information. The user information/profile would be available for determining the conditions associated with the information related to reputation for processing the reputation information, para 29, 32.  

Claim(s) 30, 37, 44, is/are rejected under 35 U.S.C. 103 as being unpatentable over in view of Oliver, Kumar and Huang 20100057895.
Referring to claim(s) 30, Davie, Kumar and Oliver do not disclose, which is well-known in the art, which Daoud discloses wherein the reputation of the data is determined based on an Internet protocol (IP) address of a source of the data or a country of origin for a server on a communication path (IP address of the device for the reputation information transmitted via server on the communication path of the data (para 12, 9, 55). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known IP address of the source etc., The IP address of the source 

Referring to claim(s) 37, 44, Davie, Kumar and Oliver do not disclose, which is well-known in the art, which Daoud discloses wherein the reputation of the data is determined based on an Internet protocol (IP) address of a source of the data or a country of origin for a server on a communication path (IP address of the device for the reputation information transmitted via server on the communication path, para 12, 9, 55). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known IP address of the source etc., The IP address of the source etc would provide association between the information related to reputation and the IP address. The IP address would be available for determining the conditions associated with the device, which sent the data over the path for processing the reputation information, para 12, 9.  

Claim(s) 32, 39, is/are rejected under 35 U.S.C. 103 as being unpatentable over Davie in view of Kumar, Oliver and Sargent et al., 20100115040.
Referring to claim(s) 32, Davie and Oliver do not disclose, which is well-known in the art, which Sargent discloses passport information, context information, or forensic information (context-specific reputation data, para 28). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known reputation data related information. The reputation data related information would provide association between the information related to reputation and the 

Referring to claim(s) 39, Davie, Kumar and Oliver do not disclose, which is well-known in the art, which Sargent discloses passport information, context information, or forensic information (context-specific reputation data, para 28). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known reputation data related information. The reputation data related information would provide association between the information related to reputation and the reputation data. The information related to reputation such as context information would be available for determining the conditions associated with the device, for processing the reputation data, para 28.  

Claim(s) 32, 39, is/are rejected under 35 U.S.C. 103 as being unpatentable over Davie in view of Kumar, Oliver and Flake et al., 20080005223.
Referring to claim(s) 32, Davie and Oliver do not disclose, which is well-known in the art, which Sargent discloses passport information, context information, or forensic information (reputation data associated with context, content and properties/attributes, para 52). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known reputation data related information. The reputation data related information would provide association between the information related to reputation and the reputation data. The information related to reputation 

Referring to claim(s) 39, Davie, Kumar and Oliver do not disclose, which is well-known in the art, which Sargent discloses passport information, context information, or forensic information (reputation data associated with context, content and properties/attributes, para 52). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known reputation data related information. The reputation data related information would provide association between the information related to reputation and the reputation data. The information related to reputation such as context information would be available for determining the conditions associated with the device, for processing the reputation data, para 52.  


Response to Arguments
Applicant's arguments filed 3/1/21, pages 8-15 have been fully considered, and accordingly the rejections are updated.  Therefore, rejection of claims 26-45 is maintained. 
Regarding applicant’s concern for the double patenting rejections, please see above updated double patenting rejections.

Regarding applicant’s concern for the amended claim 26, 
Davie concerns a "reservation of] resources for a new data flow between a sender and a receiver in a data network using a path message containing GID [group Davie, para. [0071], In the Davie reservation, "reservation data structure entry 810 associated with the new data flow is updated to reflect the resources (if any) allocated to the new data flow." Id., para. [0079], Then, in Davie, "the reservation request message is forwarded to the next upstream node." Id.; the examiner respectfully disagrees. It is paragraph 68 that is cited in the office action, and not paragraph 71.

Davie discloses computer-readable medium encoded with instructions that, when executed by processor, cause the processor to perform a method comprising: receiving data in a data flow; extracting a data visa from the data flow, and the data visa includes identity information

