Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
DETAILED ACTION
This communication is in response to Application No. 16/235,763 filed on 28 December 2018. The response filed 15 March 2021 amends claim 5, cancels claims 8-20, and present arguments is hereby acknowledged. The supplemental response filed 2 April 2021 further amends claims 28 and 30-32, and presents arguments is hereby acknowledged. 	Claims 1-7 and 21-33 are presented for examination.
Response to Arguments
The response filed 15 March 2021 addresses the Drawing objections made on the 13 November 2020 Non-Final Rejection. Applicant arguments and amendments have been fully considered. Regarding the reference character “610” being used for address elements and PDPs, Applicant amended the specification to utilize reference character “611” for PDPs. Examiner finds these amendments persuasive. Regarding the 
The response filed 15 March 2021 addresses the Specification objections made on the 13 November 2020 Non-Final Rejection. Applicant arguments and amendments have been fully considered. Regarding the missing “A” and “B” from element 606 and element 612, Applicant amended the specification to recite “606A,” “612A,” and “612B.” This amendment is found persuasive. Therefore, all of the Specification objections are hereby withdrawn.
The response filed 15 March 2021 addresses the 35 U.S.C. 112 rejections made on the 13 November 2020 Non-Final Rejection. Applicant arguments and amendments have been fully considered. Applicant amended claim 5 to recite “a second computing device.” This amendment is found persuasive. Therefore, all of the 35 U.S.C. 112 rejections are hereby withdrawn.

Independent Claims 1, 21, and 28
On pages 10-14 of the response filed 15 March 2021, Applicant addresses the 35 U.S.C. 103 rejection made on the 13 November 2020 Non-Final Rejection. On pages 8-12 of the response filed 2 April 2021, Applicant addresses the 35 U.S.C. 103 rejection made on the 13 November 2020 Non-Final Rejection. Since the Applicant’s arguments are the same in both the 3/15/2021 and 4/2/2021 Response, Examiner will respond to the 4/2/2021 Applicant’s arguments.
On pages 8-10 of the 4/2/2021 Remarks, Applicant argues that Nguyen of the Alvarez/Gundamaraju/Nguyen system fails to teach or suggest “sending, based on the access control list entry, the first message to the source host device, wherein the first message causes the communication session to be established.” Applicant argues that Nugyen is directed to “disallowed” traffic. Further, Applicant argues that “a combination of Gundamaraju with Nguyen would result in sending a first message to a source host device based on an access control list entry, wherein the first message causes the communication session not to be established (e.g., because the traffic is disallowed).” 	Examiner respectfully disagrees and finds this argument unpersuasive. Paragraph 0039 of Nguyen discloses “the ACL may be either blacklisted where elements in the list are rejected, or white listed where elements in the list are accepted.” Thus, Nguyen is directed to disallowed and allowed traffic. One having ordinary skill in the art would utilize the established TCP connections and ACL authorizations of Nguyen with the established TCP connections of Gundamaraju for the purpose of configuring the system to incorporate ACL authorizations with particular types of traffic. Therefore, Examiner finds this argument unpersuasive. 
On pages 10-12 of the 4/2/2021 Remarks, Applicant argues that the combination of Gundamaraju and Nguyen is improper. Applicant argues that the Office Action’s combination seeks to modify a modifying reference, which is indicative of hindsight reconstruction and ex post facto reasoning. Further, Applicant argues that “the Office Action’s combination of Gundamaraju with Nguyen to reject a single limitation of claim 1 is demonstrative of improper piecemeal examination.” Even further, Applicant argues that the combination is improper because it uses the invention as a roadmap to find its In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986). Gundamaraju was relied upon to disclose a PEP device using SYN packets to establish a session. However, Gundamaraju fails to explicitly disclose that packets are authorized to be transmitted in the session. Nguyen, in a similar field of endeavor, discloses traffic authorization based on an access control list. One having ordinary skill in the art would combine the authorizations of Nguyen with the session in the Gundamaraju system in order to configure a Policy Enforcement Point, or PEP, with authorization authority. Therefore, Examiner finds this argument unpersuasive. 

Dependent Claims 2-7, 22-27, and 29-33
On pages 12 of the response filed 2 April 2021, Applicant addresses the 35 U.S.C. 103 rejection made on the 13 November 2020 Non-Final Rejection. Applicant submits that these claims are allowable at least as depending from an allowable independent claim, and further in view of the amendments to the independent claims, and the comments provided above.  	As per the comments above, Examiner found the arguments unpersuasive.



