DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This office action is in response to a Pre-Brief appeal conference decision filed on 11/20/2020. Claims 1, 3-12 have been examined.  Claims 2, 13-18 are cancelled. 

Response to Arguments
Applicant’s arguments with respect to claim 1 has been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.


Examiner note:
For claim 1, the examiner recommends writing the limitations of claim 1 as a positively recited limitations. 
A process claim defines "actions", i.e., an invention that is claimed as an act or step, or a series of acts or steps – See MPEP 2106.03
The process claim in an application or patent has three (3) part: 
Preamble which provide context for the claim invention
Transitional Phrase which establishes whether the claim is “open”, “closed” or “partially open” 
Claim body which recites the limitation (active acts/steps in clear , full concise terms) 

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):

(b)  CONCLUSION.—the specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1,3-12 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.


Claim 1 recites “where a set of policies is validated separately for each network element….. the validation is done based on a policy base comprising a number of policies… and the validation is performed ….” It is unclear if these limitations are done within the method claim. The limitations “validated”, “done” or “performed” could be completed outside of the method claim. Therefore, the examiner is unable to determine the metes and bounds of the claim language. The examiner suggests amending the claim to make the limitation to be positively recited such as “validating based…” and “performing validation ….”

the policy set” There is insufficient antecedent basis for this limitation in the claim. It is unclear if the policy set refers to a set of policies. Therefore, the examiner is unable to define the metes and bounds of the claim language. The examiner suggest amending the claim to recite “the set is relevant”.

Claim 3 recites the limitation "the consistency of the policies” There is insufficient antecedent basis for this limitation in the claim.

Claim 3 recites the limitation “consistency of the policies” It is unclear what “the policies is referring to because claim 1 recites “implementing policies” and “set of policies” .Therefore, the examiner is unable to determine the metes and bounds of the claim language. 

Claim 4 recites the limitation "the consistency of the policies” There is insufficient antecedent basis for this limitation in the claim.

Claim 4 recites the limitation “consistency of the policies” It is unclear what “the policies is referring to because claim 1 recites “implementing policies” and “set of policies” .Therefore, the examiner is unable to determine the metes and bounds of the claim language. 

Claim 12 recites the limitation "the last addition …” There is insufficient antecedent basis for this limitation in the claim.



Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 3, 4 are rejected under 35 U.S.C. 103 as being unpatentable over Paliwal et al. Publication No. US 2006/0253402 A1 (Paliwal hereinafter) in view of Chandramohan et al. Patent No. US 8,996,917 B1 (Chandramohan hereinafter) 

Regarding claim 1,

Paliwal teaches a method for implementing policies in a mobile network with at least one operations and support system and a number of network elements connected thereto (¶0060, ¶0035, ¶0049; ¶0051 – Shows implement different type of rules within a rule set in a mobile network using wireless link with at least one operations and support system and number of applications such as application server and database server). 
wherein a set of policies is validated separately for each network element for which the policy set is relevant (Fig.1, ¶ 0035, The first data identifies first 
the validation is done based on a policy base comprising a number of policies of the network element [...] (¶ 0053 - At block 308, at least one of the validation checks in the particular subset of validation checks is performed to validate that the applications' requirements are met by the system. For example, validation engine 110 executes appropriate validation check code 108FIG. 1), in conjunction with input from application requirements 112 (FIG. 1) and system properties 114 – ¶ 0016 -a validation check system is described in which a validation engine takes several inputs that "drive" the validation checking that is performed in conjunction with an operation associated with an application. These inputs include validation check identifiers that identify checks of the system that need to be performed, associated code that embodies the validation checks, and "knowledge sources" from which the validation engine obtains the application requirements and the system properties that need to be compared in order to validate that the system properties meet the application's requirements – Fig.1 – ¶ 0019 – validation check identifiers include rule set include number of rules  of a given  application )
and the validation is performed using a validation code from the operations and support system, the validation code comprising an executable program to perform validation (¶ 0038 - validation engine 110 reads the validation check identifiers 104 for each of the application server and database server, identifies validation checks for each server, and uses the corresponding mappings 106 (FIG. 1) to identify corresponding validation check code 108 (FIG. 1) – ¶ 0039 - . at least one of the validation checks, from the first and second validation checks, is performed to validate that the applications' requirements are met by the system. For example, validation engine 110 executes appropriate validation check code 108, in conjunction with input from application requirements 112 (FIG. 1) and system properties 114 (i.e., relevant knowledge sources) - See ¶ 0024 -Validation check code 108 is the executable code which, when executed by one or more processors, performs the validation checks that check whether or not the system environment properties meet the application's system requirements. Each validation check code 108 may, in implementations, contain respective programming code (i.e., one or more sequences of instructions) for each 
However, Paliwal does not explicitly teach 
validation is done based on a system state of the network element.

