Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
1.This is a Final Office Action in response to applicant’s argument filed on January 14, 2021. At this time, claims 1, 9, and 16 have been amended. Claims 21-23 have been added. Therefore, claims 1-23 are pending and addressed below.

                                        Response to Applicant’s Arguments
Applicant’s argument is insufficient to overcome the 35 U.S.C 101 rejection set forth in the previous office action for claims 1 and 16. No language in the specification explicitly affirms that the processing elements and controller cannot be software. Paragraphs [0021] and [0024-0026] describe the processing elements as part of a hardware platform. Hence, it could be interpreted as software or/and an application inside the hardware platform. See the rejection below.

Applicant’s argues with respect to independent claims 1 and 9 that: I) There is no teaching in Abali of using a controller to split an incoming data stream into data of a first type associated with a first security protocol and a second type associated with a second security protocol and then assigning those parts to first and second processing clusters which implement those security protocols.   

Applicant respectfully disagrees and maintains that the claim limitations do not recite “ using a controller to split an incoming data stream into data of a first type associated with a first security protocol and a second type associated with a second security protocol and then assigning those parts to first and second processing clusters  which implement those security protocols. “. In addition, the data matching pattern is a protocol that corresponds to the first security protocol and a second security protocol because there is nothing in the claim that distinguishes a first security protocol from a second security protocol. The limitation argues by the examiner is not disclosed in the claim.



Examiner respectfully disagrees and maintains that Abali discloses each segment (e.g., byte) of the input data stream may be compared against a plurality of tokens. An appropriate token may be selected for a segment of the input data stream depending on the data type or value of the segment of the input data stream. For example, four bytes "4ab&" of the input data stream may be converted into tokenized input data stream "numeric, alpha, alpha, symbol." As another example, three bytes "USA" of the input data stream may be converted into a tokenized input data stream, "token_1, token_2, token_3." Operations for generating the tokenized input data stream are further described above with reference to FIG. 5. The flow continues at block 706. A different portion of the tokenized input data stream is provided to each of a plurality of processing elements of the reconfigurable array processor (block 706). A sliding window with a suitable stride may be implemented to select a different portion of the tokenized input data stream and provide the selected portion to one of the processing elements. For example, for a sliding window with a stride of 1-byte, a first tokenized input data quadword including bytes 0-15 may be provided to a first processing element of the reconfigurable array processor; a second tokenized input data quadword including bytes 1-16 may be provided to a second processing element; and so on. The flow continues at block 708. See (Abali, [0061-0062])
Examiner agrees that Abali does not disclose encryption as security protocol. However, Thota disclose an L2 encryption scheme for one flow and an L4 encryption scheme for another flow, or a first encryption algorithm for one flow and a second encryption algorithm for the other flow. For details, see Thota,  [0118]
All of which corresponds to receiving a data stream including a first type and a second type of data associated with a first and second type of security protocol (and/or encryption) and using different processing elements to implement the security protocol (or encryption). For details, see Thota, [0118] and Abali, [0061-0062] 

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows: 
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 1-8  and 16-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  As to claims 1 and 16, each element of the claim can reasonably be interpreted as software. Absent a definition in the specification, a reasonable interpretation of controller is just a software routine. This claim fails to fall into a statutory category of invention as software alone is not a machine, a manufacture, a process nor a composition of matter. 

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1, 2, 5-6 and 8, 21-23 are rejected under 35 U.S.C 102(a)(1)/102(a)(2) as being unpatentable over  Abali, US pat.No 20160085721. 

