DETAILED ACTION

1. 	This Office Action is in response to an application filed on Aug. 01, 2019. The original filing includes claims 1-19. Therefore, Claims 1-19 are presented for examination. Now claims 1-19 are pending.

Notice of Pre-AIA  or AIA  Status
2.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Drawings
3. 	The drawing filed on Aug. 01, 2019 are accepted.

Oath/Declaration
4. 	For the record, the Examiner acknowledges that the Oath/Declarations submitted on Aug. 01, 2019 and Aug. 30, 2019 have been accepted. 

Information Disclosure Statement
5.	The information disclosure statements (IDS) submitted on Aug. 01, 2019 has been considered. The submission is in compliance with the provisions of 37 CFR 1.97. Form PTO-1449 is signed and attached hereto.

Priority
6.	Acknowledgment is made applicant claims NO priority. 

Claim Objections
7.	Claims 3 and 18 are objected to because of the following informalities: Claim 3 recites “and/or” where the limitations are not clear the network element is part of process carried out with devices and carriers or is in combination in the group, please recite the limitation in a positive manner. Claim 18 also cites similar limitation and objected with the same rational as claim 3, Examiner for purpose of examination consider “OR” in both claims. Appropriate correction is requested.
8. 	Claims 9 and 11 are objected to because of the following informalities: Claim 9 recites “change of authorization can be configured through” (See claim listing page 14 lines 6). The phrase of “can” give it uncertainty that the condition will not happen. Therefore, The Examiner suggests removing the phrase of “can” so to make the claim clear and give the reader for certainty. Similarly, Claim 11 have similar issues. Appropriate corrections are requested.


Claim Rejections - 35 USC § 101
9.	35 U.S.C. 101 reads as follows:



10.	Claims 1-4, 10, and 12-18 are not patent eligible for directed to an abstract idea.
11.	Claim 1 rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claim recites, activation of multi-vendor support for change of authorization through a network access device through multiple network protocols, as drafted, is a process that, under its broadest reasonable interpretation, covers performance of the limitation in the mind by evaluation but for the recitation of generic computer components. That is, other than reciting “network access device, multi-vendor support” nothing in the claim element precludes the step from practically being performed in the mind. For example, but for the “network access device, multi-vendor support” in the context of this claim encompasses the steps from practically being performed in the mind. If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components, then it falls within the “Mental Processes” grouping of abstract ideas. Accordingly, the claim recites an abstract idea.
This judicial exception is not integrated into a practical application. In particular, the claim only recites one additional element – change of authorization through multiple network protocols in all the steps is recited at a high-level of generality (i.e., as a generic computing device through generic devices performing a generic computer function of authenticating the user based on result rule permissions) such that it amounts no more than mere instructions to apply the exception using a generic computer component. Accordingly, this additional element does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea.

through multiple network protocols and causing rule in a device to perform the authenticating process, result in being fulfilled steps amounts to no more than mere instructions to apply the exception using a generic computer component. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept. The claim is not patent eligible. 
Claims 2-4 and 10 further recites details of multi-vendor, devices that is in different or diverse networks (heterogeneous) and selected, do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea and do not add significantly more limitation. These limitations merely further the abstract idea. 
12.	Claims 12-14 are a non-transitory computer readable storage medium claim executing instructions by a generic computing device and claim recites substantially the same limitations as claims 1-4 and the use of a non-transitory storage medium and processor do not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. 
13.	Claims 15-17 are system claim executing instructions by a generic computing device and claim recites substantially the same limitations as claims 1-4 and the use of processor does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. 

Claim Rejections - 35 USC § 102
14.	The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

15.	Claims 1-19 are rejected under 35 U.S.C. 102 (a) (2) as being anticipated by Bradley J. Trimby US 2020/0106783 hereinafter “Trimby” Filed Oct. 08, 2018.

