Notice of Pre-AIA  or AIA  Status
The present application is being examined under the pre-AIA  first to invent provisions. 

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed 
Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claim 1-20 of U.S. Patent No. 9,036,591 and claim 1-14 of U.S. Patent No. 8,537,770 and claims 1-44 of U.S. Patent No 8,023,479. Although the claims at issue are not identical, they are not patentably distinct from each other.

Present Application 16/044,307
U.S. Patent No. 9,036,591
Claim 1: identifying, by a first gateway server component, of a gateway server, deployed in a carrier network, an enterprise network based on identified information corresponding to a mobile terminal; 
Claim 6: identifying, by the first gateway server, the enterprise network based on identified information corresponding to the mobile terminal.
Claim 1: forwarding, by the first gateway server component a request to invoke a data session issued by the mobile terminal to a second gateway server component, of a gateway server, deployed in the enterprise network;
Claim 1: forwarding, from a first gateway server in a cellular network to a second gateway server in an enterprise network, a request to invoke a data session by a mobile terminal;

Claim 1: wherein the mobile terminal is subjected to a data policy of the enterprise network irrespective of a location of the mobile terminal.
Claim 1: establishing a tunnel between the first gateway server component and the second gateway server component using  a function split between the first gateway server component and the second gateway server component; 
using selectable security and encryption specific to requirements of the enterprise network;
Claim 1: establishing a secure tunnel between the first gateway server and the second gateway server, wherein the secure tunnel supports selectable security and encryption specific to requirements of an enterprise network;
Claim 1: transmitting, by the first gateway server component via the tunnel, data of the data session to the enterprise network
Claim 1: transmitting data of the data session to the enterprise network
Claim 4: wherein the data session is routed through the enterprise network without an interaction with an originating party
Claim 1: wherein the secure tunnel established between the first gateway server and the second gateway server is established automatically via an internet protocol connection which is deployed in the cellular network in response to receipt of the request by at least one of the first gateway server and the second gateway server.
Claim 4: wherein data of the data session is transmitted through a firewall of the enterprise network to a destination outside the enterprise network
Claim  1: wherein the data of the data session invoked without a virtual private network client operating on the mobile terminal is transmitted through a firewall of the enterprise network to 


Similarly, comparing dependent claims 2, 3 and 5-7 of the pending application with dependent claims 2, 5 and 8-10 of U.S. Patent No. 9,036,591, they recite similar limitations with slight wording variations.  Claims 8-20 or the pending application recite limitations substantially similar to claims 1-7 of the present application.


Present Application 16/044,307
U.S. Patent No. 8,537,770
Claim 1: identifying, by a first gateway server component, of a gateway server,  deployed in a carrier network, an enterprise network based on identified information corresponding to a mobile terminal; 
Claim 1: identifying, by the first gateway server, the enterprise network based on identified information corresponding to the mobile terminal.
Claim 1: forwarding, by the first gateway server component a request to invoke a data session issued by the mobile terminal to a second gateway server component, of a gateway server, deployed in the enterprise network;
Claim 1: responsive to receiving the request, forwarding the request to a second gateway server, via a data network, deployed in an enterprise network;

Claim 6: wherein the mobile terminal is subjected to a data policy of the enterprise network irrespective of a location of the mobile terminal.
Claim 1: establishing a tunnel between the first gateway server component and the second gateway server component using  a function split between the first gateway server component and the second gateway server component;
using selectable security and encryption specific to requirements of the enterprise network;
Claim 1: establishing a secure tunnel between the first gateway server and the second gateway server, wherein the secure tunnel supports selectable security and encryption specific to requirements of the enterprise network;
Claim 1: transmitting, by the first gateway server component via the tunnel, data of the data session to the enterprise network
Claim 1: transmitting data of the data session to the enterprise network
Claim 4: wherein the data session is routed through the enterprise network without an interaction with an originating party
Claim 7: wherein the data session is routed through the enterprise network without an interaction with an originating party.
Claim 4: wherein data of the data session is transmitted through a firewall of the enterprise network to a destination outside the enterprise network
Claim  7: wherein data of the data session is transmitted through a firewall of the enterprise network to a destination outside the enterprise network;