Claim 1. Abali discloses an apparatus (See  abstract; a processor array manager of the reconfigurable array processor receives an input data stream for pattern matching and generates a tokenized input data stream from the input data stream. A different portion of the tokenized input data stream is provided to each of a plurality of processing elements of the reconfigurable array ) comprising: a plurality of clusters of processing elements, including a first cluster of processing elements and a second cluster of processing elements, (See  [0021]; the reconfigurable array processor 200 includes 16 processing elements (PE) 202, a processor array manager 212, and an interconnect bus 214. A subset of the processing elements may be grouped together to form a processing element cluster ("PE cluster"). In FIG. 2, dashed lines are used to represent the group of processing elements that belong to the same PE cluster. In FIG. 2, the processing elements of the reconfigurable array processor 200 are divided into four PE clusters 204, 206, 208, and 210, each PE cluster including four processing elements. For example, processing elements 202A, 202B, 202C, and 202D are part of the PE cluster 204. In one implementation, the processing elements within a PE cluster may be "fully interconnected" with each other.) and a controller configured to control the first cluster of processing elements to implement a first security protocol and the second cluster of processing elements to implement a second security protocol, (See   [0018];  The processor array manager can tokenize an input data stream and provide different portions of the tokenized input data stream to each processing element. Each processing element can execute pattern matching operations on the corresponding portion of the tokenized input data stream and generate a result that indicates whether the portion of the tokenized input data stream matches a reference pattern. The processor array manager can combine individual results received from each processing element to determine whether the input data stream includes a reference pattern. In one example, the reconfigurable array processor may search for sensitive data in an input data stream for cybersecurity. The reconfigurable array processor may execute pattern matching operations to determine whether an application is using sensitive data and if so, to take appropriate measures (e.g., determine whether the application is authorized to use the data, implementing additional levels of encryption, etc.).) the controller further configured to examine an incoming data stream and provide the incoming data stream to the first cluster of processing elements when the incoming data stream is of a first type associated with the first security protocol and provide the incoming data stream to the second cluster of processing elements when the incoming data stream is of a second type associated with the second security protocol. (See  [ 0061-0062]; each segment (e.g., byte) of the input data stream may be compared against a plurality of tokens. An appropriate token may 
Regarding claim 21, Abali discloses the apparatus of claim 1, further comprising a field programmable gate array (FPGA) including the plurality of clusters of processing elements. (See Abali,  [0099 ])
Regarding claim 22, Abali discloses the apparatus of claim 1, wherein the plurality of clusters of processing elements are arranged in a reconfigurable fabric. (See Abali, [0105] )
Regarding claim 23,  Abali discloses the apparatus of claim 1, further comprising a non-transitory computer readable medium encoded with instructions that when executed cause the controller to examine the incoming data stream and provide the incoming data stream to the first cluster of processing elements or to the second cluster of processing elements. (See  [ 0061-0062]; each segment (e.g., byte) of the input data stream may be compared against a plurality of tokens. An appropriate token may be selected for a segment of the input data stream depending on the data type or value of the segment of the input data stream. For example, four bytes "4ab&" of the input data stream may be converted into tokenized input data stream "numeric, alpha, alpha, symbol." As another example, three bytes "USA" of the input data stream may be converted into a tokenized input data stream, "token_1, token_2, token_3." Operations for generating the tokenized input data stream are further described above with reference to FIG. 5. The flow continues at block 706. [0062] A different portion of the tokenized input data stream is provided to each of a plurality of processing elements of the reconfigurable array processor (block 706). A sliding window with a suitable stride may be implemented to select a different portion of the tokenized input data stream and provide the selected portion to one of the processing elements. For example, for a sliding window with a stride of 1-byte, a first tokenized input data quadword including bytes 0-15 may be provided to a first processing element of the reconfigurable array processor; a second  
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claim 8 is rejected under 35 U.S.C 103 as being unpatentable over Abali, US pat.No 20160085721 in view of Thota, US pat.No 20150379278.
Claim 8. Abali  does not appear to explicitly disclose the apparatus of claim 1, wherein the first security protocol comprises a first encryption technique and wherein the second security protocol comprises a second encryption technique. 
However, Thota discloses wherein the first security protocol comprises a first encryption technique and wherein the second security protocol comprises a second encryption technique. (See   [0118 ]; an L2 encryption scheme for one flow and an L4 encryption scheme for another flow, or a first encryption algorithm for one flow and a second encryption algorithm for the other flow). )
Abali and Thota are analogous art because they are from the same field of endeavor which is communication security. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Abali with the teaching of Thota to include encryption of different flow because it would have allowed secure transfer of data. 

Abali, US pat.No 20160085721 in view of Thota, US pat.No 20150379278. 