Claim Objections
Claim 1 is objected to because of the following informalities: 	Independent claim 1 recites “sending to the destination host device, a second associated with establishing the communication session.” The 10/6/2020 Claims recite “a second message associated with establishing the communication session.” However the 3/15/2021 Claims and the 4/2/2021 Claims omit the message amended into the claims. For examination purposes, Examiner will consider this to be a typographical error, and the claims are examined as “a second message.” 	Appropriate correction is required.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 5, 7, 21-23, 25-30, 32, and 33 are rejected under 35 U.S.C. 103 as being unpatentable over US PGPUB 2015/0249593 A1 to Alvarez et al, US PGPUB 2017/0272470 Al to Gundamaraju et al, and US PGPUB 2016/0205135 Al to Nguyen.
Regarding Claim 1, Alvarez discloses a method (FIG. 13B and 0093 provides for a policy enforcement point, or a PEP) comprising:  	based on a first message associated with establishing a communication session between a source host device and a destination host device (FIG. 13B, 0050, and 0089 provides for based on path computation request/first message 1322 associated with establishing a session between PCC1/source host device 1302 and PCC2/destination host device 1304), sending, to the destination host device, a second message associated with establishing the communication session (FIG. 13B and 0089 provides for PEP/PCE 1306 sending, to the PCC2/destination host device 1304, path reply 1328 associated with the session between PCC1 1302 and PCC2 1304);  	sending, to a first computing device, an access control request associated with the communication session (FIG. 13B, 0054, and 0090 provides for PEP/PCE 1306 sending, to a Policy Agent/first computing device 1316, policy decision request 1324 associated with the session between PCC1 1302 and PCC2 1304); and 	determining, based on an authorization message associated with the first computing device (FIG. 13B and 0090 provides for PEP/PCE 1306 determining, based on Policy Decision Reply 1326 associated with Policy Agent/first computing device 1316), an indication indicative of an authorization of the communication session (0090 provides for wherein Policy Decision Reply 1326 is a Boolean value that indicates whether a path may be initiated, i.e. authorization of a communication session).(FIG. 1, 0021, 0027 provides for PEP of workflow module 140 sends a synchronize/SYN packet to a HTTP server/host 130), wherein the first message causes the communication session to be established (FIG. 1, 0021, and 0027 provides for wherein the SYN packet causes a session to be established between UE/destination 102 and HTTP server/host 130). 	One of ordinary skill in the art before the effectively filed date of the claimed invention would have recognized the ability to utilize the teachings of Gundamaraju for implementing a TCP connection/session using synchronize (SYN) packets. The SYN packets of Gundamaraju, when implemented with the path computation element communication protocol of the Alvarez system, will allow one of ordinary skill in the art to configure a policy enforcement point to create a data session using SYN packet. One of ordinary skill in the art would be motivated to utilize the SYN packets of Gundamaraju with the path computation element communication protocol of the Alvarez system in order to implement policy decisions specific to a user or subscribers. Therefore, the examiner concludes it would have been obvious to one of ordinary skill in the art before the effective filing date of the application to utilize the SYN packets of Gundamaraju with the path computation element communication protocol of the Alvarez system for the desirable purpose of configuring a policy enforcement point to consider user information (0035 and 0039-0040 provides for an access control list is used to reject or accept, i.e. authorize, the traffic based); and  	wherein sending a first message is based on the access control list entry (0039-0040 provides for the filtering device accepting/sending, based on the ACL, traffic that was previously intercepted). 	One of ordinary skill in the art before the effectively filed date of the claimed invention would have recognized the ability to utilize the teachings of Nguyen for implementing a TCP connection/session by intercepting synchronize (SYN) packets. The intercepting device of Nguyen, when implemented with the path computation element communication protocol of the Alvarez/Gundamaraju system, will allow one of ordinary skill in the art to apply an ACL feature when a device is placed between a destination host and a source host. One of ordinary skill in the art would be motivated to utilize the intercepting device of Nguyen with the path computation element communication protocol of the Alvarez/Gundamaraju system in order to accept or reject traffic on behalf of a host. Therefore, the examiner concludes it would have been obvious to one of ordinary skill in the art before the effective filing date of the application to utilize the intercepting device of Nguyen with the path computation element communication protocol of the Alvarez/Gundamaraju system for the desirable purpose 
Regarding Claim 2, the Alvarez/Gundamaraju/Nguyen system discloses the method of claim 1, wherein the communication session comprises a transmission control protocol (TCP) session (Gundamaraju, 0007 and 0043 provides for TCP traffic), a domain name server (DNS) session, or a uniform datagram protocol (UDP) session. 	One of ordinary skill in the art before the effectively filed date of the claimed invention would have recognized the ability to utilize the teachings of Gundamaraju for implementing a TCP connection/session using synchronize (SYN) packets. The SYN packets of Gundamaraju, when implemented with the path computation element communication protocol of the Alvarez system, will allow one of ordinary skill in the art to configure a policy enforcement point to create a data session using SYN packet. One of ordinary skill in the art would be motivated to utilize the SYN packets of Gundamaraju with the path computation element communication protocol of the Alvarez system in order to implement policy decisions specific to a user or subscribers. Therefore, the examiner concludes it would have been obvious to one of ordinary skill in the art before the effective filing date of the application to utilize the SYN packets of Gundamaraju with the path computation element communication protocol of the Alvarez system for the desirable purpose of configuring a policy enforcement point to consider user information when configuring a session.