Regarding claim 1, Trimby teaches a method: A method (Trimby, see abstract, along with ¶ [0015 and 0007], comprising:
activation of multi-vendor support for change of authorization (Trimby discloses access point model 210 implemented for each specific access point such as Vendor- specific group identifier that correspond to access value 214 that enforce action implementation for each multiple access points associated with heterogeneous network 218 that reads on applicant’s limitation, see ¶¶ [0048- 0050], “Access point model 210 declares the implementation of logical networks for each specific access point, for example, by mapping each of multiple logical networks 212 with corresponding access values 214 that are indicative of an enforcement action implementation for each of multiple access points associated with the private network at issue (e.g., heterogeneous network 218). According to one embodiment, each logical network may have corresponding access values ( e.g. VLAN IDs, VLAN aliases, VLAN names, Vendor-specific group identifiers, etc.) specified by access point model 210” ); 
through a network access device through multiple network protocols (Trimby, see ¶ [0042 and 0050], “Those skilled in the art will appreciate that, private network 100 can include one or more wireless networks, one or more wired networks or a combination thereof that can be implemented as one of the different types of networks, such as an Intranet, Local Area Network (LAN), Wide Area Network (WAN), Internet, and the like. Further, the networks can either be dedicated networks or shared networks. The shared networks represent an association of the different types of networks that use a variety of protocols”; “access points that share implementations can be configured collectively to save time. For .

Regarding claim 2, Trimby discloses all the limitations of claim 1. Further Trimby teaches: providing change of authorization capability of devices supplied by multiple vendors in a multi-vendor heterogeneous network (Trimby, see ¶ [0048 and 0050], “corresponding access values 214 that are indicative of an enforcement action implementation for each of multiple access points associated with the private network at issue (e.g., heterogeneous network 218)”). 

Regarding claim 3, Trimby teaches all the limitations of claim 1. Trimby further teaches: where the process is carried out on different devices, carriers, and/or networks (Trimby, see ¶ [0041], “Access points 108 generally represent edge network devices or entry points to private network 100. Examples of access points include, but are not limited to a wired network switch, a router, a wireless controller ( e.g., a controller of multiple wireless access points (APs) within a wireless network), a wireless AP (e.g., a Wi-Fi AP), a network gateway and the like. NAC device 104 can be communicatively coupled with a public network 102, such as the Internet, so that users can access network 102 using endpoint devices 110-1, 110-2 .. . 110-N (which may be collectively referred to as endpoint devices 110 and may be individually referred to as endpoint device 110, hereinafter)”).  

Regarding claim 4, Trimby teaches all the limitations of claim 2. Trimby further teaches: devices selected from the group consisting of one or more of laptops, cell phones, printers, tablets, glasses, watches, servers, cloud devices, and an Internet of Things (IOT) device (Trimby, see FIG. 1 items 110-1 through 110-N, FIG. 2 items 230, 2327-10 along with ¶ [0042], “such as an Intranet, Local Area Network (LAN), Wide Area Network (WAN), Internet, and the like. Further, the , 
and wherein the network access device control manager server provides enforcement policies (Trimby, see FIG. 2 items 200, 202, 210, and 216 (enforcement engine) along with ¶ [0047], “FIG. 2 illustrates exemplary functional units of a NAC device 200 in accordance with an embodiment of the present invention. In the context of the present example, NAC device 200 includes an enforcement engine 216, an access policy engine 202 and an access point model 210”). 

Regarding claim 5, Trimby teaches all the limitations of claim 2. Trimby further teaches: activating providing a network access device change of authorization without any end-user hardware dependencies (Trimby, see FIG. 5B items 504 (end user hardware) and 508 (proxy device that provides network access device change of authorization without any end-user hardware dependencies) along with ¶ [0078], “a proxy request can be sent to authentication server 554 so that authentication server 554 can authenticate end point device 504 using proxy request. At step 4, after valid authentication NAC device 508 can accept connection request. At step 5, enforcement engine 510 of NAC device 508 can receive user information, endpoint information and device information for determining one or more attributes of endpoint device 504”). 

Regarding claim 6, Trimby teaches all the limitations of claim 1. Trimby further teaches: activating a network access device change of authorization without any end-user hardware dependencies (Trimby, see FIG. 5B items 504 (end user hardware) and 508 (proxy device that provides network access device change of authorization without any end-user hardware dependencies) along with ¶ [0078]) comprising: 
obtaining a device accessible to a multi-vendor network (Trimby, see FIG. 2 items 200 and 218);
connecting the device to a network through a multi-vendor network access device or service or to a network access control manager server  (Trimby, see FIG. 2 items 216, 218, and 232);
at least one of activating, authenticating, and authorizing the connected device (Trimby, see FIG. 2 items 216, 220, 222, …228, and 232); 
and providing change of authorization regardless of the originating network, the originating network device, or the type of change of authorization protocol (Trimby, see FIG. 2 items 216 change of authorization, regardless of original network 220-228 to originating network device 232 along with ¶ [0045], “As described further below with reference to FIG. 2, an enforcement engine running on the NAC device can maintain an access point model that maps each of multiple logical networks to corresponding access values that are indicative of an enforcement action implementations for each access point 108. Further, enforcement engine can maintain multiple access policies defined by a policy implementer in which each access policy specifies a current state of a particular endpoint device 110 and an enforcement action with reference to a logical network.”). 