Chandramohan teaches 
 
validation is done based on a system state of the network element (Col 25, lines 1-10 - determining a state value for one or more network nodes (step 1104), and receiving routing policies including data forwarding rules for the nodes (step 1106). Process 1100 further includes determining whether the routing policies are consistent with one another (step 1108) and determining whether the routing policies are consistent with a state value for a node (step 1110)).

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Paliwal to include the teachings of Chandramohan.  The motivation for doing so is to allow system to validate/invalidate policies based on state of the node by checking problems such as inconsistency, inefficiencies or any other undesired quality associated with the network (Chandramohan - Col.14, lines 1-5). 
Regarding claim 3,
Paliwal does not explicitly teach 

wherein in a first step, the consistency of the policies of the policy base is checked without system variables, and in a second step, the consistency of the policies is checked with respect to a current system state.  

However, Chandramohan teaches 

 in a first step, the consistency of the policies of the policy base is checked without system variables, and in a second step, the consistency of the policies is checked with respect to a current system state (Col 25, lines 1-10 - determining a state value for one or more network nodes (step 1104), and receiving routing policies including data forwarding rules for the nodes (step 1106). Process 1100 further includes determining whether the routing policies are consistent with one another (step 1108) and determining whether the routing policies are consistent with a state value for a node (step 1110)).

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Paliwal to include the teachings of Chandramohan.  The motivation for doing so is to allow system to validate/invalidate policies based on state of the node by checking problems such as inconsistency, inefficiencies or any other undesired quality associated with the network (Chandramohan - Col.14, lines 1-5). 

Regarding claim 4,
Paliwal does not explicitly teach

wherein in a third step, the consistency of the policies is checked with respect to potential system states.

However, Chandramohan teaches 

in a third step, the consistency of the policies is checked with respect to potential system states (Col.25, lines 15-50 -. emulator 102 determines state values for one or more nodes in the network. One set of node states 106 corresponds to an error scenario, for which validation testing is desirable. At step 1106, emulator 102 receives routing policies 108. Routing policies 108 include a set of data forwarding rules for nodes 111 to forward data packets. In particular, routing 30 policies 108 may be received from central controller 104, which configures the routing policies 108 based on the set of determined node state values at step 1104 - emulator 102 determines whether the routing policies are  At steps 1108 and/or 1110, emulator 102 may perform any combination of local and global protocol validation tests to verify that the functionality of network 110 is operational for a set of routing policies 108).
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Paliwal to include the teachings of Chandramohan.  The motivation for doing so is to allow system to validate/invalidate policies based on state of the node by checking problems such as inconsistency, inefficiencies or any other undesired quality associated with the network (Chandramohan - Col.14, lines 1-5). 

Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Paliwal in view of Chandramohan further in view of Attfield et al.  Patent No. US 10,169,571 B1 (Attfield hereinafter) 

Regarding claim 5,
Paliwal does not explicitly teach wherein the policies are interpreted as Horn clauses. However, Attfield teaches 
policies are interpreted as Horn clauses (Col.5, lines 60-65 - the POL compiler issues a description of all entities in a policy set as a logic program (e.g., Horn clauses), for which a set of predicates ( e.g., written in Pro log) can be used to check that 65 desirable properties are maintained for all policies within the PDP).   
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Paliwal to include the teachings of Attfield.  The motivation for doing so is to allow system to utilize Horn . 
Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over Paliwal in view of Chandramohan further in view of Lumpp et al.  Publication No. US 2004/0039718 A1 (Lumpp hereinafter). 
Regarding claim 6,
Paliwal does not explicitly teach

wherein the network element validates the policy set without data exchange with the operations and support system.

