DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Drawings
The drawings are objected to as failing to comply with 37 CFR 1.84(p)(5) because they do not include the following reference sign(s) mentioned in the description: 112.  Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.
Specification
The disclosure is objected to because of the following informalities: 
In paragraph 0022, line 8, “can stored” should read “can be stored”.
Appropriate correction is required.
The use of the term Citrix® WorkspaceTM which is a trade name or a mark used in commerce, has been noted in this application. The term should be accompanied by the generic terminology; furthermore the term should be capitalized wherever it appears or, where appropriate, include a proper symbol indicating use in commerce such as ™, SM , or ® following the term.

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 

(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 2 and 6 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 2 recites “wherein the at least one processor is configured to determine whether the second copy of the certificate matches the first copy by comparing the second one to the first [on a] byte-by-byte [basis].” The term “matches” is not defined by the claim or applicant’s specification and is an inherently subjective term when given its broadest reasonable interpretation consistent with applicant’s specification as a person of ordinary skill in the art.  For instance, there are many thresholds that could be used with respect to amount of similarity or difference between the two copies in order to conclude the copies “match”.  Applicant’s specification, paragraph [0041], does recite one threshold:  “…a match exists only where no difference between the two security certificates is found”.  However, this is explicitly an exemplary statement in applicant’s specification and not a definition.  For purposes of further examination the examiner will interpret any consideration of similarity comparison and any conclusory “matchingness” from any threshold to meet the claim language.
“wherein to determine whether the first copy is valid comprises to execute a full transport layer security validation of the first copy”. Here the term “full” is subjective and the specification does not provide a standard for ascertaining the requisite degree. For purposes of further examination the examiner will consider any “security validation” “at” a “transport layer” to meet the claim limitation.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1, 4, 9, 15, 16,  and 20 are rejected under 35 U.S.C. 102 (a) (1) as being anticipated by Janjua et al. (US 20140283054 A1) hereinafter Janjua.
Regarding claim 1, Janjua teaches a computer system comprising: a memory; a network interface; and at least one processor coupled to the memory and the network interface (Janjua: [0016] states that the computing device 102 may range from a full resource device with substantial memory and processor resources) and configured to:
transmit, via the network interface, a first message to a server application to initiate a handshake process with the server application (Janjua: [0013] provides client device transmits request to target site requesting current certificate);

determine whether the first copy is valid (Janjua: Fig 5, steps 504->506 being "no", not stored locally; validation occurs via steps 514->516->520;  [0065]-[0067]);
store, in response to the determination that the first copy is valid, the first copy into memory (Janjua: [0079] for determining first current certificate is genuine based on comparison to confirmed copy; [0083]-[0085] for maintaining genuine certificates in store;  See also Fig 2, par [0030]-[0031] for example);
establish, in response to a determination that the first copy is valid, an initial secure connection to the server application (Janjua: [0022] provides the entire purpose of getting the certificate is to establish an SSL connection to the server site; See also [0078], for not setting up the connection if the certificate is found fraudulent);
transmit, via the network interface, a second message to the server application to request a subsequent secure connection to the server application (Janjua: [0013] provides for sending request for certificate at another arbitrary time in the future; See also Fig 2, [0030]-[0031]);
receive, via the network interface, a second copy of the security certificate from the server application (Janjua: Fig 5, step 502 on 2nd iteration; [0061)
determine whether the second copy matches the first copy (Janjua: Fig 5, steps 504->506 being "yes", we have received previous certificate before; Then step 508 determining current (i.e., most recently received) certificate matches previously received certificate in store; [0063]-[0064]);

