DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Election/Restrictions
This Office action is in response to communications filed on 6/21/2021.
Claims 1-13 have been withdrawn.
Claims 14-25 have been elected.
Response to Amendment
Claims 14 and 22 have been amended.
Claims 26-27 have been added.
Claims 14-27 are pending.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 14-21, 23, and 27 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Regarding claim 14, it recites, in the preamble, “accelerated packet processing”. It’s unclear when packet processing is considered as being accelerated.

Regarding claim 15, the limitations invoke, by reference, all of the limitations of claim 14. Therefore, claim 15 is rejected for the same reasons as claim 14, above. Additionally, claim 15 recites the limitation “the network controller further comprises a segmentation accelerator”. It’s unclear if the term “segmentation accelerator” provides any structure not recited in the limitation (e.g. segmentation could be interpreted as some sort of division, and accelerator as something that accelerates the division, but it’s unclear in the claim how segmentation is accelerated by the accelerator). 
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 14, 17-18, 22, and 24 is/are rejected under 35 U.S.C. 103 as being unpatentable over McGrew et al. (US 7426636 B1, hereinafter McGrew) in view of Sandholm et al. (US 10397185 B1, hereinafter Sandholm).

a network controller to receive a transport protocol packet from a remote computing device (col. 12, lines 32-34, "FIG. 4 is a block diagram that illustrates a computer system 400 upon which an embodiment of the invention may be implemented"; Fig. 4, the computing device is connected to a local network via a communication interface; col. 9, lines 50-52, "packet 142 is then dispatched to a receiver using any appropriate transport protocol" (through a network, see Fig. 1A); col. 10, lines 28-29, receiver receives the packet), 
wherein the transport protocol packet comprises an encrypted message (Fig. 3A, the packet (element 142) includes an encrypted payload (element 308), where the encrypted payload is obtained by encrypting (element 130) a compressed payload (element 148), which is in turn obtained by compressing (element 128) an uncompressed payload (element 302); col. 9, lines 6-5, "The Uncompressed Payload may be an IP packet or other data"), wherein the network controller comprises:
circuitry to decrypt the encrypted message of the transport protocol packet to generate a compressed message of the transport protocol packet (col. 10, lines 44-49, "control passes to block 228, in which the Compressed Payload and the Authentication Tag are decrypted. As shown in FIG. 3B, Compressed Payload 148 and Authentication Tag 150 from packet 142 are provided to decryption function 130, which generates Decrypted Compressed Payload 148B" (see also Fig. 2B, 228); col. 13, lines 12-20, a processor to implement the invention); 
circuitry to decompress the compressed message of the transport protocol packet to generate an HTTP message of the transport protocol packet in response to decryption of the encrypted message (col. 10, lines 51-54, "In block 230, the decompression function is applied to the Compressed Payload […] decompression function 128 generates Uncompressed Payload 302 as output"), 

McGrew does not disclose that the message is a Hypertext Transport Protocol (HTTP) message; that the HTTP message comprises an application layer protocol message that includes an HTTP header; and that the steering is to a receive queue based on the HTTP header.
Sandholm discloses that a message may be a Hypertext Transport Protocol (HTTP) message (col. 6, lines 8-9, "platform client 204 may send a request 222 to the platform 220"; col. 6, lines 31-37, "The request 222 may include a package or payload and may include headers. The stream service 210 may forward the request 222 to a queue manager 214 to be placed one of the queues 216, which may include message queues. The stream service 210 forwards the request based on the headers, a verb (e.g., an HTTP verb GET, POST, PUT, DELETE), and/or a target resource" - note example requests from col. 7, line 55 to col. 10 line 32 are all HTTP messages); 
that the HTTP message comprises an application layer protocol message that includes an HTTP header (col. 6, lines 8-9, "platform client 204 may send a request 222 to the platform 220"; col. 6, lines 31-37, "The request 222 may include a package or payload and may include headers. The stream service 210 may forward the request 222 to a queue manager 214 to be placed one of the queues 216, which may include message queues. The stream service 210 forwards the request based on the headers, a verb (e.g., an HTTP verb GET, POST, PUT, DELETE), and/or a target resource" - note example requests from col. 7, line 55 to col. 10 line 32 are all HTTP messages); and 
that the steering is to a receive queue based on the HTTP header (Fig. 2, platform 220 includes a stream service 210; col. 13, lines 59-63, "the stream service […] forwards the package to a message queue, based on information in the headers, the HTTP verb and the target resource, denoted by the URL path").