Lumpp teaches 

network element validates the policy set without data exchange with the operations and support system (¶ 0067 - shows that device 100 validate the set of rules without data exchange with the expert system).

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Paliwal to include the teachings of Lumpp.  The motivation for doing so is to allow system to perform the validation locally in order to save bandwidth.

Claims 7, 8 are rejected under 35 U.S.C. 103 as being unpatentable over Paliwal in view of Chandramohan further in view of Duri et al. Publication No. US 2004/0054919 A1 (Duri hereinafter) 

Regarding claim 7,
Paliwal does not explicitly teach 

wherein the operations and support system sends the validation code to the network element, and the network element validates the policy set by means of the received validation code on request of the operations and support system.  

Duri teaches 
operations and support system sends the validation code to the network element, and the network element validates the policy set by means of the received validation code on request of the operations and support system (¶ 009, ¶ 0011 -means for providing the user with a privacy policy of the data repository, and for providing a mechanism for validating the privacy policy of the data repository, and means for collecting user data from the user, wherein the user data comprises a description of validity tokens authorizing a third party access to a subset of the user data from the data repository; means for checking that a privacy policy of the third party is compatible with the privacy policy of the user; and means for digitally encoding the subset of data to be transmitted to the third party – See ¶ 0050).  

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Paliwal to include the teachings of Duri.  The motivation for doing so is to allow system to enforce policy in a secure environment with no possible violation (Duri – ¶ 0008). 

Regarding claim 8,
Paliwal does not explicitly teach
wherein the network element requests the validation code from the operations and support system, and validates the policy set by means of the received validation code 

Duri teaches 
wherein the network element requests the validation code from the operations and support system, and validates the policy set by means of the received validation code (Abstract - A method is include for securely guaranteeing a privacy policy between two enterprises, comprising: creating a message at a first enterprise, wherein the message includes a request for data concerning a third party and a privacy policy of the first enterprise; signing and certifying the message that the first enterprise has a tamper-proof system with a privacy rules engine and that the privacy policy of the first entity will be enforced by the privacy rules engine of the first enterprise; sending the message to a second enterprise; and running a privacy rules engine at the second enterprise to compare the privacy policy of the first enterprise with a set of privacy rules for the third party).

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Paliwal to include the teachings of Duri.  The motivation for doing so is to allow system to enforce policy in a secure environment with no possible violation (Duri – ¶ 0008). 

Claims 9, 10 are rejected under 35 U.S.C. 103 as being unpatentable over Paliwal in view of Chandramohan further in view of Oberheide et al. Publication No. US 2013/0091544 A1 (Oberheide hereinafter) 

Regarding claim 9,
Paliwal in view of Chandramohan does not explicitly teach
wherein the operations and support system requests the policy base and the system state from the network element, and validates the policy set by means of the received policy base and the received system state
Oberheide teaches 

operations and support system requests the policy base and the system state from the network element, and validates the policy set by means of the received policy base and the received system state (¶ 0010 - A policy engine 110 of a preferred embodiment functions to regulate authentication attempts 
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Paliwal in view of Chandramohan to include the teachings of Oberheide.  The motivation for doing so is to allow administrator to define and enforce policies by collecting and evaluating information about the state and any perceived weaknesses or other attributes that may have impact on the security of the device or its authentication functionality (¶ 0008 – Oberheide).

Regarding claim 10,
Paliwal in view of Chandramohan does not explicitly teach
wherein the network element uploads its policy base and system state to the operations and support system, and wherein the operations and support system validates the policy set on request of the network element.

