DETAILED ACTION
	Claims 12-25 are presented on 01/10/2019 for examination on merits.  Claims 12 and 25 are independent base claims.  Claims 1-11 are cancelled by preliminary amendment.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Examiner's Instructions for filing Response to this Office Action
When the Applicant submits amendments regarding to the claims in response the Office Action, the Examiner would prefer that Applicant submit two sets of claims: 
Set #1 that includes indicators for the status of claim and all marked amendments to the claims; and 
Set #2 comprising a clean version of the claims with all the markups removed for entry, as an appendix to the Set #1.

Information Disclosure Statement
The information disclosure statement(s) (IDS) submitted as for examination on merits are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement(s) is/are being considered by the examiner. See the annotated 1449 documents.

Claim Objections
Claims 15 and 18 are objected to for the following reasons:
Claim 15 is objected to because it is a substantial duplicate of claim 14.  
Applicant is advised that should claim 14 be found allowable, claims 15, which is the same as claim 14, will be objected to under 37 CFR 1.75 as being a substantial duplicate 
Similarly to claim 15, claim 18 is objected to because it is a substantial duplicate of the claim 17.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):

(B)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. 


Claims 12-25 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.

The rejection(s) under 35 U.S.C. 112(b) is/are determined by the following reasons:
Claim 12 recites the limitation "the requesting user" in the preamble of the claim.  There is insufficient antecedent basis for this limitation in the claim.  Consequently, the recitation of “the first communication device of the requesting user” therein also lacks sufficient antecedent basis. 
12 recites the limitation "the selected second communication device” in the preamble of the claim.  There is insufficient antecedent basis for this limitation in the claim.
Claim 12 recites a limitation “for these communication devices” unclearly and without sufficient antecedent basis for this limitation in the claim.
Claim 25 recites a limitation “for these communication devices” unclearly in the clause “wherein the connection management device is additionally configured.”  There is insufficient antecedent basis for this limitation in the claim.
Claim 25 recites a limitation “in the event of a positive authorization verification outcome” in the third wherein clause without sufficient antecedent basis for “the event” in the claim.  
Claims 13-24 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, because they depend from the rejected base claim 12.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(d):
(d) REFERENCE IN DEPENDENT FORMS.—Subject to subsection (e), a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), fourth paragraph:
Subject to the [fifth paragraph of 35 U.S.C. 112 (pre-AIA )], a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.


Claim 15 is rejected under 35 U.S.C. 112(d) or pre-AIA  35 U.S.C. 112, 4th paragraph, as being of improper dependent form for failing to further limit the subject matter of the claim upon which it depends (i.e., claim 14), or for failing to include all the limitations of the claim upon which it depends, or for failing the infringement test of MPEP 608.01(n) (II).  
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.


In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Claims 12-22 and 24-25 are rejected under 35 U.S.C. 103 as being unpatentable over Luo (US 20160085972 A1) in view of Randle (US 20060053290 A1).

As per claim 12, Luo teaches a method for establishing secured communications connections to an industrial automation system in which communications connections are set up from first communications devices outside of the industrial automation system to second communications devices assigned to the industrial automation system via a connection Luo, par. 0018-0019 and 0020-0024: site security servers (such as 124a, 124b, and 124n) can include software tools to orchestrate its security controls with security controls provided by other devices, e.g., firewalls), the method comprising:
performing, by the connection management device, an authorization verification for a requesting user based on an access control list in an event of a request to set up a connection to a selected second communication device by a requesting user of a first communication device, the authorization verification comprising an authentication of the requesting user against the connection management device (Luo, par. 0035 and 0041-0042: authentication, e.g., validating passwords from authorized users); 
providing, by the connection management device, access control information for establishing an encrypted communications connection between the first communication device of the requesting user and the selected second communication device for these communication devices in an event of a positive authorization verification outcome, , and the access control information items comprising passwords for sessions or temporarily valid passwords (Luo, par. 0035 and 0041-0042: authentication, e.g., validating passwords from authorized users); 
forwarding, the firewall system, data packets successfully verified based on defined security rules in encrypted form to at least one of (i) the first communication device of the requesting user and (ii) the selected second communication device, the verification by the firewall system based on the defined security rules comprising a verification of a correctness of passwords for sessions or temporarily valid passwords (Luo, the Abstract and par. 0029: a system includes a relay processor… performing security services (encrypting /decrypting messages); and 
Luo, par. 0035, 0037 and 0040: validating passwords from authorized users … i.e., for message relaying or forwarding).
However, Luo does not explicitly disclose using a VPN connection for the requesting user only after an authentication of the requesting user.  This aspect of the claim is identified as a difference.
In a related art, Randle teaches,
the communications connections established via the connection management device between first communications devices and second communications devices being Virtual Private Network (VPN) connections (Randle, par. 0010-0011: allow VPN traffic to pass back and forth); 
the connection management device providing access control information to the requesting user regarding a use of a VPN connection between the first communication device of the requesting user and the selected second communication device only after an authentication of the requesting user (Randle, par. 0010-0011: typically require authentication; par. 0012: a user needs a user ID and password to be authenticated before access by VPN; par. 0044: If verification succeeds, then the request processor locates a service associated with the specified URL, and allows the participant access to that service).
Luo and Randel are analogous art, because they are in a similar field of endeavor in improving access control between users and enterprise network nodes.  Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to combine them and to use Randle to modify Luo to include VPN for secure connections.  For this combination, the motivation would have been to improve the level of security with added security from VPN.