One of ordinary skill in the art would have been motivated because using different queues to process different requests (see col. 11, lines 8-49) would allow for scalable and efficient processing (see col. 1, lines 35-38) of data.
Regarding claim 17, the combined system of McGrew and Sandholm discloses the invention substantially as applied to claim 14, above, wherein to steer the HTTP message comprises to: determine whether the HTTP header of the HTTP message matches a filter criteria (Sandholm, col. 6, lines 31-37, "request 222 may include a package or payload and may include headers. The stream service 210 may forward the request 222 to a queue manager 214 to be placed one of the queues 216, which may include message queues. The stream service 210 forwards the request based on the headers" - col. 11, lines 28-31, "The client may then need to include the session instance in the header of subsequent requests to ensure that the stream service places the subsequent requests in the appropriate queue for the same worker"); and 
perform a filter action associated with the filter criteria in response to a determination that that the HTTP header matches the filter criteria (Sandholm, col. 6, lines 31-37, "request 222 may include a package or payload and may include headers. The stream service 210 may forward the request 222 to a queue manager 214 to be placed one of the queues 216, which may include message queues. The stream service 210 forwards the request based on the headers" - col. 11, lines 28-31, "The client may then need to include the session instance in the header of subsequent requests to ensure that the stream service places the subsequent requests in the appropriate queue for the same worker").