Similarly, comparing dependent claims 2, 3 and 5-7 of the pending application with dependent claims 2, 5 and 8-10 of U.S. Patent No. 8, 537, 770, they recite similar limitations 
Further, Claims 1-20 are also rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-44 of US Patent No. 8, 023, 479. Although the claims at issue are not identical, they are not patentably distinct from each other because they recite same limitation with wording variation having same concept.
Note the issued claims of U.S. Patent No. 8, 537, 770 and US Patent No. 8, 023, 479 respectively are narrower in scope such that the claimed limitations as recited in pending application are encompassed by U.S. Patent No. 8, 537, 770 and US Patent No. 8, 023, 479 respectively.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Process Control Corp. v. HydReclaim Corp., 190 F.3d 1350, 1357, 52 USPQ2d 1029, 1033 (Fed. Cir. 1999). 
Claim 1 recites “a first gateway server component, of a gateway server, deployed in a carrier network,” and “a second gateway server component, of a gateway server, deployed in the enterprise network.”  Applicant argues that these limitations are disclosed in Fig. 20 and paragraph [0078] of Applicant’s Specification, which states that “The GGSN component can be split among two components of the Gateway Server: One component located in the carrier network (within the GS-C), and a second component located in the enterprise (within the GS-E).”  Fig. 20 of Applicant’s Specification illustrates that an Enterprise Network includes a GSE-GGSN gateway and that three cellular networks are distinct from each other and are distinct from the Enterprise Network.  Fig. 20 of Applicant’s Specification further illustrates that each cellular network includes its own distinct GS-C GGSN gateway, that are distinct from each other and are distinct from the Enterprise Network.  Fig. 20 does not illustrate that any of the GS-C GGSN’s are included in the same Gateway server as each other or as the GS-E GGSN.  Rather, each GS-C is separated from the GS-E by the internet. 
Although paragraph [0078] makes the statement that a GS-E in an enterprise network and a GS-C in a cellular network can somehow be part of the same “gateway server,” no explanation is offered about how a GS-E in an enterprise network and a GS-C in a cellular network can be considered to be part of the same gateway server.  A person of ordinary skill in the art, at the time the invention was made, would have understood that a gateway is an ingress or egress node by which a network is communicatively connected to another network; and that two distinct gateways that communicatively connect two distinct networks would not be understood to be part of a same gateway.  The ordinary a single computer that sends information to other networks.  This definition does not comprise Applicant’s configuration of “gateway server” that supposedly includes separate, distinct computers in separate, distinct networks that are separated by the internet.  Therefore, Applicant is attempting to act as an lexicographer in redefining the term “gateway server” to mean that one “gateway server” can include many GGN’s that are connected together by a network such as the internet.  However, this re-definition is not consistent with Fig. 20 and all of Applicant’s other figures and references to the “gateway server” in Applicant’s Specification, and is not consistent with the ordinary meaning of the term.  Applicant’s Specification offers no explanation of how GGSN’s in separate networks that communicate over the internet, can be distinguished from being part of the same “gateway server” or not. 
Accordingly, the term “gateway server” in Applicant’s claims is indefinite because the specification does not clearly redefine the term.
Independent Claims 8 and 14 are rejected for substantially the same reasons as claim 1.
Claims 2-7, 9-13 and 15-20 are rejected because they depends from the rejected independent claims.
For the purposes of Examination, the term “gateway server” will be interpreted in accordance with its ordinary meaning in the art.


Claim Rejections - 35 USC § 103

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under pre-AIA  35 U.S.C. 103(a) are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-6, 8-16, 18-20 are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Feather et al. (US 2004/0081173) in view of Amara et al. (US 2004/0083295).

Regarding claim 1, Feather discloses a method, comprising: 

identifying, by a first gateway server component, of a gateway server, deployed in a carrier network (Feather, Fig. 1, Border Gateway 20 in operator network 18; paragraph [0020]), an enterprise network (Feather, Fig. 1, Enterprise Gateway 22 in enterprise network 14; paragraph [0020]) based on identified information corresponding to a mobile terminal (Feather, paragraph [0016], access request uses information from the mobile device 12); 

forwarding, by the first gateway server component a request to invoke a data session issued by the mobile terminal to a second gateway server component, of a gateway server, deployed in the enterprise network (Feather, Fig. 1; paragraphs [0013]-[0015],  Operator network 18 receives the requests via Radio access network 16 generated by mobile nodes 12 where RAN 16 provides service for voice and data access to mobile node 12 communicating with RAN 16 and mobile node 12 support wireless communications to provide voice and/or data service where operator network 18 support GPRS protocol and serving node 26 acts as a serving GPRS support node (SGSN); paragraph [0017] border gateway 20 forwards network access requests to enterprise gateway 22), 