As per claim 13, the references as combined above teach the method as claimed in claim 12, wherein the access control list comprises user-specific information about each permissible communication connection between at least one first communication device and at least one second communication device (Luo, par. 0042-0044: specific user information includes: the parsed request (e.g., to prevent restricted actions), and can translate the request into a query format that is recognizable by its intended recipient, a valid format, and/or parameters and payloads).

As per claim 14, the references as combined above teach the method as claimed in claim 12, wherein in cases of a positive authorization verification outcome, the connection management device provides an encrypted communications connection to the first communication device of the requesting user and to the selected second communication device and links these communications connections to each other (Luo, par. 0045: The query can be encrypted; par. 0040: the message …encrypted… with the shared key; send the encrypted message to the site security server 524; par. 0041-0042: present the user with information related to assets after [successful] authentication).

As per claim 15, the references as combined above teach the method as claimed in claim 14, wherein in cases of a positive authorization verification outcome, the connection management device provides an encrypted communications connection to the first communication device of the requesting user and to the selected second communication device and links these communications connections to each other (Luo, par. 0045: The query can be encrypted; par. 0040: the message …encrypted… with the shared key; send the encrypted message to the site security server 524; par. 0041-0042: present the user with information related to assets after [successful] authentication).

As per claim 16, the references as combined above teach the method as claimed in claim 12, wherein the data packets transmitted via the encrypted communications connection between the first communication device of the requesting user and the selected second communication device are decrypted by the firewall system and are verified based on the defined security rules (Luo, par. 0009 and 0025-0026: authorized employees have access; par. 0039 and 0040: for example, the security relay 528 can decrypt the message and send the clear text); and 
wherein data packets to be forwarded that are successfully verified based on the defined security rules are encrypted by the firewall system. (Luo, par. 0024: using firewall rules specifying that communications may occur through dedicated ports and addresses)

As per claim 17, the references as combined above teach the method as claimed in claim 13, wherein the data packets transmitted via the encrypted communications connection between the first communication device of the requesting user and the selected second communication device are decrypted by the firewall system and are verified based on the defined security rules (Luo, par. 0024: The management server 214, for example, can perform functions… including using firewall rules specifying that communications may occur through dedicated ports and addresses); and wherein data packets to be forwarded that are successfully verified based on the defined security rules are encrypted by the firewall system (Luo, par. 0035, 0037 and 0040: validating passwords from authorized users … i.e., for message relaying or forwarding).

As per claim 18, the references as combined above teach the method as claimed in claim 14, wherein the data packets transmitted via the encrypted communications connection between the first communication device of the requesting user and the selected second communication device are decrypted by the firewall system and are verified based on the Luo, par. 0024: The management server 214, for example, can perform functions… including using firewall rules specifying that communications may occur through dedicated ports and addresses); and wherein data packets to be forwarded that are successfully verified based on the defined security rules are encrypted by the firewall system (Luo, par. 0035, 0037 and 0040: validating passwords from authorized users … i.e., for message relaying or forwarding)..

As per claim 19, the references as combined above teach the method as claimed in claim 16, wherein at least one of (i) a decryption of data packets and (ii) an encryption of data packets is performed by the firewall system in hardware (Note: an optional limitation is recited herein) (Luo, par. 0005: A firewall can be included between the one or more emulators and the encryption relay processor; see also par. 0007 and 0048: encrypted response through the firewall).

As per claim 20, the references as combined above teach the method as claimed in claim 12, wherein the defined security rules comprise at least one of (i) firewall rules and (ii) rules relating to an admissibility of at least one of control commands and control parameters for automation devices specified in data packets (Note: an optional limitation is recited herein) (Luo, par. 0024: using firewall rules specifying that communications may occur through dedicated ports and addresses).

As per claim 21, the references as combined above teach the method as claimed in claim 12, wherein the firewall system rejects data packets that do not comply with the defined security rules (Randle, par. 0044: If verification succeeds, then the request processor locates a service associated with the specified URL, and allows the participant access to that service. Inherently, the failed authentication will result in rejection of data packets going through the 

As per claim 22, the references as combined above teach the method as claimed in claim 12, wherein the firewall system is arranged in a secured communication network of the industrial automation system (Luo, par. 0009 and 0015-0016: an industrial control system).

