DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


The following is a final office action in response to communications received 02/08/2021. Claims 21, 22, 28, 29, 35, 36 have been amended. Therefore, claims 21-40 are pending and addressed below.

Response to Amendment
Applicant’s response and amendments are sufficient to overcome the 35 USC 112, second paragraph, set forth in the previous office action. Applicant’s amendments and response to the claims are NOT sufficient to overcome the Double Patenting rejections set forth in the previous office action. The double patenting rejection is maintained.

Response to Arguments
Applicant’s arguments filed 02/08/2021 have been fully considered but they are not persuasive. Applicant argues that (1) the combination of Foxhoven and Burch does not disclose obtain, from a public cloud server over an existing secure socket layer (SSL) connection….

In response to argument (1), Examiner respectfully disagrees. Foxhoven discloses requests from the client at a virtual private network (VPN) in a cloud system for public clouds…see par. 9. Burch discloses initiating an instance of a VM, whereas the SSL VPN service represents .


Double Patenting

The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.   A nonstatutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. 
Effective January 1, 1994, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 3.73(b).
Claims 21-40 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-18 of U.S. Patent No. 10505903. Although the claims at issue are Claims of patent application contain every element of claims above instant application or vice versa, and as such they anticipate or anticipated by Instant Application.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 21-40 are rejected under 35 U.S.C. 103 as being unpatentable over Foxhoven et al (Pun. No. US 2016/0261564 in view of Burch et al (Pub. No. US 2011/0214176).

As per claims 21, 28, 35, Foxhoven discloses a private cloud server in a private cloud, comprising: a processor programmed to: obtain, from a public cloud server, a virtual private network (VPN) request to establish a VPN with a client, wherein the client is connected to the public cloud server (…requests from the client at a virtual private network (VPN) in a cloud system for public clouds…see par. 9); authenticate the VPN request (authenticating via an authentication server…see par. 9); and in response to authenticating the VPN request: obtain a VPN interface table, wherein the VPN interface table specifies logical network connections between the client, the public cloud server, and the private cloud (…the VPN architecture dynamically routes traffic between the client, public cloud system and the enterprise (inside the private cloud)…see par. 42-45, 49). Foxhoven does not explicitly disclose obtain…over an existing secure sockets layer (SSL) connection, obtain, from the client via the VPN, a data access request for secure data stored in the private cloud, wherein the data access request was pre-authenticated using credential data stored in the public cloud server; send, to the client via the VPN, the secure data. However Burch discloses obtain…over an existing secure sockets layer (SSL) connection (…initiating an instance of a VM, whereas the SSL VPN service represents processing a SSL VPN server that interacts with the cloud server…see par. 35), obtain, from the client via the VPN, a data access request for secure data stored in the private cloud, wherein the data access request was pre-authenticated using credential data stored in the public cloud server (…the SSL VPN service receives a request for a SSL VPN connection to a VM…the request is received from a principal via a client device of the principal and the request is sent to establish a SSL VPN communication session between the principal and the VM…the SSL VPN service requests an identify service to authenticate the request on behalf of the principal by using secure token…see par. 37-40); and send, to the client via the VPN, the secure data (…the SSL VPN service connects the principal and the VM via the SSL VPN communication session when the principal is 


As per claims 22, 29, 36, the combination of Foxhoven and Burch discloses wherein prior to obtaining the VPN request, the processor is further programmed to: obtain, from the public cloud server, a secure sockets layer (SSL) request to establish a SSL connection with the public cloud server; authenticate the SSL request; and establish, after authenticating the SSL request, the SSL connection with the public cloud server (…the SSL VPN server is configured to interact with the identity server, the principle, and the cloud server for purposes of authenticating the principal and to establish the SSL VPN session…see par. 60). The motivation for claims 22, 29, 36 is the same motivation as in claims 21, 28, 35 above. 


As per claims 23, 30, 37, the combination of Foxhoven and Burch discloses wherein the SSL request comprises a SSL private cloud access credential associated with the public cloud server (Burch: see par. 66). The motivation for claims 23, 30, 37 is the same motivation as in claims 21, 28, 35 above. 


As per claims 24, 31, 38, the combination of Foxhoven and Burch discloses wherein authenticating the SSL request comprises: making a comparison between the SSL private cloud access credential and a public cloud server authentication credential; and making a determination, based on the comparison, that the SSL private cloud access credential is valid (Burch: see par. 95-98). The motivation for claims 24, 31, 38 is the same motivation as in claims 21, 28, 35 above. 


As per claims 25, 32, the combination of Foxhoven and Burch discloses wherein the SSL connection is established through a firewall (Foxhoven: see par. 3-4).


As per claims 26, 33, 39, the combination of Foxhoven and Burch discloses wherein the VPN request comprises a VPN private cloud access credential associated with the client (Burch: see par. 74-75). The motivation for claims 26, 33, 39 is the same motivation as in claims 21, 28, 35 above. 


As per claims 27, 34, 40, the combination of Foxhoven and Burch discloses wherein authenticating the VPN request comprises: making a comparison between the VPN private cloud access credential and a client authentication credential; and making a determination, based on the comparison, that the VPN private cloud access credential is valid (Burch: see par. 66-68, 89). The motivation for claims 27, 34, 40 is the same motivation as in claims 21, 28, 35 above. 




Conclusion

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure (see PTO-form 892).
The following Patents and Papers are cited to further show the state of the art at the time of Applicant’s invention with respect to facilitating access to the private cloud behind the firewall by a client.

Wood et al (Pat. No. US 8635671); “Systems and Methods for a Security Delegate Module to Select Appropriate Security Services for Web Applications”;
-Teaches the security delegate module that can configured to authenticate, authorize, the user…see col.3 lines 8-23.


Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 


Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on 5712724219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/GHAZAL B SHEHNI/Primary Examiner, Art Unit 2436