Regarding claim 7, Trimby teaches all the limitations of claim 6. Trimby further teaches: authenticating one or more devices through the network access control manager server to provide multi-vendor enforcement policies (Trimby, see FIG. 2 items 200 (control manager) authenticating device 232 to provide multi-vendor enforcement policy through enforcement engine 216). 

Regarding claim 8, Trimby teaches all the limitations of claim 6. Trimby further teaches: one or more of the obtaining, connecting, or activating carried out on different devices, carriers, or networks (Trimby, see FIG. 2 item 218 (heterogeneous network)). 

Regarding claim 9, Trimby teaches all the limitations of claim 6. Trimby further teaches: devices selected from the group consisting of one or more of laptops, cell phones, printers, tablets, glasses, watches, servers, cloud devices, and an Internet of Things (IOT) device (Trimby, see FIG. 1 items 110-1 through 110-N, FIG. 2 items 230, 2327-10 along with ¶ [0042], “such as an Intranet, Local Area Network (LAN), Wide Area Network (WAN), Internet, and the like. Further, the networks can either be dedicated networks or shared networks. The shared networks represent an association of the different types of networks that use a variety of protocols, for example, Hypertext Transfer Protocol (HTTP), Transmission Control Protocol/Internet Protocol (TCP/IP), Wireless Application Protocol (WAP), and the like”), 
and wherein the authorization, authentication, or change of authorization can be configured through a multi-vendor enforcement profile (Trimby, see FIG. 2 item 216 (enforcement engine) along with ¶ [0047], “FIG. 2 illustrates exemplary functional units of a NAC device 200 in accordance with an embodiment of the present invention. In the context of the present example, NAC device 200 includes an enforcement engine 216, an access policy engine 202 and an access point model 210”). 

Regarding claim 10, Trimby teaches all the limitations of claim 3. Trimby further teaches: communicating on network-capable device comprising a multi-vendor network through a network access device where the network access device is configured to provide attributes for multiple vendors, multiple vendor devices, and multiple vendor change of authentication protocols (Trimby, see FIG. 2 item 214 access value (attributes for multiple vendors 220-228 through multiple endpoint model and access point model 210 for change of authentication protocol) along with ¶¶ [0041-0042], “Access points 108 generally represent edge network devices or entry points to private network 100. Examples of access points include, but are not limited to a wired network switch, a router, a wireless controller ( e.g., a controller of multiple wireless access points (APs) within a wireless network), .  

Regarding claim 11, Trimby teaches all the limitations of claim 10. Trimby further teaches: attributes that can have static values or that can be parameterized where the values will be replaced with the values from the authentication context (Trimby, see FIG. 2 item along with ¶¶ [0045-0046], “reference to FIG. 2, an enforcement engine running on the NAC device can maintain an access point model that maps each of multiple logical networks to corresponding access values that are indicative of an enforcement action implementations for each access point 108. Further, enforcement engine can maintain multiple access policies defined by a policy implementer in which each access policy specifies a current state of a particular endpoint device 110 and an enforcement action with reference to a logical network”; “receiving attributes of endpoint device 110, the enforcement engine can identify a matching access policy based on attributes of endpoint device 110. Further, the enforcement engine can retrieve the corresponding enforcement action implementation for the access point 108 through which the endpoint device 110 is connected to private network 100 from the access point model based on the logical network specified in the matching access policy to reconfigure the access point 108 to perform the enforcement action”).  

Regarding claim 12, this claim defines a machine-readable storage medium claim that corresponds to method claim 1. Therefore, claim 12 is rejected with the same rational as in the rejection of claim 1. Furthermore, Trimby ¶¶ [0024 and 0084] along with claim 11 disclose computer readable medium comprising computer executable instructions stored thereon that, when executed by one or more processing units in a source system to execute instructions.