    PNG
    media_image1.png
    562
    1076
    media_image1.png
    Greyscale

[0068] Each intermediate node 200 in network 100 maintains information associated with reservations for data flows processed by the node 200 in the node's reservation data structure 800.  FIG. 8 is an illustration of a reservation data structure 800 that may be advantageously used with the present invention.  Data structure 800 is illustratively represented as a table comprising one or more entries 810 wherein each entry 810 is associated with a data flow and contains information related to the data flow including a reservation ID field 830, a sender address field 840, a sender port field 850, a receiver address field 860, a receiver port field 870, a resource allocation field 880 and a GID set field 890.  It should be noted that entry 810 may contain other fields, such as a previous hop field that holds an address of a previous hop in the path traversed by the data flow or a valid field that indicates whether the entry 810 contains valid information.  Further, data structure 800 may be organized as a series of tables that may include, for example, a session table that holds information (e.g., state) about RSVP sessions, a sender table that holds information about senders and a reservation table that holds information about RSVP reservations processed by the intermediate node 200.
[0079] At Step 1080, the reservation data structure entry 810 associated with the new data flow is updated to reflect the resources (if any) allocated to the new data flow.  In addition, illustratively, the receiver address 565 and port 567 contained in the Resv message 500 are used to update the contents of the new data flow's receiver address 860 and receiver port 870 fields, respectively.  At Step 1085, the reservation request message is forwarded to the next upstream node.  

    PNG
    media_image2.png
    473
    747
    media_image2.png
    Greyscale

Davie does not specifically mention about, which is well-known in the art, which Oliver discloses, reputation determination information, and determining a reputation of the data from the reputation determination information in the data visa, performing an action based on the determined reputation of the data from the data visa,
[0104] Referring to FIG. 8 herein, there is illustrated schematically a message format for sending a reputation data message between computer entities within the network.  The message comprises a source node identifier field 800 for identifying a computer entity generating the message; a target node identifier 801 identifying a computer node in the network which is subject of the message, and to which the reputation data applies; a plurality of reputation data type fields 803, 805, 807 each defining a type of reputation data which attaches to the target identified; and a plurality of reputation data value fields 804, 806, 808 respectively, each value field giving a value for a particular reputation data type which build up a picture of a reputation data of other individual computer nodes in the network, without directly collecting reputation for each and every node within the network in order to gain an appreciation of the performance of those other individual nodes.  [0106] Once a particular computer entity has determined that a target node in the network has a poor performance parameter, that is it has a poor reputation, then it communicates that information to other peer computers within the network, of which it is aware, so that the reputation data, or changes in reputation data, concerning that selected target node propagates through the network to other peer computers within the network.  Typically, the other peer computers within the network may not have a prior knowledge, i.e. a prior stored data, concerning the reputation of the target node, and so effectively, a reputation message sent from the computer entity concerning the target node to the other peer nodes in the network comprises a reputation service provided by the local computer entity to the other peer computers in the network.  [0112] Reputation data collected from a plurality of human users of a peer to peer network is accumulated at individual nodes within the network, and is used to perform an automated reputation service in which individual nodes of the network are monitored, and any significant changes in reputation of a node may propagate by way of reputation data messages throughout the network to other computer entities in the network. 



    PNG
    media_image4.png
    553
    891
    media_image4.png
    Greyscale

Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide 
Davie and Oliver do not specifically mention about, which is well-known in the art, which Kumar discloses, wherein the action is identifying malware (usage of network flow remediation system, malware analyzers and reputation service; to perform action based on the reputation of the data of the flow, para 199, to perform action(s) including quarantine, para 218). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known action to identify malware. Upon identifying the malware one of ordinary skilled in the art would readily know that the malware needs to be isolated/removed/quarantine so that the malware would not hard the system. Based on the reputation of the data the malware would be identified and the system security would be maintained, para 218, 199.

Applicant stated, “The MPEP specifies at § 706.07(a) the conditions under which the finality of a second or subsequent Office Action is improper. Specifically, the MPEP provides that “a second or any subsequent action on the merits ... will not be made final if it includes a rejection, on newly cited art,... of any claim not amended by applicant... in spite of the fact that other claims may have been amended to require newly cited art.” MPEP § 706.07(a).”; but failed to consider that as per the prosecution of this application, office action dated 7/14/2020, contained rejections under 35 U.S.C. 103 as being unpatentable over Davie et aI. 2006/0089988 in view of Oliver et a I., 2005/0052998. The Davie and 

As per the prosecution of this application, applicant presented claims dated 10/14/2020, performing an action, based on the determined reputation of the data from the data visa, wherein the action is removing the data from the data flow, identifying malware, blocking the data, allowing the data, or bypassing a security filter, for which Kumar reference was cited in the following office action. The Kumar reference was available to the applicant regarding the rejected limitations under Kumar when the office action dated 7/14/2020 was available.
As per the prosecution history, typo error(s) has been addressed during the prosecution. 
No new prior art was cited unless applicant presented new or amended claims.
Applicant had presented claims dated 10/29/19, with identical claimed limitations: 26-32 (medium claims), 33-39 (apparatus claims), 40-45 (method claims), which were all rejected in the office action dated 10/14/20. As per prosecution history the non-final office action contains rejections of each and every limitations that was contained in each and every claim.