Regarding Claim 3, the Alvarez/Gundamaraju/Nguyen system discloses the method of claim 1, wherein the first computing device comprises a policy decision point (Gundamaraju, FIG. 1, 0021, and 0025 provides for wherein the workflow module 140 comprises a Policy Decision Point, or PDP), wherein the access control request comprises a first border gateway protocol flowspec message (Alvarez, 0088 provides for BGP flowspec rules), and wherein the authorization message comprises a second border gateway protocol flowspec message (Alvarez, 0088 provides for BGP flowspec rules). 	One of ordinary skill in the art before the effectively filed date of the claimed invention would have recognized the ability to utilize the teachings of Gundamaraju for implementing the Border Gateway Protocol (BGP) flow specification. The BGP flowspec of Gundamaraju, when implemented with the path computation element communication protocol of the Alvarez system, will allow one of ordinary skill in the art to configure a policy enforcement point to assign routes dependent on a user’s needs. One of ordinary skill in the art would be motivated to utilize the BGP flowspec of Gundamaraju with the path computation element communication protocol of the Alvarez system in order to implement policy decisions specific to a user or subscribers. Therefore, the examiner concludes it would have been obvious to one of ordinary skill in the art before the effective filing date of the application to utilize the BGP flowspec of Gundamaraju with the path computation element communication protocol of the Alvarez system for the desirable purpose of configuring a policy enforcement point to consider user information when configuring a session.
Regarding Claim 5, the Alvarez/Gundamaraju/Nguyen system discloses the method of claim 1, further comprising:  	determining, by a second computing device based on a border gateway protocol flowspec message associated with the first computing device (Alvarez, 0088 provides for BGP flowspec rules), that a synchronization-acknowledgement message associated with the source host device is legitimate (Gundamaraju, FIG. 1, 0021, and 0027 provides for determining, by a PEP, that a SYN/ACK packet associated with a HTTP server/source 130); and  	sending, by the second computing device, the synchronization-acknowledgement message to the destination host device (Gundamaraju, FIG. 1, 0021, and 0027 provides for sending, by the PEP, the SYN/ACK packet to UE/destination 102). 	One of ordinary skill in the art before the effectively filed date of the claimed invention would have recognized the ability to utilize the teachings of Gundamaraju for implementing the Border Gateway Protocol (BGP) flow specification. The BGP flowspec of Gundamaraju, when implemented with the path computation element communication protocol of the Alvarez system, will allow one of ordinary skill in the art to configure a policy enforcement point to assign routes dependent on a user’s needs. One of ordinary skill in the art would be motivated to utilize the BGP flowspec of Gundamaraju with the path computation element communication protocol of the Alvarez system in order to implement policy decisions specific to a user or subscribers. Therefore, the examiner concludes it would have been obvious to one of ordinary skill in the art before the effective filing date of the application to utilize the BGP flowspec of Gundamaraju with the path computation element communication protocol of the Alvarez system for the desirable purpose of configuring a policy enforcement point to consider user information when configuring a session.
