DETAILED ACTION

1.	Notice of Pre-AIA  or AIA  Status:  The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

2.	Claims 1-23 are presented for examination. 

3.	This Office Action is in response to remarks and claim amendments filed on March 29, 2021, after non-final rejection of application 16/222766.

4.	Application 16/222766 was filed on December 17, 2018.

5.	Claims 2, 11 and 18 have been canceled, claims 1, 3, 8, 10, 12, 15, 16, 19 and 20 have been amended, and new claims 21-23 have been added.  

6.	Claims 13, 14, 21, 22, and 23 are objected to as being dependent upon a rejected base claim, but any one of them would be allowable if rewritten to overcome the objections set forth in this Office Action and to include all of the limitations of the base claim (claims 1, 10 and 16) and any intervening claims (claim 12).  Also, Applicant to include necessary features for a smooth transition from feature to feature to prevent gaps/disconnects (i.e., a potential 35 U.S.C. 112(b)) between features.

Response to Remarks

7.	Applicant’s claim amendments and remarks as filed on March 29, 2021, have been fully considered but they deemed to be moot in views of the new grounds of rejection.

8.	Applicant remarked (pages 13 and 14 of Remarks) that claims 1, 10 and 16 have been amended to include the allowable subject matter of claims 13 and 14.  

	Examiner’s response is Applicant incorporated claim 12 into the independent claims instead of claims 13 and 14.

Claim Interpretation

9.	Claim 1 recites “maturity status.”  Instant specification [0019] states “once the communication session has been established, the session may be said to be mature.”  This interpretation is applied to all the claims.

10.	Claim 15 recites “communications.”  Instant specification [0032] [0033] states “sends multiple communication packets” and [0052] states “a number of packets are received.”  Since the specification states “communication packets” and “packets are received,” the specification refers to packets as communications between devices.  This interpretation is applied to all the claims.

11.	Claim 21 recites “trusted device.”  Instant specification [0048] states “identifies external source computing devices in which a threshold number of communication sessions between the destination device and the external source computing device have been performed.  Such identified external source computing device may be referred to as trusted, or otherwise identified as known good external source computing device.”  Since the instant disclosure nowhere defines explains “a trusted device,” a brief search revealed Flutner et al. and Microsoft Computer Dictionary.  

According to Flutner et al. (US Pub 20140372762), [0004] teach “a subscriber identity module (SIM) is a good example of a trusted device.  It provides a ‘secure element’ computer processor designed to resist physical tampering and to reject electronic communication by unauthorized parties, placed in the hands of an end user who doesn’t control when software runs on the device, in order to facilitate the delivery of services to them.”  [007] teach “a trusted device provides a way of interacting directly with a secure element so that, for example, one could enter a PIN number on-screen and be confident it is going to the software running on the secure element, which is trusted.”  [0025] teach “the trusted device may support multiple identities of the user of the trusted device, allowing the user, once authenticated, to select which one they wish to use.  Such identities may be used as a way of controlling the amount of information concerning a user that is sent to target devices.”

According to Microsoft Computer Dictionary, “TCB” being an “acronym for Trusted Computing Base.  The complete set of security mechanisms that create security on a network.  The TCB includes all the hardware, software, and firmware components that are responsible for system security.”

These definitions/explanations of a trusted device provide additional interpretation of the recited “trusted device.”

Claim Objections

12.	Claims 1, 3-10, 12-17 and 19-23 are objected to 37 C.F.R. 1.75 because of the following informalities:
	
13.	Claim 1 recites “is not applied to second communication” that refers back to “a second communication” previously recited in the limitation.  The limitation is viewed as -- is not applied to the second communication -- for further examination.  The same is true in claims 10 and 16.  Applicant to resolve in the claims.

Claims 3-9, 12-15, 17 and 19-23 incorporate the deficiencies of claims 1, 10 and 16, through dependency, and are also objected.



15.	Claim 12 recites “wherein associating the first maturity status with identification information” and “is included in a table corresponding to the first maturity status” that refer to features in claim 10.  The features are viewed as --wherein the associating of the first maturity status with the identification information – and -- is included in the table corresponding to the first maturity status -- for further examination.  Applicant to resolve the claim.

Claims 13 and 14 incorporate the deficiencies of claim 12, through dependency, and are also objected.

16.	Claim 12 is a repeat of features recited in the independent claims, Applicant to cancel claim 12.  Applicant to resolve the claim.

Claims 13 and 14 incorporate the deficiencies of claim 12, through dependency, and are also objected.

17.	Claim 16 recites “a second communication between the first communication device and the second communication device by” has features that have no 

Claims 17 and 19-23 incorporate the deficiencies of claim 16, through dependency, and are also objected.