establishing a tunnel between the first gateway server component and the second gateway server component using  a function split between the first gateway server component and the second gateway server component (Feather, paragraph [0023], Upon receiving the network access request, operator network 18 performs initial processing of the request and determines that enterprise gateway 22 is configured to provide access to enterprise network 14. The Operator network 18 transmits the network access request to enterprise gateway 22. In response to the request, enterprise gateway 22 and serving node 26 may form a communication channel or tunnel for transporting packets communicated between mobile node 12 and one or more elements within enterprise network 14 and also see Para 20 enterprise gateway 22 may communicate with border gateway 20 over secure fixed line 30. Determining the address for border gateway 20 may include transmitting a message directly  between the enterprise gateway 22 and border gateway 20 which can be refer to as establishing a secure tunnel between the first gateway and the second gateway server; paragraph [0023], in response to the request, enterprise gateway 22 forms a tunnel with serving node 25); and 

transmitting, by the first gateway server component via the tunnel, data of the data session to the enterprise network (Feather, paragraph [0023], Upon receiving the network access request, operator network 18 performs initial processing of the request and determines that enterprise gateway 22 is configured to provide access to enterprise network 14. The Operator network 18 transmits the network access request to enterprise gateway 22. In response to the request, enterprise gateway 22 and serving node 26 may form a communication channel or tunnel for transporting packets communicated between mobile node 12 and one or more elements within enterprise network 14).  

Feather does not specifically disclose wherein the request is based on a data policy of the mobile terminal, and using selectable security and encryption specific to requirements of the enterprise network.

Amara discloses wherein the request is based on a data policy of the mobile terminal (Paragraph [0064], IPsec policy for creating tunnel between gateways).



It would be obvious for one having ordinary skill in the art at the time the invention was made to modify the method of Feather with the method of Amara.  The motivation would have been to extend the network connectivity of LANs beyond their physical limits while reducing cost and simplifying network topology (See Amara Paragraph [0003]).


Regarding claim 2, Feather in view of Amara discloses the method of claim 1, wherein the first gateway server component and the second gateway server component together comprise one 

Regarding claim 3, Feather in view of Amara discloses the method of claim 1, further comprising: invoking the data session without a virtual private network client operating on the mobile terminal (Feather, Fig. 1; paragraph [0023], in response to the request, enterprise gateway 22 forms a tunnel with serving node 25.  The data sessions of Feather are invoked without a VPN).

Regarding claim 5, Feather in view of Amara discloses the method of claim 1, wherein the establishing the tunnel further comprises: automatically  establishing the tunnel based on receipt of the request by the first gateway server component (Feather, Fig. 1; paragraph [0023], in response to the request, enterprise gateway 22 forms a tunnel with serving node 25).  

Regarding claim 6, Feather in view of Amara discloses the method of claim 1, wherein the function includes one of a Gateway General Packet Radio Service Support Node (GGSN) and a Home Agent (HA) function (Amara, Paragraph [0050], when the terminating security gateway 180 receives a packet from the initiating security gateway 140, it may perform a reverse IPsec procedure on the packet. The reverse IPsec procedure may include terminating the tunnel (e.g., IP-in-IP or IPsec) for the packet, decrypting the encapsulated security payload and checking the authentication header for the integrity of the packet. After the reverse IPsec procedure has been performed, the packet may be forwarded to its final destination depending on its 
It would be obvious for one having ordinary skill in the art at the time the invention was made to modify the method of Feather with the method of Amara.  The motivation would have been to extend the network connectivity of LANs beyond their physical limits while reducing cost and simplifying network topology (See Amara Para 3).

Regarding claim 7, Feather in view of Amara discloses the method of claim 1, further comprising selecting encryption specific to the requirements of the enterprise network as supported by the tunnel established between the enterprise network and the carrier network (Amara, Fig. 1 and Abstract, Paragraphs [0041], [0049]-[0050], initiating security gateway may be in communication with the home agent i.e., refer to as the first gateway in data network, and a terminating security gateway 180 i.e., second gateway which is inside a receiving network 170 which may be a corporate LAN that is accessible from network backbone 120 (Para 48) may be in communication with the initiating security gateway via a tunnel (e.g., Internet Protocol in Internet Protocol (IP-in-IP) or Internet Protocol security (IPsec) tunnel) i.e., establishing a secure tunnel between the first gateway server and the second gateway server. Further, a virtual local area network (VLAN) tag associated with the user session may map to a selector operable in a security policy database. The selector may be used to find a security policy defining an IPsec procedure and the security policy may be applied to the tunnel i.e., the secure 
It would be obvious for one having ordinary skill in the art at the time the invention was made to modify the method of Feather with the method of Amara.  The motivation would have been to extend the network connectivity of LANs beyond their physical limits while reducing cost and simplifying network topology (See Amara Para 3).
Claims 8-10 and 12-13 are rejected under substantially the same rationale as claims 1-3 and 5-6, respectively.
Claims 14-16 and 12-14 are rejected under substantially the same rationale as claims 1-3 and 5-7, respectively.