Regarding claim 13, Trimby teaches all the limitations of claim 12. Trimby further teaches: update enforcement profiles on the network to change network authorization (Trimby, see ¶ [0034], “network access control appliances (e.g., FORTINAC family of network access control appliances), vulnerability management appliances (e.g., FORTISCAN family of vulnerability management appliances), configuration, provisioning, update and/or management appliances ( e.g., FORTIMANAGER family of management appliances)”).

Regarding claim 14, this claim defines a machine-readable storage medium claim that corresponds to method claim 4. Therefore, claim 14 is rejected with the same rational as in the rejection of claim 4. Furthermore, Trimby ¶¶ [0024 and 0084] along with claim 11 disclose computer readable medium comprising computer executable instructions stored thereon that, when executed by one or more processing units in a source system to execute instructions.

Regarding claim 15, this claim defines a system claim that corresponds to method claim 1. Therefore, claim 15 is rejected with the same rational as in the rejection of claim 1. Furthermore, Trimby ¶¶ [0024 and 0084] along with claim 11 disclose computer readable 

Regarding claim 16, this claim defines a system claim that corresponds to method claims 2 and 5. Therefore, claim 16 is rejected with the same rational as in the rejection of claims 2 and 5. Furthermore, Trimby ¶¶ [0024 and 0084] along with claim 11 disclose computer readable medium comprising computer executable instructions stored thereon that, when executed by one or more processing units in a source system to execute instructions.

Regarding claims 17-18, these claims define system claims that corresponds to method claims 4 and 9-10. Therefore, claims 17-18 are rejected with the same rational as in the rejection of claims 4 and 9-10. Furthermore, Trimby ¶¶ [0024 and 0084] along with claim 11 disclose computer readable medium comprising computer executable instructions stored thereon that, when executed by one or more processing units in a source system to execute instructions.

Regarding claim 19, Trimby teaches all the limitations of claim 15. Trimby further teaches: a network accessible device configured to provide security threat remediation that is automated at the device, network access, traffic inspection, or threat protection level wherein a policy enforcement actions is initiated in a bidirectional manner on a heterogeneous multi-vendor network (Trimby in previous claims disclosed heterogeneous multi-vendor, Trimby further discloses enforcement engine through user interface allow policy implementation which can be done dynamically that reads on applicant’s limitation , see ¶ [0050-0051], “access points that share . 

Examiner note:
16.	In the case of amending the Claimed invention, Applicant is respectfully requested to indicate the portion(s) of the specification which dictate(s) the structure relied on for proper interpretation and also to verify and ascertain the metes and bounds of the claimed invention. This will assist in expediting compact prosecution.  MPEP 714.02 recites: “Applicant should also specifically point out the support for any amendments made to the disclosure. See MPEP § 2163.06. An amendment which does not comply with the provisions of 37 CFR 1.121(b), (c), (d), and (h) may be held not fully responsive. See MPEP § 714.”  Amendments not pointing to specific support in the disclosure may be deemed as not complying with provisions of 37 C.F.R.  1.131(b), (c), (d), and (h) and therefore held not fully responsive.  Generic statements such as “Applicants believe no new matter has been introduced” may be deemed insufficient.

Conclusion
17.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Vachiravel et al. US 2016/0226869 discloses accessing an enterprise network through request to access the enterprise network where the request includes identifier of user 
Narasimhan et al. US 8,881,234 discloses network access control where host attributes of the host are collected by the data processing apparatus and network access for the host device is restricted, and during the host collection phase for the host device. 
Xenakis et al. Springer 2006 Wireless Personal Communications (2006) 36: 163–194, “Alternative Schemes for Dynamic Secure VPN Deployment in UMTS” discloses dynamic, client-initiated, secure VPN deployment over the UMTS network are proposed and analyzed. The mobile devices comprise the IP protocol stack including the TCP/UDP protocol, which enables the activation of any type of Internet service. The UMTS infrastructure provides to mobile users access to the public Internet, and allows them to employ IPsec tunnel technique to traverse firewalls, access private networks, and convey sensitive data securely.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KHALIL NAGHDALI whose telephone number is (571) 272-9884.  The examiner can normally be reached on M-F 8-5.
If attempts to reach the examiner by telephone are unsuccessful, the examiner's acting supervisor, KRISTINE KINCAID can be reached on (571) 272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like 
/KHALIL NAGHDALI/
Primary Examiner, Art Unit 2437