Claim Rejections - 35 USC § 103
18.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

19.	Claims 1, 10 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Engdahl et al., US Pub 20090113517, hereinafter Engdahl, and in view of Moir, US Pub 20020120720.

20.	Regarding claims 1, 10 and 16, Engdahl teach a system for (“one device may classify and tag each packet, while another device [] may process the packets according to the tags” [0002], “tag the packets for handling”, “tags attached to packets [] to enforce policies” [0030], “a high classification may be assigned to 
at least one processor (“executed by one or more systems, computers, other devices” [0018]); and
at least one memory including instructions which when executed by the at least one processor (“the program”, “then compiled, interpreted [] and then stored in a computer memory” [0016], “program modules, executed by one or more systems, computers” [0018]), causes the at least one processor to:
assign a first maturity status (“security classifications”, “classify and tag”, “map be tagged”) to a first communication between a first communication device (“server”) and a second communication (“client”) device by associating the first maturity status with identification information (“classify and tag packets”) from the first communication (“three or more levels of security classification may be used to process packets at different speeds or priorities”, “established security connection”, “one device may classify and tag each packet, while another device within the network may process the packets according to the tags” [0002], “analyze the packet and tag the packets for handling by other devices” [0030], “analyze the packet and tag the packets for handling by other devices”, “standalone throttle”, “the policies 115 may cause a packet to be dropped”, “transmitted at a limited 
wherein the associating comprises determining whether the identification information (“tagged”) is corresponding to the first maturity status (“security level of a session associated with the packets, and apply various policies to the packets”, “the packets may be tagged [] to apply other policies” [0045], “packets associated with a secure session may be tagged using a first identifier” [0060]);
apply a traffic rate mitigation technique or a traffic analysis technique (“analyzed and tagged”, “indicate a maximum transmission rate”) to the first communication when the identification information is corresponding (“tagged”) to the first maturity status (“packet that was analyzed and tagged”, “indicate a maximum transmission rate for a packet that is tagged with a particular tag” [0031], “various servers [] may apply policies [] respective to process low priority packet in one manner and high priority packets in a different manner” [0041], “receive a classification from the classifier 206 and apply various policies 214 to the packet based on the classification” [0056], “a packet stream with a high security status [] may be transmitted at a maximum transmission rate” [0068], “packets associated with a secure session may be tagged using a first identifier” [0060]); and
assign a second maturity status to a second communication between the first communication device and the second communication device by associating the second maturity status with the identification information (“analyze the packet and tag the packets for handling by other devices” [0030], “a high classification may be assigned to those packets associated with a session that has fully established IPsec or other Layer 2 security protocol” [0055], “that packets associated with a secure session may be tagged using a first identifier and packets not associated with a secure session may be tagged with a second identifier” [0060]  Note:  It would have been obvious to the person of ordinary skill in the art at the time of the invention to readily recognize that the second communication is a duplication of a first communication.  MPEP 2144.04 VI.
wherein the traffic rate mitigation technique or the traffic analysis technique (“not tagged”, “not associated with”) is not applied to second communication based on the second maturity status (“a tag may include a designation that may be used by a downstream device to apply a corresponding policy” [0056], “packet may be tagged as a secure packet or as an unsecure packet” [0057], “packets may or may not be tagged” [0058], “second policy may be defined that permits a limited throughput for those packets not associated with a secure session” [0059]).

wherein the associating comprises determining whether the identification information (“tag”) is included in a table corresponding to the first maturity status (“a tag to perform a lookup within a policy table [] to locate a policy for handling of the relevant packet” [0034] [0025] [0129]);
apply a traffic rate mitigation technique or a traffic analysis technique (“ATM traffic management”) to the first communication when the identification information (“tag”) is included in the table corresponding to the first maturity status (“a tag to perform a lookup within a policy table [] to locate a policy for handling of the relevant packet”, “the policy may [] specify various service parameters”, “the service parameters [] are provided to an ATM traffic management [] that applies the service parameters to various flows outputted”, “service parameters [] map specify that a certain flow is provided with a high QoS” [0034] [0025] [0129]).

Thus, it would have been obvious before the effective filing date of the claimed invention to a person of ordinary skill in the art to readily recognize the advantage of modifying Engdahl’s system that provides the user a “apply policies to packets 

The motivation being a “by limiting throughput for unsecured communications but allowing secured communications for flow at a higher throughput, limits may be placed on network traffic that may be malicious or otherwise not desired” (Engdahl [0022]) which includes “it has become desirable to offer varying levels of service (e.g., Quality-of-Service (QoS)) to various network entities” (Moir [0003]) and “a tag to perform a lookup within a policy table [] to locate a policy for handling of the relevant packet” (Moir [0034]).