    PNG
    media_image5.png
    730
    618
    media_image5.png
    Greyscale

    PNG
    media_image6.png
    765
    578
    media_image6.png
    Greyscale

    PNG
    media_image7.png
    157
    581
    media_image7.png
    Greyscale

	
Applicant is reminded that claims dated 3/1/21 also contains, identical claimed limitations: claims 26-32 (medium claims), versus claims 33-39 (apparatus claims), versus claims 40-45 (method claims), which are all rejected in this office action. This office action also contains rejections of each and every limitations that was contained in each and every claim. For the amended limitations, Kumar discloses, wherein the action is identifying malware (usage of network flow remediation system, malware analyzers and reputation service; to perform action based on the reputation of the data of the flow, para 199, to perform action(s) including quarantine, para 218).
As per claims 33-39, please refer rejections of claims 26-32, respectively. Claims 40-45 are also rejected based on the same rationale as the rejection of claims 33-39, respectively.
As per claims 40-45, please refer rejections of claims 26-32, respectively. Claims 40-45 are also rejected based on the same rationale as the rejection of claims 33-39, respectively.
Hence, Applicant is requested to rely on the rejections of the claims 33-39, rather typo error, if any, from claims 33-39, 40-45. Also, the applicant is requested to immediately contact for any such clarification, rather extended prosecution (the non-final office action was dated 7/14/20). 
Claims examined in this office action:
26. At least one non-transitory, computer-readable medium encoded with instructions that, when executed by at least one processor, cause 
receiving data in a data flow;
extracting a data visa from the data flow, wherein the data visa includes reputation determination information, and the data visa includes control information, identity information, provenance information, context based trust network information, or environmental data information;
determining a reputation of the data from the reputation determination information in the data visa; and
performing an action, based on the determined reputation of the data from the data visa, wherein the action is removing the data from the data flow, identifying malware, blocking the data, allowing the data, or bypassing a security filter.


27.    (Previously Presented) The at least one computer-readable medium of Claim 26, the method further comprising:
updating the data visa; and
communicating the updated data visa and the data to a next network element in the data flow.
28.    (Previously Presented) The at least one computer-readable medium of Claim 26, wherein the action is 
29.    (Previously Presented) The at least one computer-readable medium of Claim 26, wherein the reputation of the data is determined from meta data included in the data visa, and the meta data includes a title or role of a user, a geo-location of the user, or a historic data use profile of the user.
30.  The at least one computer-readable medium of Claim 26, wherein the reputation of the data is determined based on an Internet protocol (IP) address of a source of the data or a country of origin for a server on a communication path of the data.
31.    (Previously Presented) The at least one computer-readable medium of Claim 26, wherein the control information indicates an action to be performed if an event or transaction occurs, the identity information indicates information about a user or device that originated the data, the provenance information indicates whether the data originated from a trusted network element, the context based trust network information indicates a reputation of a network used to communicate the data, and the environmental data information indicates whether the data originated on a server or indicates an operating system used to originate the data.
32.    (Previously Presented) The at least one computer-readable medium of Claim 26, wherein the data visa further includes passport information, context information, or forensic information.
 a hardware processor that executes the instructions; and a hardware processor 
to receive data in a data flow;
extract a data visa from the data flow, wherein the data visa includes reputation determination information, and the data visa includes control information, identity information, provenance information, context based trust network information, or environmental data information; 
determine a reputation of the data from the reputation determination
information in the data visa; and
perform an action, based on the determined reputation of the data from the data visa, wherein the action is removing the data from the data flow, identifying malware.
blocking the data, allowing the data, or bypassing a security filter.