Regarding Claim 7, the Alvarez/Gundamaraju/Nguyen system discloses the method of claim 1, wherein the first message comprises at least one of: (Gundamaraju, 0027 provides for a SYN packet);  		a message associated with a three-way handshake between the source host device and the destination host device; or  		a sequence number associated with the communication session; and  	wherein the second message comprises at least one of:  		a synchronization-response message (Gundamaraju, 0027 provides for a SYN/ACK packet);  		an acknowledgement message;  		a message associated with a three-way handshake between the source host device and the destination host device; or  		a sequence number associated with the communication session. 	One of ordinary skill in the art before the effectively filed date of the claimed invention would have recognized the ability to utilize the teachings of Gundamaraju for implementing a TCP connection/session using synchronize (SYN) packets. The SYN packets of Gundamaraju, when implemented with the path computation element communication protocol of the Alvarez system, will allow one of ordinary skill in the art to configure a policy enforcement point to create a data session using SYN packet. One of ordinary skill in the art would be motivated to utilize the SYN packets of Gundamaraju with the path computation element communication protocol of the Alvarez system in order to implement policy decisions specific to a user or subscribers. Therefore, the examiner concludes it would have been obvious to one of ordinary skill in the art before the effective filing date of the application to utilize the SYN packets of Gundamaraju with 
Regarding Claim 21, Alvarez discloses a method (FIG. 13B and 0093 provides for a policy enforcement point, i.e. a PEP, via the path computation element/PCE) comprising:  	receiving, from a source host device (FIG. 13B, PCC2/source host device 1304), a first message associated with establishing a communication session between the source host device and a destination host device (FIG. 13B, 0050, and 0089 provides for PEP/PCE receiving a path computation request/first message 1322 associated with establishing a session between PCC2/source host device 1304 and PCC1/destination host device 1302);  	sending, to a first computing device, an access control request associated with the communication session (FIG. 13B, 0054, and 0090 provides for PEP/PCE 1306 sending, to a Policy Agent/first computing device 1316, policy decision request 1324 associated with the session between PCC1 1302 and PCC2 1304);  	determining, based on an authorization message associated with the first computing device, that the destination host device is authorized to communicate with the source host device (FIG. 13B, 0050, and 0090 provides for PEP/PCE 1306 determining, based on Policy Decision Reply 1326 associated with Policy Agent/first computing device 1316, that PCC1/destination host device 1302 is authorized to communicate with PCC2/source host device 1304). 	Alvarez doesn’t explicitly disclose sending, based on the authorization message, (FIG. 1, 0021, 0027 provides for PEP of workflow module 140 sends a synchronize/SYN packet to a HTTP server/host 130), wherein a first message causes a communication session to be established (FIG. 1, 0021, and 0027 provides for wherein the SYN packet causes a session to be established between UE/destination 102 and HTTP server/host 130). 	One of ordinary skill in the art before the effectively filed date of the claimed invention would have recognized the ability to utilize the teachings of Gundamaraju for implementing a TCP connection/session using synchronize (SYN) packets. The SYN packets of Gundamaraju, when implemented with the path computation element communication protocol of the Alvarez system, will allow one of ordinary skill in the art to configure a policy enforcement point to create a data session using SYN packet. One of ordinary skill in the art would be motivated to utilize the SYN packets of Gundamaraju with the path computation element communication protocol of the Alvarez system in order to implement policy decisions specific to a user or subscribers. Therefore, the examiner concludes it would have been obvious to one of ordinary skill in the art before the effective filing date of the application to utilize the SYN packets of Gundamaraju with the path computation element communication protocol of the Alvarez system for the desirable purpose of configuring a policy enforcement point to consider user information when configuring a session. 	The Alvarez/Gundamaraju system doesn’t explicitly disclose wherein sending is (0039-0040 provides for the filtering device accepting/sending, based on the ACL, traffic that was previously intercepted). 	One of ordinary skill in the art before the effectively filed date of the claimed invention would have recognized the ability to utilize the teachings of Nguyen for implementing a TCP connection/session by intercepting synchronize (SYN) packets. The intercepting device of Nguyen, when implemented with the path computation element communication protocol of the Alvarez/Gundamaraju system, will allow one of ordinary skill in the art to apply an ACL feature when a device is placed between a destination host and a source host. One of ordinary skill in the art would be motivated to utilize the intercepting device of Nguyen with the path computation element communication protocol of the Alvarez/Gundamaraju system in order to accept or reject traffic on behalf of a host. Therefore, the examiner concludes it would have been obvious to one of ordinary skill in the art before the effective filing date of the application to utilize the intercepting device of Nguyen with the path computation element communication protocol of the Alvarez/Gundamaraju system for the desirable purpose of configuring a policy enforcement point to apply an ACL feature when intercepting traffic between a destination host and a source host.