Regarding claims 22 and 24, McGrew discloses one or more computer-readable storage media comprising a plurality of instructions stored thereon (col. 12, lines 41-47, "a main memory 406, such as a random access memory (RAM), flash memory, or other dynamic storage device, coupled to bus 402 for storing information and instructions to be executed by processor 404. Main memory 406 also may be used for storing temporary variables or other intermediate information during execution of instructions to be executed by processor 404"). The remaining limitations of claim(s) 22 and 24 do not read or further define over the limitations of claim(s) 14 and 17. Therefore, claim(s) 22 and 24 is/are rejected for the same reasons as set forth in claim(s) 14 and 17, above.
Claims 15-16 , and 23 is/are rejected under 35 U.S.C. 103 as being unpatentable over McGrew (US 7426636 B1) in view of Sandholm (US 10397185 B1), as respectively applied to claims 14 and 22, above, and further in view of Lambert (US 20170061138 A1).
Regarding claim 15, the combined system of McGrew and Sandholm discloses the invention substantially as applied to claim 14, above.
The combined system of McGrew and Sandholm does not disclose that the network controller further comprises a segmentation accelerator to coalesce a plurality of segmented transport protocol packets to generate the transport protocol packet, wherein the plurality of segmented transport 
Lambert discloses a network controller comprising a segmentation accelerator to coalesce a plurality of segmented transport protocol packets to generate the transport protocol packet, wherein the plurality of segmented transport protocol packets comprises the encrypted HTTP message (¶[0046], "The Invention includes processing software and computing and telecommunications hardware ("the system") used to obfuscate, segment, reorder segments, group segments, transmit, store, retrieve, reassemble, and reconstitute a specified original data object intended for private and secure transmission"; ¶[0049], "The invention provides a system to receive the transmitted data object segments"; ¶[0050], "The invention further provides a retrieving system that retrieves the transmitted data object segments"; ¶[0051], "The invention provides for a method that reassembles the retrieved segments according to the reversal of a recordation of obfuscation and transmission function processing results, reversing segment reordering, reassembling the object segments, removing any invalid data that was inserted into the object or its segments, decrypting and decompressing the reassembled data object", see also ¶[0091]); and 
to receive the transport protocol packet comprises to receive the plurality of segmented transport protocol packets (¶[0049], "The invention provides a system to receive the transmitted data object segments"). 
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the combined system of McGrew and Sandholm in view of Lambert so that the network controller further comprises a segmentation accelerator to coalesce a plurality of segmented transport protocol packets to generate the transport protocol packet, wherein the plurality of segmented transport protocol packets comprises the encrypted HTTP message; and to 
One of ordinary skill in the art would have been motivated because it would "limit access, acquisition and decryption of the original data object" to attackers (Lambert, ¶[0003]).
Regarding claim 16, the combined system of McGrew, Sandholm, and Lambert discloses the invention substantially as applied to claim 15, above, further comprising: a network controller driver to configure a receive pipeline of the network controller, wherein the receive pipeline includes an offload ordering (Lambert, ¶[0121], "proprietary retrieval protocols" (drivers) "as can be devised, and in such a manner that may or may not utilize the same protocol in which the same data object segment was previously transmitted, so as to allow the re-assembly method to authenticate, validate, and process them in order to reassemble the original data object"; ¶[0124], "a computer system is able to retrieve the stored segments of the original obfuscated data object from the diverse storage locations and reverse the obfuscation of the segments to restore the original data object (the "reassembly"). Reassembly is performed by initially retrieving the object management and segment management records detailing how the segments were configured for retrieval and reassembly prior to transmission. The Management Records will inform the system as to the locations of the segments, the keys used to decrypt them, the parts of the transmission pathway with its keys that was prepared for their retrieval known to the retrieving system, the protocols with which the segments can be retrieved, as well as the obfuscation pattern which must be reversed to reorder, reassemble, decompress, and decrypt the Original Data Object"); 
wherein the network controller is further to execute the receive pipeline according to the offload ordering, wherein to execute the receive pipeline comprises to decrypt the encrypted HTTP message, to decompress the compressed HTTP message, and to coalesce the plurality of segmented transport protocol packets in an order specified by the offload ordering (Lambert, ¶[0124], "The 
Regarding claim 23, the combined system of McGrew and Sandholm discloses the invention substantially as applied to claim 22, above. The remaining limitations of claim(s) 23 do not read or further define over the limitations of claim(s) 15. Therefore, claim(s) 23 is/are rejected for the same reasons as set forth in claim(s) 15, above.
Claims 19 and 25-26 is/are rejected under 35 U.S.C. 103 as being unpatentable over McGrew (US 7426636 B1) in view of Sandholm (US 10397185 B1), as respectively applied to claims 14 and 22, above, and further in view of Wang et al. (US 20170126565 A1, hereinafter Wang).
Regarding claim 19, the combined system of McGrew and Sandholm discloses the invention substantially as applied to claim 17, above, wherein to perform the filter action comprises to select the first processor from a plurality of processor of the computing device (Sandholm, col. 11, lines 28-31, "The client may then need to include the session instance in the header of subsequent requests to ensure that the stream service places the subsequent requests in the appropriate queue for the same worker").
The combined system of McGrew and Sandholm does not disclose that the processor is a processor core from a plurality of processor cores.

Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the combined system of McGrew and Sandholm in view of Wang so that the processor is a processor core from a plurality of processor cores.
One of ordinary skill in the art would have been motivated because it would avoid "placing locks by different cores on data structures that are used to process the same flow's packets", Wang, ¶[0042].
Regarding claim 25, the combined system of McGrew and Sandholm discloses the invention substantially as applied to claim 24, above. The remaining limitations of claim(s) 25 do not read or further define over the limitations of claim(s) 19. Therefore, claim(s) 25 is/are rejected for the same reasons as set forth in claim(s) 19, above.
Claims 20-21 is/are rejected under 35 U.S.C. 103 as being unpatentable over McGrew (US 7426636 B1) in view of Sandholm (US 10397185 B1), as applied to claim 17, above, and further in view of Smith et al. (US 20110035469 A1, hereinafter Smith).

