DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Allowable Subject Matter
Claims 9 and 16 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-6, 8, 10-14, and 17-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Dara et al. (US 2016/0315921), hereafter “Dara,” in view of Boutnaru (US 2019/0199533).
Regarding claim 1, Dara teaches a method comprising:	receiving a packet comprising one or more metadata elements generated based on security measurements from a plurality of nodes along a path of the packet (Dara: par 0042 [Each packet may be inserted with a metadata field that includes a RND field, a SEQ field, and a VERIFY field…]; 0044 […the SEQ field value may be at least in part based on a timestamp…]);	determining a validity of the one or more metadata elements based on at least one of a comparison of one or more values in the one or more metadata elements with one or more expected values calculated for the one or more metadata elements (Dara: par 0048), one or more signatures in the one or more metadata elements (Dara: par 0051 […each network node uses its piece of the cryptographic secret to leave a signature as part of the verification information in the packet.]), and timing information associated with the one or more metadata elements (Dara: par 0044).	Dara does not explicitly teach: 	based on the one or more metadata elements, determining whether the packet traversed any compromised nodes along the path of the packet. 	Boutnaru teaches: 	based on one or more metadata elements, determining whether a packet traversed any compromised nodes along the path of the packet (Boutnaru: par 0038, 0042). 	It would have been obvious to one of ordinary skill to utilize the techniques of Boutnaru to determine whether the packet traversed any compromised nodes with predictable results. One would be motivated to make the combination to provide the benefit of informing administrators of potential problems with the path so that they can 

Regarding claim 2, the method of claim 1, wherein the one or more metadata elements comprise the security measurements or one or more hash values representing the security measurements (Dara: par 0060; Boutnaru: 440 of FIG. 4), and wherein determining whether the packet traversed any compromised nodes comprises at least one of identifying each hop traversed by the packet and providing a proof-of-transit of the packet (Dara: par 0051, 0095; Boutnaru: par 0033).

Regarding claim 3, the method of claim 1, wherein the one or more metadata elements comprise node integrity metadata generated based on respective node integrity information from each of the plurality of nodes along the path of the packet, the respective node integrity information being generated based on a respective security measurement from each of the plurality of nodes along the path of the packet (Dara: par 0060, 0061; Boutnaru: par 0041).

Regarding claim 4, the method of claim 1, wherein the packet is received by a node at a hop in the path of the packet, the method further comprising:	updating a verification digest in the one or more metadata elements in the packet 

Regarding claim 5, the method of claim 4, wherein determining whether the packet traversed any compromised nodes along the path of the packet is based at least partly on the updated verification digest, and wherein the verification digest is based on a respective hash generated by a second node at a previous hop in the path, the respective hash being based on one or more security measurements at the second node (Dara: par 0060, 0061; Boutnaru: par 0041).

Regarding claim 6, the method of claim 5, wherein the verification digest is further based on a second verification digest generated by a third node at a different previous hop in the path, the second verification digest being based on a second respective hash of one or more additional security measurements at the third node (Dara: par 0060, 0061; Boutnaru: par 0041). 

Regarding claim 8, the method of claim 1, wherein the timing information associated with the one or more metadata elements comprises at least one of a respective timestamp associated with each of the plurality of nodes, one or more Time-Based Uni-Directional Attestation (TUDA) sync tokens, one or more Trusted Platform Module (TPM) counters, and one or more packet trace timestamps defined by an In-Situ 

Regarding claim 10, a system comprising: 	one or more processors; and memory having stored therein instructions which, when executed by the one or more processors, cause the one or more processors to (Dara: par 0116):	receive a packet comprising one or more metadata elements generated based on security measurements from a plurality of nodes along a path of the packet (Dara: par 0042 [Each packet may be inserted with a metadata field that includes a RND field, a SEQ field, and a VERIFY field…]; 0044 […the SEQ field value may be at least in part based on a timestamp…]);	determine a validity of the one or more metadata elements based on at least one of a comparison of one or more values in the one or more metadata elements with one or more expected values calculated for the one or more metadata elements (Dara: par 0048), one or more signatures in the one or more metadata elements (Dara: par 0051 […each network node uses its piece of the cryptographic secret to leave a signature as part of the verification information in the packet.]), and timing information associated with the one or more metadata elements (Dara: par 0044); and 	based on the one or more metadata elements, determine whether the packet traversed any compromised nodes along the path of the packet (Boutnaru: par 0038, 0042).



Regarding claim 12, the system of claim 10, wherein the one or more metadata elements comprise node integrity metadata generated based on respective node integrity information from each of the plurality of nodes along the path of the packet, the respective node integrity information being generated based on a respective security measurement from each of the plurality of nodes along the path of the packet (Dara: par 0060, 0061; Boutnaru: par 0041).