Regarding Claim 22, similar rejection where the method of claim 2 teaches the method of claim 22.
Regarding Claim 23, the Alvarez/Gundamaraju/Nguyen system discloses the method of claim 21, wherein the first computing device comprises a policy decision (Gundamaraju, FIG. 1, 0021, and 0025 provides for wherein the workflow module 140 comprises a Policy Decision Point, or PDP). 	One of ordinary skill in the art before the effectively filed date of the claimed invention would have recognized the ability to utilize the teachings of Gundamaraju for implementing a TCP connection/session using synchronize (SYN) packets. The SYN packets of Gundamaraju, when implemented with the path computation element communication protocol of the Alvarez system, will allow one of ordinary skill in the art to configure a policy enforcement point to create a data session using SYN packet. One of ordinary skill in the art would be motivated to utilize the SYN packets of Gundamaraju with the path computation element communication protocol of the Alvarez system in order to implement policy decisions specific to a user or subscribers. Therefore, the examiner concludes it would have been obvious to one of ordinary skill in the art before the effective filing date of the application to utilize the SYN packets of Gundamaraju with the path computation element communication protocol of the Alvarez system for the desirable purpose of configuring a policy enforcement point to consider user information when configuring a session.
Regarding Claim 25, the Alvarez/Gundamaraju/Nguyen system discloses the method of claim 21, wherein determining that the destination host device is authorized to communicate with the source host device comprises:  	receiving, from the first computing device, the authorization message (Alvarez, FIG. 13B, 0054, and 0090 provides for PEP/PCE 1306 receives, from a Policy Agent/first computing device 1316, the Policy Decision Reply 1326), wherein the authorization message comprises a sequence number (Nguyen, claims 8 and 9 provides for wherein a specific sequence number is injected into network packets); and  	determining, based on the sequence number being associated with the communication session (Nguyen, claims 8, 9 and 20 provides for establishing or disconnecting network packets based on the injected sequence number), that the destination host device is authorized to communicate with the source host device (Alvarez, FIG. 13B, 0050, and 0090 provides for PEP/PCE 1306 determining, based on Policy Decision Reply 1326 associated with Policy Agent/first computing device 1316, that PCC1/destination host device 1302 is authorized to communicate with PCC2/source host device 1304)
Regarding Claim 26, the Alvarez/Gundamaraju/Nguyen system discloses the method of claim 21, wherein determining that the destination host device is authorized to communicate with the source host device comprises:  	sending, to a policy enforcement point, the authorization message (Alvarez, FIG. 13B, 0054, and 0090 provides for Policy Agent/first computing device 1316 sending, to PEP/PCE 1306, Policy Decision Reply 1326), wherein the policy enforcement point determines, based on the authorization message (Alvarez, FIG. 13B, 0050, and 0090 provides for PEP/PCE 1306 determining, based on Policy Decision Reply 1326, that PCC1/destination host device 1302 is authorized to communicate with PCC2/source host device 1304), an access control list entry indicative of an authorization of the communication session (Nguyen, 0035 and 0039-0040 provides for an access control list indicates whether/authorization to accept/reject traffic/session),  	receiving, from the policy enforcement point based on the access control list entry (Nguyen, 0035 and 0039-0040 provides for an access control list indicates whether/authorization to accept/reject traffic/session), an indication that the communication session is authorized (Alvarez, FIG. 13B, 0050, and 0090 provides for receiving, from PEP/PCE 1306, Policy Decision Reply 1326 that PCC1/destination host device 1302 is authorized to communicate with PCC2/source host device 1304); and  	determining, based on the indication that the communication session is authorized, that the destination host device is authorized to communicate with the source host device (Alvarez, FIG. 13B, 0050, and 0090 provides for PEP/PCE 1306 determining, based on Policy Decision Reply 1326, that PCC1/destination host device 1302 is authorized to communicate with PCC2/source host device 1304).
Regarding Claim 27, similar rejection where the method of claim 7 teaches the method of claim 27.
Regarding Claim 28, similar rejection where the method of claim 21 teaches the system of claim 28.
Regarding Claim 29, similar rejection where the method of claim 2 teaches the system of claim 29.