Regarding claim 4, Janjua teaches all the elements of claim 1 as stated above. Janjua further states that the memory stores no copies of the security certificate prior to transmitting the first message (Sec [0062] “In situations in which the computing device implementing process 500 has not previously accessed the target site (“first message”), the local site certificate mapping store (“memory”) would include no previous certificates received from the target site (“server”)”).
Regarding claim 9, Janjua teaches a method of establishing secure connections using dynamic pinning within a computer system, the method comprising: 
transmitting, via the network interface, a first message to a server application to initiate a handshake process with the server application (Janjua: [0013] provides client device transmits request to target site requesting current certificate);
receiving, via the network interface, a first copy of a security certificate from the server application (Janjua: [0013] provides client receives a first "current" copy of the certificate from the target site;  See Fig 5, step 502; [0061]);
determining whether the first copy is valid (Janjua: Fig 5, steps 504->506 being "no", not stored locally; validation occurs via steps 514->516->520;  [0065]-[0067]);
storing, in response to the determination that the first copy is valid, the first copy into memory (Janjua: [0079] for determining first current certificate is genuine based on comparison 
establishing, in response to a determination that the first copy is valid, an initial secure connection to the server application (Janjua: [0022] provides the entire purpose of getting the certificate is to establish an SSL connection to the server site; See also [0078], for not setting up the connection if the certificate is found fraudulent);
transmitting, via the network interface, a second message to the server application to request a subsequent secure connection to the server application (Janjua: [0013] provides for sending request for certificate at another arbitrary time in the future; See also Fig 2, [0030]-[0031]);
receiving, via the network interface, a second copy of the security certificate from the server application (Janjua: Fig 5, step 502 on 2nd iteration; [0061)
determining whether the second copy matches the first copy (Janjua: Fig 5, steps 504->506 being "yes", we have received previous certificate before; Then step 508 determining current (i.e., most recently received) certificate matches previously received certificate in store; [0063]-[0064]);
and establishing, in response to a determination that the second copy matches the first copy, the second subsequent connection to the server application (Janjua: [0022] provides the entire purpose of getting the certificate is to establish an SSL connection to the server site; See also [0078], for not setting up the connection if the certificate is found fraudulent).
Regarding claim 16, Janjua teaches a non-transitory computer readable medium storing executable sequences of instructions to establishing secure connections using dynamic pinning (Janjua: [0095]  an implementation of the described modules and techniques may be stored on or 
transmit, via the network interface, a first message to a server application to initiate a handshake process with the server application (Janjua: [0013] provides client device transmits request to target site requesting current certificate);
receive, via the network interface, a first copy of a security certificate from the server application (Janjua: [0013] provides client receives a first "current" copy of the certificate from the target site;  See Fig 5, step 502; [0061]);
determine whether the first copy is valid (Janjua: Fig 5, steps 504->506 being "no", not stored locally; validation occurs via steps 514->516->520;  [0065]-[0067]);
store, in response to the determination that the first copy is valid, the first copy into memory (Janjua: [0079] for determining first current certificate is genuine based on comparison to confirmed copy; [0083]-[0085] for maintaining genuine certificates in store;  See also Fig 2, par [0030]-[0031] for example);
establish, in response to a determination that the first copy is valid, an initial secure connection to the server application (Janjua: [0022] provides the entire purpose of getting the certificate is to establish an SSL connection to the server site; See also [0078], for not setting up the connection if the certificate is found fraudulent);
transmit, via the network interface, a second message to the server application to request a subsequent secure connection to the server application (Janjua: [0013] provides for sending request for certificate at another arbitrary time in the future; See also Fig 2, [0030]-[0031]);
receive, via the network interface, a second copy of the security certificate from the server application (Janjua: Fig 5, step 502 on 2nd iteration; [0061)

and establish, in response to a determination that the second copy matches the first copy, the second subsequent connection to the server application (Janjua: [0022] provides the entire purpose of getting the certificate is to establish an SSL connection to the server site; See also [0078], for not setting up the connection if the certificate is found fraudulent).
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 2 and 10 are rejected under 35 U.S.C. 103 as being unpatentable over Janjua in view of Shilane (US 10831370 B1).
Regarding claim 2, Janjua teaches all the elements of claim 1 as stated above except wherein the comparing is a byte-by-byte comparison. Shilane teaches the computer system of claim 1, wherein the at least one processor is configured to determine whether the second copy 
Janjua and Shilane are all considered to be analogous to the claimed invention because they are in the same field of secure networking using certificates. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Janjua, to specifically use a byte-to-byte comparison technique as disclosed in Shilane. Doing so would incorporate a known method to perform comparisons to determine identicalness. 
Regarding claim 10, this claim contains the same limitations as claim 2, and is rejected under the same rationale.