Regarding claim 13, the system of claim 10, wherein the packet is received by a node at a hop in the path of the packet, and wherein the instructions, when executed by the one or more processors, cause the one or more processors to:	update a verification digest in the one or more metadata elements in the packet to yield an updated verification digest, the verification digest being updated based on a hash of at least one security measurement associated with the node (Dara: par 0060, 0061; Boutnaru: par 0041).



Regarding claim 17, a non-transitory computer-readable storage medium storing instructions which, when executed by one or more processors, cause the one or more processors to (Dara: par 0116):	receive a packet comprising one or more metadata elements generated based on security measurements from a plurality of nodes along a path of the packet (Dara: par 0042 [Each packet may be inserted with a metadata field that includes a RND field, a SEQ field, and a VERIFY field…]; 0044 […the SEQ field value may be at least in part based on a timestamp…]);	determine a validity of the one or more metadata elements based on at least one of a comparison of one or more values in the one or more metadata elements with one or more expected values calculated for the one or more metadata elements (Dara: par 0048), one or more signatures in the one or more metadata elements (Dara: par 0051 […each network node uses its piece of the cryptographic secret to leave a signature as part of the verification information in the packet.]), and timing information associated with the one or more metadata elements (Dara: par 0044); and 	based on the one or more metadata elements, determine whether the packet 

Regarding claim 18, the non-transitory computer-readable storage medium of claim 17, wherein the one or more metadata elements comprise the security measurements or one or more hash values representing the security measurements (Dara: par 0060; Boutnaru: 440 of FIG. 4), and wherein determining whether the packet traversed any compromised nodes comprises at least one of identifying each hop traversed by the packet and providing a proof-of-transit of the packet (Dara: par 0051, 0095; Boutnaru: par 0033).

Regarding claim 19, the non-transitory computer-readable storage medium of claim 17, wherein the packet is received by a node at a hop in the path of the packet, the non-transitory computer-readable storage medium storing instructions which, when executed by the one or more processors, cause the one or more processors to:	update a verification digest in the one or more metadata elements in the packet to yield an updated verification digest, the verification digest being updated based on a hash of at least one security measurement associated with the node (Dara: par 0060, 0061; Boutnaru: par 0041),	wherein determining whether the packet traversed any compromised nodes is based at least partly on the updated verification digest, and wherein the verification digest is based on a respective hash generated by a second node at a previous hop in 

Claims 7, 15, and 20 are rejected as being unpatentable over Dara et al. (US 2016/0315921), in view of Boutnaru (US 2019/0199533), and further in view of Ward et al. (US 2017/0111209)
Regarding claim 7, Dara-Boutnaru teaches the method of claim 1, wherein the one or more metadata elements comprise one or more nonce values associated with one or more nodes from the plurality of nodes (Dara: par 0042 [The SEQ field may contain a number and/or a timestamp generated at the ingress node.]). 	Dora-Boutnaru does not teach: 	wherein the one or more metadata elements are included in an In-Situ Operations, Administration, and Maintenance (IOAM) data field on the packet, an Inband Network Telemetry packet header associated with the packet, an Inband Flow Analyzer (IFA) header associated with the packet, or a header associated with an In-situ Flow Information Telemetry service used to transmit the packet, the IOAM data field being associated with an IOAM trace option or an IOAM proof-of-transit (POT) option. 	Ward teaches: 	wherein one or more metadata elements are included in an In-Situ Operations, Administration, and Maintenance (IOAM) data field on the packet, an Inband Network Telemetry packet header associated with the packet, an Inband Flow Analyzer (IFA) 

Regarding claim 15, the system of claim 10, wherein the one or more metadata elements are included in packet header data field associated with a path services protocol, the path services protocol comprising one of In-Situ Operations, Administration, and Maintenance (IOAM); Inband Network Telemetry; Inband Flow The SEQ field may contain a number and/or a timestamp generated at the ingress node.]).

Regarding claim 20, the non-transitory computer-readable storage medium of claim 17, wherein the timing information associated with the one or more metadata elements comprises at least one of a respective timestamp associated with each of the plurality of nodes, one or more Time-Based Uni-Directional Attestation (TUDA) sync tokens, one or more Trusted Platform Module (TPM) counters, and one or more packet trace timestamps defined by an In-Situ Operations, Administration, and Maintenance telemetry scheme (Ward: par 0055, 0073).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAMES E SPRINGER whose telephone number is (571)270-5640.  The examiner can normally be reached on 9am - 5:30pm ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, GLENTON BURGESS can be reached on 571-272-3949.  The fax phone 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


JAMES E. SPRINGER
Primary Examiner
Art Unit 2454



/JAMES E SPRINGER/           Primary Examiner, Art Unit 2454