Regarding Claim 30, the Alvarez/Gundamaraju/Nguyen system discloses the system of claim 28, wherein the policy enforcement device comprises a policy enforcement point (Alvarez, FIG. 13B and 0093 provides for a policy enforcement point, i.e. a PEP), and wherein the policy decision device comprises a policy decision point (Gundamaraju, FIG. 1, 0021, and 0025 provides for wherein the workflow module 140 comprises a Policy Decision Point, or PDP). 	One of ordinary skill in the art before the effectively filed date of the claimed invention would have recognized the ability to utilize the teachings of Gundamaraju for implementing a TCP connection/session using synchronize (SYN) packets. The SYN packets of Gundamaraju, when implemented with the path computation element communication protocol of the Alvarez system, will allow one of ordinary skill in the art to configure a policy enforcement point to create a data session using SYN packet. One of ordinary skill in the art would be motivated to utilize the SYN packets of Gundamaraju with the path computation element communication protocol of the Alvarez system in order to implement policy decisions specific to a user or subscribers. Therefore, the examiner concludes it would have been obvious to one of ordinary skill in the art before the effective filing date of the application to utilize the SYN packets of Gundamaraju with the path computation element communication protocol of the Alvarez system for the desirable purpose of configuring a policy enforcement point to consider user information when configuring a session.
Regarding Claim 32, similar rejection where the method of claim 25 teaches the system of claim 32.
Regarding Claim 33, similar rejection where the method of claim 7 teaches the system of claim 33.

Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over the Alvarez/Gundamaraju/Nguyen system as applied to claim 1 above, and further in view of US PGPUB 2019/0258811 A1 to Ferraiolo et al.
Regarding Claim 4, the Alvarez/Gundamaraju/Nguyen system discloses the method of claim 1, further comprising: 	sending, based on a connection termination message, a removal message to the first computing device (Nguyen, FIG. 8 and 0049 provides for TCP Watcher 802 sending, based on a close function (FIN) status, an ACK/FIN signal to the server). 	One of ordinary skill in the art before the effectively filed date of the claimed invention would have recognized the ability to utilize the teachings of Nguyen for implementing a TCP connection/session by injecting sequence numbers into packets. The sequence number injection of Nguyen, when implemented with the path computation element communication protocol of the Alvarez/Gundamaraju system, will allow one of ordinary skill in the art to apply unique identifications in a session. One of ordinary skill in the art would be motivated to utilize the sequence number injection of Nguyen with the path computation element communication protocol of the Alvarez/Gundamaraju system in order to accept or reject traffic on behalf of a host. Therefore, the examiner concludes it would have been obvious to one of ordinary skill in the art before the effective filing date of the application to utilize the sequence number injection of Nguyen with the path computation element communication protocol of the Alvarez/Gundamaraju system for the desirable purpose of configuring a session based on the sequence number injected into traffic. 	The Alvarez/Gundamaraju/Nguyen system doesn’t explicitly disclose removing, (0111 and 0126 provides for deleting/removing, from an access control list, based on a policy analytics engine re-computations, an ACL entry). 	One of ordinary skill in the art before the effectively filed date of the claimed invention would have recognized the ability to utilize the teachings of Ferraiolo for updating entries in access control lists (ACLs). The updated ACL entries of Ferraiolo, when implemented with the path computation element communication protocol of the Alvarez/Gundamaraju/Nguyen system, will allow one of ordinary skill in the art to configure a policy enforcement point to update an ACL. One of ordinary skill in the art would be motivated to utilize the updated ACL entries of Ferraiolo with the path computation element communication protocol of the Alvarez/Gundamaraju/Nguyen system in order to implement policy decisions specific to the ACL. Therefore, the examiner concludes it would have been obvious to one of ordinary skill in the art before the effective filing date of the application to utilize the updated ACL entries of Ferraiolo with the path computation element communication protocol of the Alvarez/Gundamaraju/Nguyen system for the desirable purpose of configuring a policy enforcement point to update ACL information and applying the information to current or future sessions.

Claim 6 are rejected under 35 U.S.C. 103 as being unpatentable over the Alvarez/Gundamaraju/Nguyen system as applied to claim 5 above, and further in view of US Patent 8,352,998 B1 to Kougiouris et al.
