Notice of Pre-AIA  or AIA  Status
	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
	Claims 1-21 are pending.
Information Disclosure Statement PTO-1449 
 	The Information Disclosure Statement submitted by applicant on 11-05-2019 and 03-09-2020 have been considered. Please see attached PTO-1449. 
Objections
	Claims 1 and 12 are objected to for the following informalities:
	Claims 1 and 12,  in line 3, recite the limitation of  “so as so allow bidirectional communication”. It is assumed --to allow bidirectional communication-- was intended. Appropriate correction is required.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

s 1 and 12 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claims 1 and 12  in lines 11-12 recite the limitation of  receive “an indication of  a security threat to “at least one of the packet data networks”. In the limitation, the word networks is plural. There is insufficient antecedent basis for this limitation in the claim. It is not clear as which or what networks “the packet data networks” is refereeing back to. For the propose of the examination, it is considered the “the packet data networks” is referring to the combination of “protected packet data network” and “external packet data network”, and “at least one of” referring to at least one of “protected packet data network” and “external packet data network”.
Claim Rejections - 35 USC § 103
		The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

	Claims 1, 2, 5, 9, 12, 13, 15 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Ishigaki et al. (US Publication No. 2017/0054687) in view of Lee et al. (US Patent No.9,608,973).
	As per claim 1 and 12, Ishigaki teaches a secure network system (paragraph [0075] and figure 2, “security system),  comprising: 	a two-way bridge connecting a protected packet data network with an external packet data network so as so allow bidirectional communication between the protected and external packet data networks (paragraph [0076] and figure 2, duplex communication line connecting internal network to be protected with external network); a one-way link unidirectionally connecting the protected packet data network to the external packet data network  (paragraph [0076] and figure 2, simplex communication line 42, connecting internal network to be protected with externa network) and physically configured to carry signals in one direction from the protected packet data network to the simplex communication line…to enable one-way communication” and paragraph [0123], “simplex communication line 42 is formed by connecting physical ports”); and to deactivate the two-way bridge and activate the one-way link (paragraph [0048], “enable one-way communication” (paragraph [0049], “sending the outbound data to the first gateway device through the simplex communication line and not through the duplex communication line”. It is noted that the outbound data is sent through simplex line not through the duplex communication line, thus, the simplex communication line is considered as activated and duplex communication line is considered to be deactivated) so as to prevent the protected packet data network from receiving packets from the external packet data network while allowing forwarding of packets from the protected packet data network to the external packet data network (paragraph [0020], “block improper access from the external network to internal network…,thereby to protect the internal network” and paragraph [0104], “outbound data is sent through the simplex communication line 42 not through the duplex communication line 4”).
	While Ishigaki discloses to deactivate the two-way bridge and activate the one-way link, Ishigaki does not explicitly teach a security server configured to receive an indication of a security threat to at least one of the packet data networks; and in response to the indication, to deactivate the two-way bridge and activate the one-way link. However, in an analogous art, Lee discloses a center server receives information (indication) of malicious access (security threat) and transmits a ‘block relay’ command to the first relay and ‘start relay’ command to the second relay and activates the second relay to perform relay function (column 2, lines 34-38). 
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Ishigaki and Lee, in order to prevent hacker from accessing information by deactivating infected relay from relaying data.
	While Lee discloses activating the second relay and deactivating the first relay in response to received security threat indication, Lee does not call the first relay as two-way bridge and the second relay as one-way link. However, one of ordinary skill in the art recognizes that the function of deactivating and activating of a device (i.e., bridge or the link) does not depend on the device being bidirectional or unidirectional and deactivating and activating of devices could be performed the same regardless of the type of the device. Therefore, such feature would have been obvious and predictable to one of ordinary skill in the art before the effective filing date of the claimed invention. 
	As per claim 2 and 13, Ishigaki further discloses, wherein the one-way link comprises a hardware-enforced unidirectional channel (paragraph [0123], “the one-way communication by simplex communication line 42 is formed by connecting physical ports”, paragraph [0005], data diode, the data is allowed to flow only one-way).
