DETAILED ACTION
This communication is in respond to application filed on November 26, 2019 in which claims 1-15 are presented for examination.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 11/26/2019 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Objections
Claim 5 is objected to because of the following informalities:  Claim 5 recites “...the format information is...a predetermined commands” should be either “a predetermined command” or “one of predetermined commands”.  Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-15 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claim 1 recites a system, however, it is not clear what components the system comprises. Claim 1 recites a network system that connects a first site and a second site, which appears to suggest the claimed invention is a system that provides connects between a first site and a second site. While the claim recites components for the first site and components for the second site, it is not clear what components belong to the network system that connects the first site and the second site. As recited, it is not clear whether each of the first site, the second side, the open network, or the closed network is part of the claimed network system. Further, dependent claim 10 recites “a first package obtained by packaging the first interface, the second computer, and the encryption/decryption unit; and a second package obtained by packaging the second interface, the fourth computer, and the decryption/encryption unit, wherein the first package is connected to the virtually closed network via the first computer, and the second package is connected to the virtually closed network via the third computer”, dependent claim 12 recites “a first package obtained by packaging the first interface, the second computer, and the encryption/decryption unit; and a second package obtained by packaging the second interface, the fourth computer, and the decryption/encryption unit, wherein the first package is connected to the virtually closed network via a first router, and the second package is connected to the virtually closed network via a second router”, both seem to suggest these components are not previously included as part of the network system, therefore it is not clear what components are in the network system recited in parent claims. For the following rejection, the limitation in claim 1 is interpreted as the network system comprises the first site, the second site, the open network and the closed network.


The dependent claims included in the statement of rejection but not specifically addressed in the body of the rejection have inherited the deficiencies of their parent claim and have not resolved the deficiencies. Therefore, they are rejected based on the same rationale as applied to their parent claims above.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 1-5 and 7-13 are rejected under 35 U.S.C. 103 as being unpatentable over US Pat. No. 10,298,544 B2 to Duval et al. (hereinafter Duval) in view of US PG-PUB No. 2014/0056576 A1 to Miura et al. (hereinafter Miura).
As per claim 1, Duval disclosed a network system that connects a first site and a second site to each other via an open network and a closed network (Duval, Abstract, “establishing a virtual private network between local area networks, each local area network comprising at least one access gateway to a public network and a unit comprising a VPN client”, also col. 3, lines 64-67, “a first remote local area network Ra and a second remote local area network Rb are to be interconnected via a connection of virtual private network type”), wherein the first site includes a first computer, a second computer, and a first interface connecting the first computer and the second computer to each other, the second site includes a third computer, a fourth computer, and a second interface connecting the third computer and the fourth computer to each other, the first computer and the third computer belong to the open network, the second computer and the fourth computer belong to the closed network  (Duval, Fig. 2, and col. 4, lines 1-22, “Each local area network comprises at least one access gateway Pa, Pb to the Internet and at least one terminal Ua, Ub connected to at least one access gateway. Each access gateway Pa, Pb1, Pb2 has a local IP address visible from each terminal present in the corresponding local area network and a public IP address visible from the Internet network. In the example illustrated in FIG. 2 the first local area network Ra comprises a first access gateway Pa to a public network and a second local area network comprises a pair of second access gateways Pb1, Pb2 to the public network. An interconnection unit 1a, 1b is placed in each local area network. Each unit 1a, 1b comprises network communication means 12 adapted to communicate with at least one of the access gateways of the local area network in which the unit is placed. Each unit 1a, 1b also comprises storage means 14, such as flash or EEPROM memory, and a data-processing module 10, for 
Duval does not disclose “the first interface performs control so that format information of first confidential information passes through the first interface but the first confidential information does not pass through the first interface between the first computer and the second computer, and the second interface performs control so that format information of second confidential information passes through the second interface but the second confidential information does not pass through the second interface between the third computer and the fourth computer”, however, in an analogous art in secure network communications, Miura disclosed the concept of implementing interface between computing systems such that format information of confidential information passes through the interface but the confidential information does not pass through the interface between the computing systems (Miura, par 0433, “the terminal 102 may transmit only the photograph file names without transmitting the photograph data in the case where the security level of the terminal 102 is high. This reduces the communication time, and also avoids the transmission of the photographs including the user's personal information to the editing server 101”), it would have been obvious to one of ordinary skill in the art before the effective filing date of the invention, to modify the system of Duval to incorporate the concept of interface between computing system that allows only format information of confidential information to pass through as disclosed by Miura, such modification would provide increased system security by avoiding transmission of confidential information as suggested by Miura (Miura, par 0433).