Regarding Claim 6, the Alvarez/Gundamaraju/Nguyen system discloses the method of claim 5, wherein the second computing device comprises a policy enforcement point (Alvarez, 0093 provides for a PEP). 	Although Alvarez discloses path computation element communication protocol (PCEP) Update messages, the Alvarez/Gundamaraju/Nguyen system doesn’t explicitly disclose wherein the method further comprises: receiving, by the second computing device, an update message from the first computing device, wherein the update message is indicative of a termination of the communication session. 	Kougiouris, in a similar field of endeavor, discloses receiving, by a second computing device (FIG. 1 and col. 6 lines 46-61 provides for network device/second computing device as a policy enforcement point), an update message from a first computing device (FIG. 1, col. 6 lines 4-19, col. 6 lines 46-61, and col. 21 line 49 – col. 22 line 3 provides for receiving, by Network Device 140, updated enforcement instructions from a server/first computing device 130), wherein the update message is indicative of a termination of the communication session (col. 21 line 49 – col. 22 line 3 provides for wherein the updated enforcement instructions may terminate a connection). 	One of ordinary skill in the art before the effectively filed date of the claimed invention would have recognized the ability to utilize the teachings of Kougiouris for terminating a connection between a client and a destination. The termination instructions of Kougiouris, when implemented with the path computation element .

Claims 24 and 31 are rejected under 35 U.S.C. 103 as being unpatentable over the Alvarez/Gundamaraju/Nguyen system as applied to claims 21 and 28 above, and further in view of US PGPUB 2015/0341444 A1 to Pardo-Blazquez et al.
Regarding Claim 24, the Alvarez/Gundamaraju/Nguyen system discloses the method of claim 21, wherein determining that the destination host device is authorized to communicate with the source host device comprises:  	receiving, from the first computing device, the authorization message (Alvarez, FIG. 13B, 0054, and 0090 provides for PEP/PCE 1306 receives, from a Policy Agent/first computing device 1316, the Policy Decision Reply 1326); and  	determining, based on the authorization message being associated with the communication session, that the destination host device is authorized to communicate (Alvarez, FIG. 13B, 0050, and 0090 provides for PEP/PCE 1306 determining, based on Policy Decision Reply 1326 associated with Policy Agent/first computing device 1316, that PCC1/destination host device 1302 is authorized to communicate with PCC2/source host device 1304).  	The Alvarez/Gundamaraju/Nguyen system doesn’t explicitly disclose wherein the authorization message comprises a hash value; and determining based on the authorization message.  	Pardo-Blazquez, in a similar field of endeavor, discloses wherein an authorization message comprises a hash value (0003, 0065, and claim 8 provides for wherein an authorization message/token is a hash); and  	determining based on the authorization message (0003 and 0065 provides for the AG/PEP determines based on the authorization message/token). 	One of ordinary skill in the art before the effectively filed date of the claimed invention would have recognized the ability to utilize the teachings of Pardo-Blazquez for utilizing a hash to identify a subscriber and an Internet Protocol (IP) session. The hashed token of Pardo-Blazquez, when implemented with the path computation element communication protocol of the Alvarez/Gundamaraju/Nguyen system, will allow one of ordinary skill in the art to configure a policy decision point to communicate access decisions to a policy enforcement point. One of ordinary skill in the art would be motivated to utilize the hashed token of Pardo-Blazquez with the path computation element communication protocol of the Alvarez/Gundamaraju/Nguyen system in order to implement policy decisions specific to both a subscriber and a session. Therefore, the examiner concludes it would have been obvious to one of ordinary skill in the art before 
Regarding Claim 31, similar rejection where the method of claim 24 teaches the system of claim 31.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
US PGPUB 2007/0094712 A1 to Gibbs et al discloses a policy enforcement point, or PEP, that uses access control lists.
US PGPUB 2012/0005718 A1 to Xiao et al discloses a policy enforcement point with authorization.
US PGPUB 2014/0372591 A1 to Payette et al discloses policy actions for permitting or denying a media session.
US PGPUB 2016/0314296 A1 to Attfield et al discloses a PEP that authorizes or denies access to an asset.
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SCHQUITA GOODWIN whose telephone number is (571)272-5477.  The examiner can normally be reached on M-F 9am - 5pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Tonia Dollinger can be reached on (571) 272-4170.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access 

/S.D.G/Examiner, Art Unit 2459                                                                                                                                                                                                        


/Backhean Tiv/Primary Examiner, Art Unit 2459