	As per claim 5 and 15, Ishigaki furthermore teaches a network device disposed in the protected packet data network, and configured to: receive data packets from a first host disposed in the protected packet data network for forwarding to a second host disposed in the external packet data network, (paragraph [0077], “an accessory station (ACS) 64 as a terminal having  a role of collecting data…as an interface to the outside”); and send [mirror] the received packets towards the one-way link (paragraph [0084], operating data for the plant from the inside of the control network 6 sent to the simplex communication line 42) and the Lee furthermore teaches mirror the received packets towards the one-way and  two-way bridge (Lee, column 4, lines 6-9,  the relay 121 and 122 receive and store mirror data). The motivation to combine is similar to the motivation provided in claim 1.
	As per claim 9 and 19, Ishigaki furthermore teaches, wherein the security server is configured to issue a command in response to receiving the indication of the security 10threat, the system further comprising a network device disposed in the protected packet data network, and configured to: receive data packets from a first host disposed in the protected packet data network for forwarding to a second host disposed in the external packet data network (paragraph [0077], “an accessory station (ACS) 64 as a terminal having  a role of collecting data…as an interface to the outside”). Lee teaches forward the received packets towards the two-way bridge while the two-way bridge is active (column 5, lines 19-22, the second relay server after receiving start relay command perform relaying between in-house computer network and external client 200) ; and forward the received 15packets towards the one-way link responsively to receiving the issued command from the security server (column 5, lines 51-55, after receiving start relay command the other relay server perform relay function). The motivation to combine is similar to the motivation provided in claim 1.
	Claims 10, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Ishigaki et al. (US Publication No. 2017/0054687) in view of Lee et al. (US Patent No.9,608,973), further in view of Raleigh et al. (US Publication No. 2012/0215911).
	As per claim 10 and 20, Ishigaki in view of Lee teaches all limitations of claim as applied to claim 1 and 12 above. Ishigaki furthermore teaches, wherein the one-way link includes a transmit-end and a receive-end, the one-way link including a proxy at both the transmit-end and the receive-end (paragraph [0048], figures 1 and 2,  simplex communication line for connecting the first gateway device and the second gateway device, the first gateway device connected to the internal network and the second gateway device connected to external network), and adopting Internet Protocol (IP) addresses of the hosts so as to allow the hosts in the protected and external packet networks to use the IP addresses in network communications over the one-way-link (paragraph [0021],[0107], acquire the destination IP address of the receiving-side and the device on the internal network) .  
	Ishigaki in view of Lee does not explicitly teach but in an analogous art Raleigh (US 2012/0215911) teaches emulating hosts in the protected and external packet network (paragraph [0264], proxy serve emulating a remote  host on one side and emulating the device on the other side of network/external packet network). 
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Ishigaki and Lee with Raleigh in order to analyzing the activities of the internal and external hosts.
Allowable Subject Matter
Claims 3, 4, 6-8, 11, 14, 16-18 and 21 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims an overcome the objections and rejection of claims under 35 U.S.C. §112 (b).
The reason for allowance will be furnished upon allowance of the application.
References Cited, Not Used

	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 	Kim, US Publication No. 2019/0014081, discloses, an apparatus for supporting data communication between separate networks, which includes an internal network connection module for sending data, received from an internal network, to an intermediate connection module through one-way communication and sending data, received from the intermediate connection module through first one-way communication under the control of an internal network bypass switch, to the internal network; an external network connection module for sending data, received from the intermediate connection module through one-way communication, to an external network and sending data, received from the external network, to the intermediate connection module through second one-way communication under the control of an external network bypass switch. 
	Zilberstein, US Publication No. 2009/0002150, discloses, a method for monitoring a process includes receiving a signal from a sensor that is indicative of a physical attribute associated with the process and transmitting data indicative of the received signal over a one-way link. The transmitted data received from the one way link are used in monitoring the process.
Conclusion
	     Any inquiry concerning this communication or earlier communications from the examiner should be directed to Ali Abyaneh whose telephone number is (571) 272-7961. The examiner can normally be reached on Monday-Friday from (8:00-5:00). If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on (571) 272-4063. The fax phone numbers for the organization where this application or proceeding is assigned as (571) 273-8300 Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).
/ALI S ABYANEH/Primary Examiner, Art Unit 2437