As per claim 2, Duval-Miura disclosed the network system according to claim 1, wherein for the open network, the first site and the second site are connected to each other via a wide area 

As per claim 3, Duval-Miura disclosed the network system according to claim 1, further comprising: an encryption/decryption unit connected to the second computer; and a decryption/encryption unit connected to the fourth computer, wherein the encryption/decryption unit and the decryption/encryption unit are connected to a wide area network, and form a virtually closed network using encryption in the wide area network, for the open network, the first site and the second site are connected to each other via the wide area network, and for the closed network, the first site and the second site are connected to each other via the virtually closed network (Duval, col. 6, lines 53-64, “A packet of useful data sent by a first terminal Ua of the first local area network Ra to a second terminal Ub of the second network Rb is first encrypted by the first VPN client 16 of the first unit, then sent to the VPN server 22 via the corresponding tunnel 24a. The packet is decrypted by the first VPN server 22, and sent to the second. The packet is then encrypted again by the VPN server 22, and sent via the tunnel 24b after examination of the routing rule established during the step ROUT to the second VPN client 16 of the unit 1b, which decrypts the packet before sending it to the destination terminal Ub.”, which indicates each nodes at the VPN path has a corresponding encryption/decryption and decryption/encryption unit).



As per claim 5, Duval-Miura disclosed the network system according to claim 1, wherein the first confidential information and the second confidential information are each a content of a file stored in a corresponding one of the second computer and the fourth computer, and the format information is a file name of the file, a storage location where the file is stored, or a predetermined commands (Miura, par 0433, “the terminal 102 may transmit only the photograph file names without transmitting the photograph data in the case where the security level of the terminal 102 is high. This reduces the communication time, and also avoids the transmission of the photographs including the user's personal information to the editing server 101”, the reasons of obviousness have been noted in the rejection of claim 1 above and applicable herein).

As per claim 7, Duval-Miura disclosed the network system according to claim 1, wherein the first computer and the third computer are each constituted of a plurality of computers (Duval, col. 3 line 64 – col. 4, line 3, “a first remote local area network Ra and a second remote local area network Rb are to be interconnected via a connection of virtual private network type. Each local area network comprises at least one access gateway Pa, Pb to the Internet and at least one terminal Ua, Ub connected to at least one access gateway”, a plurality of computers are implied).

As per claim 8, Duval-Miura disclosed the network system according to claim 1, wherein the second computer and the fourth computer are each constituted of a plurality of computers (Duval, col. 3 line 64 – col. 4, line 3, “a first remote local area network Ra and a second remote local area network Rb are to be interconnected via a connection of virtual private network type. Each local area network comprises at least one access gateway Pa, Pb to the Internet and at least one terminal Ua, Ub connected to at least one access gateway”, a plurality of computers are implied).

As per claim 9, Duval-Miura disclosed the network system according to claim 1, wherein the first computer, the second computer, the third computer, and the fourth computer are each constituted of a plurality of computers (Duval, col. 3 line 64 – col. 4, line 3, “a first remote local area network Ra and a second remote local area network Rb are to be interconnected via a connection of virtual private network type. Each local area network comprises at least one access gateway Pa, Pb to the Internet and at least one terminal Ua, Ub connected to at least one access gateway”, a plurality of computers are implied).