Claims 3, 6, 11, 13 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Janjua (US 20140283054 A1) in view of Mistry (US 20180367530 A1).
	Regarding claim 3, Janjua teaches all the elements of claim 1 as stated above except the type of the connection.
Mistry teaches that the subsequent secure connection is a low-level connection (Sec [0043] teaches "User Device 100 may also i) extract the IP address assigned to User Device 100 by DHCP Server 105 from Response 114, ii) store the IP address assigned to User Device 100 by DHCP Server 105 within User Device 100, and iii) begin ("establish connection") using the IP address assigned to User Device 200 by DHCP Server 105 as its IP address when 
	Janjua and Mistry are both considered to be analogous to the claimed invention because they are in the same field of secure networking using certificates. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Janjua to incorporate the teachings of Mistry and provide a computer system to establish low-level secure connection between client and server using multiple certificates and compare them with each other. Doing so would aid in using a preexisting standardized protocol to establish secure connections. 

Regarding claim 6, Janjua teaches all the elements of claim 1 as stated above. However Janjua does not teach a full transport layer security validation of the first copy.
Mistry teaches that to determine whether the first copy is valid comprises to execute a full transport layer security validation of the first copy (Sec [003] "Existing cryptographic protocols include forms of endpoint authentication that are specifically intended to prevent man-in-the-middle attacks. For example, the TLS (Transport Layer Security) protocol and its predecessor the SSL (Secure Sockets Layer) protocol include authentication of one or both communicating entities within a public key infrastructure (PKI), using a mutually trusted certificate authority (CA). In addition to these techniques, some client-server environments have also provided what is generally referred to as “certificate pinning”, in which the client attempts to avoid a man-in-the-middle attack by comparing a previously obtained certificate ("validated first copy") to a certificate that is subsequently obtained from the same server, and then allowing communication with the server only when there is a match between the two certificates.”)


Regarding claim 11, Janjua teaches all the elements of claim 9 as stated above except the type of the connection.
Mistry teaches that transmitting the second message to the server application comprises transmitting a second message to request a low-level connection. (Sec [0043] teaches "User Device 100 may also i) extract the IP address assigned to User Device 100 by DHCP Server 105 from Response 114, ii) store the IP address assigned to User Device 100 by DHCP Server 105 within User Device 100, and iii) begin ("establish connection") using the IP address assigned to User Device 200 by DHCP Server 105 as its IP address when communicating with other devices using the TCP/IP (Transmission Control Protocol/Internet Protocol) suite of communication protocols.")
	Janjua and Mistry are both considered to be analogous to the claimed invention because they are in the same field of secure networking using certificates. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Janjua to incorporate the teachings of Mistry and provide a computer system to establish low-level secure connection between client and server using multiple 

Regarding claim 13, Janjua teaches all the elements of claim 9 as stated above. However Janjua does not teach a full transport layer security validation of the first copy.
Mistry teaches that the method of claim 9, wherein to determine whether the first copy is valid comprises to execute a full transport layer security validation of the first copy (Sec [003] "Existing cryptographic protocols include forms of endpoint authentication that are specifically intended to prevent man-in-the-middle attacks. For example, the TLS (Transport Layer Security) protocol and its predecessor the SSL (Secure Sockets Layer) protocol include authentication of one or both communicating entities within a public key infrastructure (PKI), using a mutually trusted certificate authority (CA). In addition to these techniques, some client-server environments have also provided what is generally referred to as “certificate pinning”, in which the client attempts to avoid a man-in-the-middle attack by comparing a previously obtained certificate ("validated first copy") to a certificate that is subsequently obtained from the same server, and then allowing communication with the server only when there is a match between the two certificates.”)
	Janjua and Mistry are both considered to be analogous to the claimed invention because they are in the same field of secure networking using certificates. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Janjua to incorporate the teachings of Mistry and provide a method to establish connection between client and server using multiple certificates where the first copy is 

Regarding claim 17, Janjua teaches all the elements of claim 16 as stated above except the type of the connection.
Mistry teaches that transmitting the second message to the server application comprises transmitting a second message to request a low-level connection. (Sec [0043] teaches "User Device 100 may also i) extract the IP address assigned to User Device 100 by DHCP Server 105 from Response 114, ii) store the IP address assigned to User Device 100 by DHCP Server 105 within User Device 100, and iii) begin ("establish connection") using the IP address assigned to User Device 200 by DHCP Server 105 as its IP address when communicating with other devices using the TCP/IP (Transmission Control Protocol/Internet Protocol) suite of communication protocols.")
	Janjua and Mistry are both considered to be analogous to the claimed invention because they are in the same field of secure networking using certificates. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Janjua to incorporate the teachings of Mistry and provide instructions to establish low-level secure connection between client and server using multiple certificates and compare them with each other. Doing so would aid in using a preexisting standardized protocol to establish secure connections. 