21.	Regarding claims 3 and 19, Engdahl teach wherein the identification information includes at least one of an IP address of the first communication device (“specific network addresses”) , a protocol of the first communication, or a portion associated with the first communication (“destination”) (“a policy may be established for packets originating from a specific network addresses or range of network addresses or packets having other forms of authentication” [0009], “route packets to different destinations based on the tags” [0036], “a two level 

22.	Regarding claim 4, Engdahl teach wherein the instructions cause the processor to drop the first communication if the identification information (“tag the packets”) is previously associated with the first maturity status (“analyze the packet and tag the packets for handling by other devices” [0030], “packet to be dropped” [0031]).

23.	Regarding claim 5, Engdehl teach wherein the protocol of the first communication includes at least one of transmission control protocol (“TCP”) or user datagram protocol (“an authenticated or secure session may be established using many different mechanisms”, “five-layer TCP/IP model” [0049] [0051]).

24.	Regarding claim 6, Engdahl teach wherein the first communication is received at a device communicatively coupling (“establish a secure session with”) the first communication device (“server”) to the second communication device (“client device”) (“coupled” [0013], “server device [] may establish a secure session with the client device” [0023]).



26.	Regarding claim 9, Engdahl teach wherein the first communication is received from the first communication device located external (“from outside”) to the second communication device (“from outside a private or gated network”).

27.	Regarding claim 12, Engdahl do not teach communication includes determining if the identification information is included in a table corresponding to the maturity status feature, but in a similar field of endeavor Moir teaches wherein associating the first maturity status with identification information (“tag”) from the first communication includes determining if the identification information is included in a table corresponding to the first maturity status (“a tag to perform a lookup within a policy table [] to locate a policy for handling of the relevant packet” [0034] [0025] [0129]).

28.	Regarding claim 17, Engdahl teach wherein the instructions cause the processor to send a third communication to the communication device, the third communication (“packets”) being sent after the first communication (“packets”) (“policies 122 may cause the server 122 to process authenticated or secure .

29.	Claims 8 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Engdahl and Moir, as applied to claims 1, 6 and 10 above, and further in view of Van Leekwuck et al., US Pub 20080175146.

30.	Regarding claim 8, Engdahl and Moir do not teach classified within a threshold period of time feature, but in a similar field of endeavor Van Leekwuck teach wherein the second communication is assigned the second maturity status based on a quantity of communications (“bandwidth limit”) having occurred within a threshold (“monitored”) period of time (“the time for monitoring” [0038], “time period”) (“a mean value of the BW consumed by the packet flow of the new session during the monitored time period is calculated and applied as bandwidth limit to the upgraded new session” [0039], “session is called well-established because the telecommunications system 1 has classified the session with a high priority level and allocates the session with as much bandwidth as the session requires” [0045]).

Thus, it would have been obvious before the effective filing date of the claimed invention to a person of ordinary skill in the art to readily recognize the advantage of modifying Engdahl’s and Moir’s system that provides the user a “apply policies to packets based on a security classification.  Packets with an authenticated and 

The motivation being “an improved admission control” (Van Leekwuck [0010]) and “a mean value of the BW consumed by the packet flow of the new session during the monitored time period is calculated and applied as bandwidth limit to the upgraded new session” ( Van Leekwuck [0039]).

31.	Regarding claim 15, Engdahl and Moir do not teach based on a quantity of communications occurred between communications of two devices feature, but in a similar field of endeavor Van Leekwuck teach further comprising assigned the second maturity status the second communication based on a quantity of communications (“bandwidth limit”) having occurred between (“packet flow of the new session”) the first communication device and the second communication device (“packet flow of the new session”) within a threshold (“monitored”) period of time (“the time for monitoring” [0038], “time period”) (“a mean value of the BW consumed by the packet flow of the new session during the monitored time period is calculated and applied as bandwidth limit to the upgraded new session” [0039], “session is called well-established because the telecommunications system 1 has classified the session with a high priority level and allocates the .

Conclusion

32.	Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  

A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

33.	 Any inquiry concerning this communication or earlier communications from the examiner should be directed to O. Charlie Vostal whose telephone number is 571-270-3992 (via email:  Ondrej.Vostal@uspto.gov  “without a written authorization by applicant in place, the USPTO will not respond via internet e-mail to an Internet correspondence” MPEP 502.02 II and https://www.uspto.gov/sites/default/files/documents/sb0439.pdf ).  The examiner can normally be reached on 8:30am to 5:00pm EST Monday thru Friday.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Thu Nguyen can be reached on 571-272-6967.  The fax phone number for the organization where this application or proceeding is assigned is 571-270-4992.




	/ONDREJ C VOSTAL/           Primary Examiner, Art Unit 2452                                                                                                                                                                                             
	May 28, 2021