As per claim 24, the references as combined above teach the method as claimed in claim 12, wherein the second communication devices are integrated into automation devices or assigned to said automation devices (Luo, par. 0065: the described program components and systems can generally be integrated together in a single software product or packaged into multiple software products).

As per claim 25, Luo teaches a firewall system (Luo, par. 0020 and 0024: site security servers (such as 124a, 124b, and 124n) can include software tools to orchestrate its security controls with security controls provided by other devices, e.g., firewalls) comprising: 
a processor (Luo, par. 0018-0019); 
memory operatively coupled to said processor (Luo, par. 0055-0056); 
wherein the firewall system is configured to: 
verify data packets based on specified security rules (Luo, par. 0024: The management server 214, for example, can perform functions… including using firewall rules specifying that communications may occur through dedicated ports and addresses.); 
process at least one server instance forming a connection management device which is configured to establish a communications connection from first communication devices outside of an industrial automation system to second Luo, par. 0017 and 0022: The enterprise network 102, for example, can connect various computers and related devices, as shown in FIG. 1: the communications between the networks 104a and server node 114); 
wherein the connection management device is further configured, in an event of a request, to set up a connection to a selected second communication device by a requesting user of a first communication device, and is further configured to perform an authorization verification for the requesting user based on an access control list, the authorization verification comprising an authentication of the requesting user against the connection management device (Luo, par. 0018 and 0026: To interact with the management server 114, for example, a user can employ the interface device 112); 
wherein the connection management device is additionally configured, in the event of a positive authorization verification outcome, to provide access control information for establishing an encrypted communications connection between the first communication device of the requesting user and the selected second communication device for these communication devices (Luo, par. 0035 and 0041-0042: authentication, e.g., validating passwords from authorized users,); 
wherein the firewall system is further configured to: 
decrypt data packets transmitted via an encrypted communications connection between the first communication device of the requesting user and the selected second communication device for the verification based on defined security rules (Luo, par. 0039 and 0040: for example, the security relay 528 can decrypt the message and send the clear text); and 
forward data packets successfully verified based on the defined security rules in encrypted form to the first communication device of the requesting user or to the selected second communication device, the verification by the firewall system Luo, the Abstract and par. 0029: a system includes a relay processor… performing security services (encrypting /decrypting messages), and 
reject data packets, for the transmission of which incorrect passwords have been specified (Luo, par. 0035, 0037 and 0040: validating passwords from authorized users … i.e., for message relaying or forwarding).

However, Luo does not explicitly disclose using a VPN connection for the requesting user only after an authentication of the requesting user.  This aspect of the claim is identified as a difference.
In a related art, Randle teaches,
wherein the communications connections established via the connection management device between first communications devices and second communications devices are Virtual Private Network (VPN) connections (Randle, par. 0010-0011: allow VPN traffic to pass back and forth); 
wherein the connection management device is additionally configured to provide access control information to the requesting user regarding use of a VPN connection between the first communication device of the requesting user and the selected second communication device only after an authentication of the requesting user, the access control information items comprising passwords for VPN sessions or temporarily valid passwords (Randle, par. 0010-0011: typically require authentication; par. 0012: a user needs a user ID and password to be authenticated before access by VPN; par. 0044: If verification succeeds, then the request processor locates a service associated with the specified URL, and allows the participant access to that service).
Luo and Randel are analogous art, because they are in a similar field of endeavor in improving access control between users and enterprise network nodes.  Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to combine them and to use Randle to modify Luo to include VPN for secure connections.  For this combination, the motivation would have been to improve the level of security with added security from VPN.

Claim 23 is rejected under 35 U.S.C. 103 as being unpatentable over Luo in view of Randle, and further in view of Smith (US 20170364908 A1).

As per claim 23, the references as combined above teach the method as claimed in claim 12, but do not explicitly disclose using a rendezvous server for the connection management device.  This aspect of the claim is identified as a further difference.
In a related art, Smith teaches:
wherein the connection management device is a rendezvous server (Smith, par. 0017-0019: the rendezvous server 114 may operate as a cloud service that is trusted by the uncommissioned devices to perform a rendezvous service.).
Smith is analogous art to the claimed invention in a similar field of endeavor in improving network communication.  Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to combine them and to use Smith to determine a use of rendezvous server for the connection management device. For this combination, the motivation would have been to improve the level of security with the use of point-to-point communication of rendezvous server..



Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure as the prior art additionally discloses certain parts of the claim features (See “PTO-892 Notice of Reference Cited”).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DON ZHAO whose telephone number is (571)272.9953.  The examiner can normally be reached on Monday to Friday, 7:30 A.M to 5:00 P.M EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl G Colin can be reached on 571.272.3862.  The fax phone number for the organization where this application or proceeding is assigned is 571.273.8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866.217.9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800.786.9199 (IN USA OR CANADA) or 571.272.1000.

/Don G Zhao/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        04/14/2021