Claims 5, 12 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Janjua in view of Nukala et al (US 20200045015 A1) hereinafter Nukala. 
	Regarding claim 5, Janjua teaches all the elements of claim 1 as stated above. Janjua further teaches wherein the at least one processor is further configured to: determine, in response to a determination that the second copy does not match the first copy, (Fig. 5, step 506 and 514) whether the second copy is valid; (Fig. 5, step 520 to make sure the certificate is valid) and store, in response to a determination that the second copy is valid, the second copy in the memory (update local Site Certificate Mapping Store)
	However Janjua does not teach that the validation of the second copy is based on the determination of the protocol of the network (high-level connection). 
	Nukala teaches that authentication of the network request is based on the connection (Sec [005] “ Responsive to authenticating the request based on the identifier, the method selects a firewall port among a set of firewall ports of the firewall to open based on the protocol identifier.” Sec [042] “a protocol identifier that identifies a protocol (“high-level, low-level etc) of the data packet.”)
	Janjua and Nukala are both considered to be analogous to the claimed invention because they are in the same field of authenticating network connections. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Janjua to incorporate the teachings of Nukala and provide a validation test based on the protocol of the network where the second copy of the certificate does not match the first copy. Doing so would aid in using the right tools to validate the certificate (based on the protocol) to filter out fraudulent certificates. 


	However Janjua does not teach that the validation of the second copy is based on the determination of the protocol of the network (high-level connection). 
	Nukala teaches that authentication of the network request is based on the connection (Sec [005] “ Responsive to authenticating the request based on the identifier, the method selects a firewall port among a set of firewall ports of the firewall to open based on the protocol identifier.” Sec [042] “a protocol identifier that identifies a protocol (“high-level, low-level etc) of the data packet.”)
	Janjua and Nukala are both considered to be analogous to the claimed invention because they are in the same field of authenticating network connections. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Janjua to incorporate the teachings of Nukala and provide a validation test based on the protocol of the network where the second copy of the certificate does not match the first copy. Doing so would aid in using the right tools to validate the certificate (based on the protocol) to filter out fraudulent certificates. 
	
Regarding claim 18, Janjua teaches all the elements of claim 16 as stated above. Janjua further teaches wherein the computer readable medium is further configured to: determine, in response 
	However Janjua does not teach that the validation of the second copy is based on the determination of the protocol of the network (high-level connection). 
	Nukala teaches that authentication of the network request is based on the connection (Sec [005] “ Responsive to authenticating the request based on the identifier, the method selects a firewall port among a set of firewall ports of the firewall to open based on the protocol identifier.” Sec [042] “a protocol identifier that identifies a protocol (“high-level, low-level etc) of the data packet.”)
	Janjua and Nukala are both considered to be analogous to the claimed invention because they are in the same field of authenticating network connections. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Janjua to incorporate the teachings of Nukala and provide a validation test based on the protocol of the network where the second copy of the certificate does not match the first copy. Doing so would aid in using the right tools to validate the certificate (based on the protocol) to filter out fraudulent certificates. 

Claims 7, 14 and 19 are rejected under 35 U.S.C as being unpatentable over Janjua (US 20140283054 A1) in view of Goel et al (US 20120023241 A1) hereinafter Goel. 

Regarding claim 7, Janjua teaches all the elements of claim 1 as stated above. However, Janjua does not teach claim’s “session” that comprises multiple child objects that represent connections (claim’s “initial connection” and “subsequent connection”). 
Goel teaches a secure communication session with the server application, the secure communication session comprising the initial secure connection; and add, the subsequent secure connection to the secure communication session (Sec [0047] “FIG. 5 illustrates another view of an embodiment, including receiving an initial SSL connection request, establishing an SSL session, and subsequently processing an incoming ClientHello message requesting resumption of the same session. FIG. 5 illustrates the initial TCP connection 510, initial SSL connection 511, subsequent TCP connection 512 and subsequent SSL connection 513”).
Janjua and Goel are all considered to be analogous to the claimed invention because they are in the same field of secure networking using sessions and connections. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Janjua to incorporate the teachings of Goel to provide a method to establish single secure session between client and server adding subsequent connection after establishing the initial connection. Doing so would aid in resumption of the session and will be cost effective. 