34.    (Currently Amended) The apparatus of Claim 33, wherein the data reputation module causes the hardware processor to update the data visa, and to communicate the updated data visa and the data to a next network element in the data flow.
35.    (Currently Amended) The apparatus of Claim 33, wherein the data reputation module causes the hardware processor to remove the data from the data flow based on the determined 
36.    (Previously Presented) The apparatus of Claim 33, wherein the reputation of the data is determined from meta data included in the data visa, and the meta data includes a title or role of a user, a geo-location of the user, or a historic data use profile of the user.
37.    (Currently Amended) The apparatus of Claim 33, wherein the reputation of the data is determined based on an Internet protocol (IP) address of a source of the data or a country of origin for a server on a communication path of the data.
38.    (Previously Presented) The apparatus of Claim 33, wherein the control information indicates an action to be performed if an event or transaction occurs, the identity information indicates information about a user or device that originated the data, the provenance information indicates whether the data originated from a trusted network element, the context based trust network information indicates a reputation of a network used to communicate the data, and the environmental data information indicates whether the data originated on a server or indicates an operating system used to originate the data.
39.    (Previously Presented) The apparatus of Claim 33, wherein the data visa further includes passport information, context information, or forensic information.




receiving data in a data flow; extracting a data visa from the data flow, wherein the data visa includes reputation determination information, and the data visa includes control information, identity information, provenance information, context based trust network information, or environmental data information; 
determining a reputation of the data from the reputation determination information in the data visa; and
performing an action, based on the determined reputation of the data from the data
visa, wherein the action is removing the data from the data flow, identifying malware.
blocking the data, allowing the data, or bypassing a security filter.

41.    (Previously Presented) The method of Claim 40, further comprising: updating the data visa; and
communicating the updated data visa and the data to a next network element in the data flow.
42.    (Previously Presented) The method of Claim 40, further comprising:\removing the data from the data flow based on the determined 
43.    (Previously Presented) The method of Claim 40, wherein the reputation of the data is determined from meta data included in the data visa, and the meta data includes a title or role of a user, a geo-location of the user, or a historic data use profile of the user.
44.    (Currently Amended) The method of Claim 40, wherein the reputation of the data is determined based on an Internet protocol (IP) address of a source of the data or a country of origin for a server on a communication path of the data.
45.    (Previously Presented) The method of Claim 40, wherein the control information indicates an action to be performed if an event or transaction occurs, the identity information indicates information about a user or device that originated the data, the provenance information indicates whether the data originated from a trusted network element, the context based trust network information indicates a reputation of a network used to communicate the data, and the environmental data information indicates whether the data originated on a server or indicates an operating system used to originate the data.



Since, the prior arts, Davie, Oliver and Kumar references were applicable to the rejections for the respective relied upon limitations as per the prosecution history, and still are applicable to the rejections, for the same relied upon limitations (multiple times); hence, the applicant may immediately file appeal to the Board of Patent Appeals and Interferences.
Applicant states, All of Applicant's amendments have only been done to advance prosecution in this case. However, contrarily, as per the prosecution history, in response to the rejections of the claim limitations of the claims 26, 33, 40 in view of Davie and Oliver; the claim limitations had been narrowed by the Applicant with additional limitations, which Kumar discloses, wherein the action is identifying malware (usage of network flow remediation system, malware analyzers and reputation service; to perform action based on the reputation of the data of the flow, para 199, to perform action(s) including quarantine, para 218).









Conclusion
             Applicant is reminded for compact prosecution, rather extended prosecution.	              
	             As the prosecution history, the prior arts, Davie, Oliver and Kumar references were applicable to the rejections for the respective relied upon limitations (throughout the prosecution history); and still are applicable to the rejections for the same relied upon limitations. 
              Mere arguments will not overcome the rejections.
MPEP 1201 states: Where the differences of opinion concern the denial of patent claims because of prior art or other patentability issues, the questions thereby raised are said to relate to the merits, and appeal procedure within the Office and to the courts has long been provided by statute (35 USC 143). 35 U.S.C. 134 (a) states: An applicant for a patent, any of whose claims has been twice rejected, may appeal from the decision of the primary examiner to the Board of Patent Appeals and Interferences, having once paid the fee for such appeal.
As seen above, prior arts, Davie et al., 2006/0089988, Oliver et al., 2005/0052998, Daoud et al., 2012/0124057, Huang 20100057895, Sargent et al., 20100115040, Flake et al., 20080005223; are used for the rejections, which demonstrate that the claimed subject matter was known in the prior art for long. The search history of the prosecution history reveals that hundreds of reference include the claimed traversing reputation information using table/structures in the network.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HARESH PATEL whose telephone number is (571)272-3973.  The examiner can normally be reached on M-F 9-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/HARESH N PATEL/Primary Examiner, Art Unit 2493