Claims 4, 11 and 17 are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Feather in view of Amara, and further in view of Gage et al. (US 2004/0151136).

Regarding claim 4, Feather in view of Amara discloses the method of claim 1.  Amara discloses routing the data session through the enterprise network without an interaction with an originating party (Amara; Fig. 9 and Para 86, the packet may be forwarded to the IPsec module 148, which may initiate IPsec-procedures on the packet. The IPsec module 148 may initiate an IPsec tunnel between the initiating security gateway 140 and the terminating security gateway 180a in order to forward the packet to the network domain 172a.  No interaction with an originating party is required in the method disclosed in Fig. 9).


Feather and Amara do not explicitly disclose wherein data of the data session is transmitted through a firewall of the network to a destination outside the enterprise network.  

Gage discloses wherein the transmitting the data session further comprises:  transmitting the data through a firewall of the network to a destination outside the network (Fig. 3 and Para 28-30) the MCL 320 in the wireless device 302 is configured to select one wireless communication protocol as a "preferred" interface for current communications. The wireless device is within a given geographic region, and the available links comprise more than one protocol, such as an 802.11 link 304A and a CDMA link 304C, then the MCL 320 determines the quality of each link and selects one as the preferred interface or link to the Destination Host 310. The link is selected based on predetermined criteria and can also be read as selectable security. The "preferred" interface, as used herein, does not necessarily indicate the best link or some other measure of link quality on an absolute basis, but rather represents the "selected" available interface in accordance with the aforementioned criteria. The preferred interface can also be selected based on criteria other than the link quality, such as maximum connection speed, cost, or priority of the link as compared with others. Further, transmitting data of the data session from the control center to the destination host via a firewall.

It would have been obvious to one having ordinary skill in the art, at the time the invention was made, for data of the data session in Feather to be transmitted through a firewall of the enterprise network to a destination outside the enterprise network, as in Gage.  The motivation would have been to provide efficient roaming between various communication protocol without repeated terminations and re-establishment of the network connection (See Paragraph 8).
Claims 11 and 17 are rejected under substantially the same rationale as claim 4.

Response to Arguments
Applicant's arguments filed March 23, 2021 have been fully considered but they are not persuasive.
Applicant asserts that the Examiner’s 35 USC § 112 rejections would require that “the claims … merely recite a ‘gateway server’ and then point to the Specification as supplying some special definition.”  However, the Examiner’s 35 USC § 112 rejections do not have that requirement.
Applicant asserts that the claimed gateway server does not contradict the ordinary meaning of the term “gateway server.”  This is incorrect.  A person of ordinary skill in the art, at the time the invention was made, would have understood that a gateway is an ingress or egress node by which a network is communicatively connected to another network; and that two distinct gateways that communicatively connect two distinct networks would not be understood to be part of a same gateway.  The ordinary meaning of the term “gateway server,” for example as defined by a single computer that sends information to other networks.  This definition does not comprise Applicant’s configuration of “gateway server” that supposedly includes separate, distinct computers in separate, distinct networks that are separated by the internet.
Applicant asserts that the claims are patentable because border gateway 20 and the enterprise gateway 22 of Feather are not components of the same gateway, while the claimed “first gateway server component” and the claimed “second gateway server component” are both part of the same gateway server.  However, as discussed in the 35 USC § 112 rejections above, the “first gateway server component” that is part of a gateway server in a carrier network and the “second gateway server component” that is part of a gateway server in the enterprise network interpreted as being separate gateway servers for the purposes of Examination.  Alternatively, if Applicant’s definition of a gateway server were to be adopted, then the border gateway 20 and the enterprise gateway 22 of FEATHER would be interpreted to be components of the same gateway server.
Applicant further asserts that Feather does not disclose establishing the tunnel using a function split between the border gateway 20 and the enterprise gateway 22.  However, Feather discloses establishing a tunnel between the first gateway server component and the second gateway server component using  a function split between the first gateway server component and the second gateway server component (Feather, paragraph [0023], Upon receiving the network access request, operator network 18 performs initial processing of the 
Applicant’s have, additionally, reproduced their arguments previously presented in responses filed following the final office action dates August 4, 2020 and the Advisory action dated October 20, 2020.  The Examiner has previously responded to these arguments in the non-final rejection dated December 23, 2020.

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALAN LOUIS LINDENBAUM whose telephone number is (571)270-3858.  The examiner can normally be reached on Monday through Friday 9:00 AM to 5:00 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Faruk Hamza can be reached on (571) 272-7969.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/ALAN L LINDENBAUM/Examiner, Art Unit 2466