Claim 9. Abali a method (See  abstract; a processor array manager of the reconfigurable array processor receives an input data stream for pattern matching and generates a tokenized input data stream from the input data stream. A different portion of the tokenized input data stream is provided to each of a plurality of processing elements of the reconfigurable array processor.) comprising:  
receiving, by a plurality of clusters of processing elements, a first data stream of a first type and a second data stream of a second type, each cluster of the plurality of clusters including a respective plurality of processing elements; (See  [0021]; the reconfigurable array processor 200 includes 16 processing elements (PE) 202, a processor array manager 212, and an interconnect bus 214. A subset of the processing elements may be grouped together to form a processing element cluster ("PE cluster"). In FIG. 2, dashed lines are used to represent the group of processing elements that belong to the same PE cluster. In FIG. 2, the processing elements of the reconfigurable array processor 200 are divided into four PE clusters 204, 206, 208, and 210, each PE cluster including four processing elements. For example, processing elements 202A, 202B, 202C, and 202D are part of the PE cluster 204. In one implementation, the processing elements within a PE cluster may be "fully interconnected" with each other. See also [0061-0062]) 
Abali does not appear to explicitly disclose and controlling, by a security manager coupled to the plurality of clusters, a first plurality of processing elements in a first cluster to encrypt the first data stream of the first type, and a second plurality of processing elements to encrypt the second data stream of the second type, including controlling a relative number of processing elements included in the first cluster and the second cluster. 
However, Thota discloses and controlling, by a security manager coupled to the plurality of clusters, a first plurality of processing elements in a first cluster to encrypt the first data stream of the first type, and a second plurality of processing elements to encrypt the second data stream of the second type, including an L2 encryption scheme for one flow and an L4 encryption scheme for another flow, or a first encryption algorithm for one flow and a second encryption algorithm for the other flow). )
Abali and Thota are analogous art because they are from the same field of endeavor which is communication security. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Abali with the teaching of Thota to include encryption of different flow because it would have allowed secure transfer of data. 

Claim 10. The combination of Abali and Thota discloses the method of claim 9, wherein the controlling the first plurality of processing elements to encrypt the first data stream of the first type includes loading a first instruction set configured to implement a first encryption technique to the first plurality of processing elements. (See Abali,  [0020] and [0023] ) Claim 11. The combination of Abali and Thota discloses the method of claim 10, wherein the encryption technique comprises at least one of a turbocoding technique, a higher encryption technique, or any combination thereof. (See Abali, [0018] and Thota, [ 0006])Claim 12. The combination of Abali and Thota discloses the method of claim 10, further comprising: determining the first data stream is to be processed according to the first encryption technique based on at least a portion of the first data stream, wherein the portion corresponds to a flag, header, a data type indication, or any combination thereof. 
(See Thota,  [0118 ]; an L2 encryption scheme for one flow and an L4 encryption scheme for another flow, or a first encryption algorithm for one flow and a second encryption algorithm for the other flow). )
Abali and Thota are analogous art because they are from the same field of endeavor which is communication security. It would have been obvious to a person of ordinary skill in the art before the 
Claim 13. The combination of Abali and Thota discloses the method of claim 9, wherein the controlling the second plurality of processing elements further includes loading a second instruction set configured to implement a second encryption technique to the second plurality of processing elements. (See Thota, [0246])
Abali and Thota are analogous art because they are from the same field of endeavor which is communication security. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Abali with the teaching of Thota to include encryption of different flow because it would have allowed secure transfer of data.  
 Claim 14. The combination of Abali and Thota discloses the method of claim 9, wherein the controlling the first plurality of processing elements to encrypt the first data stream of the first type includes loading a first instruction set configured to implement a first encryption technique to the first plurality of processing elements, and wherein the controlling the second plurality of processing elements to encrypt the second data stream of the second type includes loading a second instruction set configured to implement a second encryption technique to the second plurality of processing elements. (See Thota,  [0118 ]; an L2 encryption scheme for one flow and an L4 encryption scheme for another flow, or a first encryption algorithm for one flow and a second encryption algorithm for the other flow). )
Abali and Thota are analogous art because they are from the same field of endeavor which is communication security. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Abali with the teaching of Thota to include encryption of different flow because it would have allowed secure transfer of data.  
Claim 15. The combination of Abali and Thota discloses the method of claim 9, further comprising: detecting a processing time for encrypting the first data stream exceeding a threshold time, and allocating  
Allowable Subject Matter
Claims 3 and 4 (combined together) and 7 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. 
                                                               Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  

Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOSNEL JEUDY whose telephone number is (571)270-7476.  The examiner can normally be reached on M-F 10:00-8:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Arani T Taghi can be reached on (571)272-3787.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

Date: 3/17/2021




/JOSNEL JEUDY/Primary Examiner, Art Unit 2438