As per claim 10, Duval-Miura disclosed the network system according to claim 3, further comprising: a first package obtained by packaging the first interface, the second computer, and the encryption/decryption unit (Duval, Fig. 2, “1a”, “Pa” and corresponding module for implementing VPN 24a); and a second package obtained by packaging the second interface, the fourth computer, and the decryption/encryption unit (Duval, Fig. 2, “1b”, “Pb” and corresponding module for implementing VPN 24b), wherein the first package is connected to the virtually closed network via the first computer, and the second package is connected to the virtually closed network via the third computer (Duval, Fig. 2).

As per claim 11, Duval-Miura disclosed the network system according to claim 10, wherein the encryption/decryption unit in the first package is connected to the first computer, and the decryption/encryption unit in the second package is connected to the third computer  (Duval, Fig. 2, and col. 4, lines 1-22, “Each local area network comprises at least one access gateway Pa, Pb to the Internet and at least one terminal Ua, Ub connected to at least one access gateway. ... An interconnection unit 1a, 1b is placed in each local area network. ....Each unit is further configured to execute at least one VPN client 16”, the communications via the VPN corresponds to closed network, the communication via access gateway without VPN corresponds to open network).

As per claim 12, Duval-Miura disclosed the network system according to claim 3, further comprising: a first package obtained by packaging the first interface, the second computer, and the encryption/decryption unit (Duval, Fig. 2, “1a”, “Pa” and corresponding module for implementing VPN 24a); and a second package obtained by packaging the second interface, the 

As per claim 13, Duval-Miura disclosed the network system according to claim 12, wherein the encryption/decryption unit in the first package is connected to the first router, and the decryption/encryption unit in the second package is connected to the second router (Duval, Fig. 2, and col. 4, lines 1-22, “Each local area network comprises at least one access gateway Pa, Pb to the Internet and at least one terminal Ua, Ub connected to at least one access gateway. ... An interconnection unit 1a, 1b is placed in each local area network. ....Each unit is further configured to execute at least one VPN client 16”, the communications via the VPN corresponds to closed network, the communication via access gateway without VPN corresponds to open network).

Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over Duval in view of Miura as applied to claim 5 above, and further in view of US PG-PUB No. 2004/0054914 A1 to Sullivan (hereinafter Sullivan).
As per claim 6, Duval-Miura disclosed the network system according to claim 5, Duval-Miura does not explicitly disclose the format information is a predetermined commands, and the predetermined commands include a first command exchanged between the first computer and the second computer via the first interface, and a second command exchanged between the third computer and the fourth computer via the second interface; however, in an analogous art in network security, Sullivan disclosed implementing a filter module configured to pass only a .

Claims 14-15 are rejected under 35 U.S.C. 103 as being unpatentable over Duval in view of Miura as applied to claims 1 and 3 above, and further in view of US PG-PUB No. 2009/0006542 A1 to Feldman et al. (hereinafter Feldman).
As per claim 14, Duval-Miura disclosed the network system according to claim 1, Duval does not explicitly disclose the first interface and the second interface each include a dedicated circuit;
As per claim 15, Duval-Miura disclosed the network system according to claim 3, Duval does not explicitly disclose the encryption/decryption unit and the decryption/encryption unit each include a dedicated circuit; However, in an analogous art in network security, Feldman disclosed the concept of using dedicated circuit for implementing security functions including encryption/decryption and signal filtering (Feldman, par 0027, “...hardware components dedicated to encoding/decoding, compression/decompression, encryption/decryption, digital .

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Nandoori et al. (US PG-PUB No. 2019/0327112 A1) disclosed a network system that support dynamic scaling of VPN instances.
Mibu (US PG-PUB No. 2017/0078114 A1) disclosed a network system that provides inter-site network cooperation control.
	Any inquiry concerning this communication or earlier communications from the examiner should be directed to Linglan Edwards whose telephone number is (571)270-5440. The examiner can normally be reached 8:00am - 4:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok B Patel can be reached on 5712723972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To 





/LINGLAN E EDWARDS/Primary Examiner, Art Unit 2491