Oberheide teaches 

wherein the network element uploads its policy base and system state to the operations and support system, and wherein the operations and support system validates the policy set on request of the network element (¶ 0010 - A policy engine 110 of a preferred embodiment functions to regulate authentication attempts according to relevant policies. The policy engine 110 is tasked with evaluating an authentication request in the context of a defined policy and determining whether or not the computing device is suitable for use as an authenticator based on the result of that evaluation – ¶ 008 - system and method preferably allow an administrator to define and enforce policies to determine when a user is permitted or  denied use of their mobile device as an authenticator by collecting and evaluating information about the software state of the mobile device and any perceived weaknesses or other attributes of the device, platform, or applications that may have a relevant impact on the security of the device or its authentication functionality. Such policies may be based on the software state of the mobile device and any perceived weaknesses or other information and attributes of the device, platform, or applications that may compromise its integrity as a strong authentication mechanism – Fig.2 ;¶113 - defining at least one device authentication policy at a policy engine Sll0, at a policy engine initializing authentication policy processing for an authenticator device S120, collecting a device status assessment S130, evaluating policy compliance of the device status assessment to an associated device authentication policy S140, and enforcing use of the authenticator device according to the policy compliance S150). 

It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Paliwal in view of Chandramohan to include the teachings of Oberheide.  The motivation for doing so is to allow administrator to define and enforce policies by collecting and evaluating information about the state and any perceived weaknesses or other attributes that may have impact on the security of the device or its authentication functionality (¶ 0008 – Oberheide).

Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over Paliwal in view of Chandramohan further in view of Liu et al. Publication No. US 2009/0327172 (Liu hereinafter) 

Regarding claim 11,
 wherein a policy set is automatically augmented by means of machine learning. 
However, Liu teaches
a policy set is automatically augmented by means of machine learning (¶ 0052 - the machine learning selector 114, at step 408, queries an existing policy base to determine if there is a match between the ( context 234, problem 230) pair and one or more policies). 
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Paliwal to include the teachings of Liu.  The motivation for doing so is to allow the system to enable a policy directed learning strategy selection and supports policy derivation for dynamic learning control, adding further precision to the manifested policy governed control mechanism (¶ 0009 – Liu).
Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over Paliwal in view of Chandramohan further in view of Ahlstrom et al. Patent No. US 6,327,618 B1 (Ahlstrom hereinafter) 

Regarding claim 12,
Paliwal in view of Chandramohan teaches wherein on identifying an inconsistent policy set (Chandramohan - Col.2, lines 10-20, Col.3, lines 8-15).
However, Paliwal in view of Chandramohan does not explicitly teach 
the last addition to the policy base is removed, and in a further step, the policy base is revalidated.


last addition to the policy base is removed, and in a further step, the policy base is revalidated (Col.10, lines 10-40 - If a policy conflict is found, then as shown by block 208, the policy verifier carries out resolution of the policy conflict. Block 208 may be executed iteratively for each policy conflict that is found in the test of block 206, so that all possible combinations of policies are tested for potential conflict. Block208 may involve, for example, correcting the policy conflict or "error", as shown by block 210, or specifying a precedence of the conflicting policies, as shown by block 212. For example, block 210 may involve displaying the conflicting policies to a user and prompting a user to correct one or both policies so that they do not conflict. Correction of an error that causes a policy conflict may involve adding a relation to one policy, deleting a relation from another policy, or modifying one or both policies so that their conditions are logically consistent – Col.4, lines 10-20 - the step of resolving comprises the steps of displaying information that describes the conflict; and receiving modification information that modifies the first policy or the second policy so as to eliminate the conflict). 
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Paliwal in view of Chandramohan to include the teachings of Ahlstrom.  The motivation for doing so is to allow the system to eliminate policy conflicts (Col.4, lines 10-20 – Ahlstrom).


Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to YOUNES NAJI whose telephone number is (571)272-2659.  The examiner can normally be reached on Monday - Friday 8:30 AM -5:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Oscar A Louie can be reached on (571) 270-1684.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/YOUNES NAJI/Primary Examiner, Art Unit 2445