The combined system of McGrew and Sandholm does not disclose that to perform the filter action comprises to drop the HTTP message or to throttle the HTTP message.
Smith discloses that to perform a filter action comprises to drop an HTTP message or to throttle the HTTP message (¶[0003], "As packets attempt to pass through the network interface, filters created by a system operator analyze the header information in the packet and either allow the packet to pass through the network interface or cause the packet to be discarded" - see also ¶[0109], "All traffic with an HTTP header "User-Agent: mozilla" will be filtered, dropping 100% of the traffic, for 30 minutes" and ¶[0127], "Filter 90% of traffic originating from 192.168.10.0 through 192.168.10.255 for 1 hour" and ¶[0007], "blocking a predetermined percentage of the portion of the network requests. The predetermined percentage is equal to the throttle percentage").
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the combined system of McGrew and Sandholm in view of Smith so that to perform the filter action comprises to drop the HTTP message or to throttle the HTTP message.
One of ordinary skill in the art would have been motivated because "packet filters provided by embodiments enable a system operator to either fully or partially block malicious network traffic based on a variety of network criteria. Moreover, automatic expiration of the packet filters enables a remote site to return to normal operation after a predetermined period of time, even if contact between the resolution site and the central data center is lost", Smith, ¶[0009].
Regarding claim 21, the combined system of McGrew and Sandholm discloses the invention substantially as applied to claim 17, above.

Smith discloses a network controller driver to configure the network controller with the filter criteria and the associated filter action (¶[0022], "the filter tool 110 is used to define a filter rule. Additional description related to the filter rules is provided more particularly below. The filter tool then appends filter rules to a filter file which is distributed to one or more filter proxies 120a/120b via a network"; ¶[0031], "filter rules are consulted and traffic is either accepted or rejected depending other whether each individual request matches one or more of the filter rules").
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the combined system of McGrew and Sandholm in view of Smith for a network controller driver to configure the network controller with the filter criteria and the associated filter action.
One of ordinary skill in the art would have been motivated because "packet filters provided by embodiments enable a system operator to either fully or partially block malicious network traffic based on a variety of network criteria. Moreover, automatic expiration of the packet filters enables a remote site to return to normal operation after a predetermined period of time, even if contact between the resolution site and the central data center is lost", Smith, ¶[0009].
Claim 27 is/are rejected under 35 U.S.C. 103 as being unpatentable over McGrew (US 7426636 B1) in view of Sandholm (US 10397185 B1), and further in view of Lambert (US 20170061138 A1), as applied to claim 15, above, and further in view of Basso et al. (US 20080181245 A1, hereinafter Basso).
Regarding claim 27, the combined system of McGrew, Sandholm, and Lambert discloses the invention substantially as applied to claim 15, above, further comprising: a protocol to process, by a first processor of the computing device, the HTTP message from the receive queue in response to steering of the HTTP message (Sandholm, col. 11, lines 28-31, "The client may then need to include the session 
The combined system of McGrew and Sandholm does not disclose that the protocol is a protocol stack and that the first processor is a processor core.
Basso discloses that the protocol is a protocol stack and that the first processor is a processor core (¶[0033], "A communication protocol stack of the at least one processing core may process the incoming data packet placed in the selected receive queue").
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the combined system of McGrew, Sandholm, and Lambert in view of Basso so that the protocol is a protocol stack and that the first processor is a processor core.
One of ordinary skill in the art would have been motivated because it would "provide high performance by enabling concurrent processing on both the transmit and receive sides of a communication flow", Basso, ¶[0017].
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Phillips et al. (US 7058696 B1), which discloses, in col. 3, lines 7-34, decompressing, decrypting, and combining packet segments.
Knoop et al. (US 8638724 B1), which discloses, in col. 4, lines 20-22, dropping packets that contain an indicator in a header of the packet.




Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Brian Gillis can be reached on 571-272-7952.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/BORIS D GRIJALVA LOBOS/               Primary Patent Examiner, Art Unit 2446