Goel teaches a secure communication session with the server application, the secure communication session comprising the initial secure connection; and add, the subsequent secure connection to the secure communication session (Sec [0047] “FIG. 5 illustrates another view of an embodiment, including receiving an initial SSL connection request, establishing an SSL session, and subsequently processing an incoming ClientHello message requesting resumption of the same session. FIG. 5 illustrates the initial TCP connection 510, initial SSL connection 511, subsequent TCP connection 512 and subsequent SSL connection 513”).
Janjua and Goel are all considered to be analogous to the claimed invention because they are in the same field of secure networking using sessions and connections. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Janjua to incorporate the teachings of Goel to provide a method to establish single secure session between client and server adding subsequent connection after establishing the initial connection. Doing so would aid in resumption of the session and will be cost effective.

Regarding claim 19, Janjua teaches all the elements of claim 16 as stated above. However, Janjua does not teach claim’s “session” that comprises multiple child objects that represent connections (claim’s “initial connection” and “subsequent connection”). 
Goel teaches a secure communication session with the server application, the secure communication session comprising the initial secure connection; and add, the subsequent secure 
Janjua and Goel are all considered to be analogous to the claimed invention because they are in the same field of secure networking using sessions and connections. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Janjua to incorporate the teachings of Goel to provide sequences of instructions to establish single secure session between client and server adding subsequent connection after establishing the initial connection. Doing so would aid in resumption of the session and will be cost effective. 

Claims 8, 15 and 20 are rejected under 35 U.S.C as being unpatentable over Janjua (US 20140283054 A1) in view of Goel and Gore et al (US 20190379656 A1) hereinafter Gore.

Regarding claim 8, Janjua and Goel teach all the elements of claim 7 as stated above. However, Janjua and Goel do not teach the secure communication session comprising an expiration time. 
Gore teaches the secure communication session comprises an expiration time (Sec [0044] “Timer 352 tracks the preset period of time during which application sessions (“communication session”) IDs 350 are valid. Upon expiration of timer 352, the application session ID becomes invalid.”)


Regarding claim 15, Janjua and Goel teache all the elements of claim 14 as stated above. However, Janjua and Goel do not teach the secure communication session comprising an expiration time. 
Gore teaches the secure communication session comprises an expiration time (Sec [0044] “Timer 352 tracks the preset period of time during which application sessions (“communication session”) IDs 350 are valid. Upon expiration of timer 352, the application session ID becomes invalid.”)
Janjua, Goel and Gore are all considered to be analogous to the claimed invention because they are in the same field of secure networking using sessions and connections. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Janjua and Goel to incorporate the teachings of Gore to include an expiration time to the session. Doing so would aid in making sure to terminate the session when it is no longer used thereby reducing the load on the network.


Gore teaches the secure communication session comprises an expiration time (Sec [0044] “Timer 352 tracks the preset period of time during which application sessions (“communication session”) IDs 350 are valid. Upon expiration of timer 352, the application session ID becomes invalid.”)
Janjua, Goel and Gore are all considered to be analogous to the claimed invention because they are in the same field of secure networking using sessions and connections. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Janjua and Goel to incorporate the teachings of Gore to include an expiration time to the session. Doing so would aid in making sure to terminate the session when it is no longer used thereby reducing the load on the network.

Citation of Pertinent Prior Art
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Su et al. (US 20170230355 A1) teaches a certificate pinning method for providing secure communications between a user device and a server using a directory service. 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to YASMIN JAHIR whose telephone number is (571)272-0346.  The examiner can normally be reached on Mon-Fri 9:00-5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Nickerson can be reached on (469)295-9235.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Y.J./Examiner, Art Unit 4182                                                                                                                                                                                                        
/Jeffrey Nickerson/Supervisory Patent Examiner, Art Unit 2432