Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION

Status of Claims
Claims 26, 27, 29-34, 36-41, 43, 44, 46 are subject to examination.  
Claims 1-25, 28, 35, 42, 45 are cancelled.  
 

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.  A nonstatutory double patenting rejection is appropriate where the claims at issue are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO internet Web site contains terminal disclaimer forms which may be used.  Please visit http://www.uspto.gov/forms/.  The filing date of the application will determine what form should be used.  A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission.  For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.  
Claims 26-44, 46 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-22 of U.S. Patent No. 10462156. Although the claims at issue are not the claims of this application are obvious over the claims of the U.S. Patent No. 10462156. The patent claimed subject matter do not mention about, which is well-known in the art, Oliver discloses, reputation determination information, and determining a reputation of the data from the reputation determination information in the data visa, performing an action based on the determined reputation of the data from the data visa,
[0104] Referring to FIG. 8 herein, there is illustrated schematically a message format for sending a reputation data message between computer entities within the network.  The message comprises a source node identifier field 800 for identifying a computer entity generating the message; a target node identifier 801 identifying a computer node in the network which is subject of the message, and to which the reputation data applies; a plurality of reputation data type fields 803, 805, 807 each defining a type of reputation data which attaches to the target identified; and a plurality of reputation data value fields 804, 806, 808 respectively, each value field giving a value for a particular reputation data type which applies to the target node subject of the message. [0105] Reputation data messages may be transferred asynchronously between different computer nodes within the network, so that an individual computer node can build up a picture of a reputation data of other individual computer nodes in the network, without directly collecting reputation for each and every node within the network in order to gain an appreciation of the performance of those other individual nodes.  [0106] Once a particular computer entity has determined that a target node in the network has a poor performance parameter, that is it has a poor reputation, then it communicates that information to other peer computers within the network, of which it is aware, so that the reputation data, or changes in reputation data, concerning that selected target node propagates through the network to other peer computers within the network.  Typically, the other peer computers within the network may not have a prior knowledge, i.e. a prior stored data, concerning the reputation of the target node, and so effectively, a reputation message sent from the computer entity concerning the target node to the other peer nodes in the network comprises a reputation service provided by the local computer entity to the other peer computers in the network.  [0112] Reputation data collected from a plurality of human users of a peer to peer network is accumulated at individual nodes within the network, and is used to perform an automated reputation service in which individual nodes of the network are monitored, and any significant changes in reputation of a node may propagate by way of reputation data messages throughout the network to other computer entities in the network. 


    PNG
    media_image1.png
    613
    763
    media_image1.png
    Greyscale

based on determination of a destination for the data (based on the identified target/target node for the data/data type, target node identifier, para 105, also usage of target node identifier of figure 8 is used for determining of the destination, figure 8).
 
    PNG
    media_image2.png
    553
    891
    media_image2.png
    Greyscale

Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to inlude these limitations and also one of ordinary skill in the art would 
Deyo discloses, indicating a positive/neutral reputation (reputation features of received information indicating reputation, which is based on particular type of reputation (features), which is used to generate a score. Note: the score is not same each time and implies positive/neutral based on the value of the score. Applicant’s claim does not define which reputation is considered positive versus neutral versus negative, para 84, 85), wherein the action is allowing the data (usage of reputation scoring operations which happens with the allowing of the received data for the operations, para 84, 85).
Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to include these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known action to allow the received data. Upon identifying the malware one of ordinary skilled in the art would readily know that the malware needs to be isolated/removed/quarantine so that the malware would not hard the system. Based on the reputation of the data the malware would be identified and the system security would be maintained, para 218, 199.
Agrawal 2012/0291087, discloses well-known action including removing the data from the data flow by updating, para 44, and to improve the reputation by performing DLP, para 5.
Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to include these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known action to remove old data and update the data of the data flow and to improve the reputation using well-known DLP. Upon 


Claim 26 of this application
Claim 1 of U.S. Patent No. 10462156
26.  At least one computer-readable medium encoded with instructions that, when executed by at least one processor, cause the at least one processor to perform a method comprising: 
receiving data in a data flow; extracting a data visa from the data flow, wherein the data visa includes reputation determination information indicating a reputation; and determining a reputation of the data from the reputation determination information in the data visa.
1.  At least one computer-readable medium comprising one or more 
instructions that, when executed by at least one processor, perform a method 
comprising: 

receiving data in a data flow;  extracting a data visa from the 
data flow, wherein the data visa travels with the data through the data flow 
and includes reputation determination information from at least one previous 
hop network element in the data flow;  bypassing a security filter based on the 
reputation determination information;  determining a reputation of the data 
based on the data and the reputation determination information, wherein the 
reputation of the data is determined from meta data included in the data visa, 
and the meta data includes a title or role of a user, a geo-location of the 
user, or a historic data use profile of the user;  storing the reputation of 
the data in the data visa;  and communicating the data visa and the data to a 
next network element in the data flow. 


Claims 33 and 40 are independent claims that have similar limitation of claim 26. Claims 27-32, 34-39, 41-44, 46 are dependent claims, which are similar to the dependent claims of the Patent.

“A later patent claim is not patentably distinct from an earlier patent claim if the later claim is obvious over, or anticipated by, the earlier claim”. 
In re Longi, 759 F.2d at 896, 225 USPQ at 651 (affirming a holding of obviousness-type double patenting because the claims at issue were obvious over claims in four prior art patents); In re Bern, 140 F.3d at 1437, 46 USPQ2d at 1233 (Fed. Cir. 1998) (affirming a holding of obviousness-type double patenting where a patent application claim to a genus is anticipated by a patent claim to a species within that genus). '' ELI LILLY AND COMPANY v BARR LABORATORIES, INC., United States Court of Appeals for the Federal Circuit, ON PETITION FOR REHEARING EN BANC (DECIDED: May 30, 2001).

Claim Limitation Interpreted under 35 U.S.C. 112(f) or 
pre-AIA  35 USC § 112, Sixth Paragraph

Claim 33 limitations “data reputation module to” has/have been interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because it uses/they use a generic placeholder “module” coupled with functional language “cause” without reciting sufficient structure to achieve the function.  Furthermore, the generic placeholder is not preceded by a structural modifier.  
Since the claim limitation(s) invokes 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, claim(s) 33 has/have been interpreted to cover the corresponding structure described in the specification that achieves the claimed function, and equivalents thereof.  
A review of the specification shows that the following appears to be the corresponding structure described in the specification 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph limitation: figures 1 and 2, para 29 and its description in the specification the hardware structure of the communication system for the data reputation module.
Applicant’s remarks 10/14/20 is acknowledged, which doesn’t contain any concern for the above interpretations under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.




 
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claim(s) 26, 27, 31, 33, 40, is/are rejected under 35 U.S.C. 103 as being unpatentable over Davie et al., 2006/0089988 in view of Oliver et al., 2005/0052998, Deyo 2009/0254499 and Agrawal 2012/0291087.
Referring to claim(s) 26, Davie discloses non-transitory computer-readable medium encoded with instructions that, when executed by processor, cause the processor to perform a method comprising: receiving data in a data flow; extracting a data visa from the data flow, and the data visa includes identity information

    PNG
    media_image3.png
    562
    1076
    media_image3.png
    Greyscale

[0068] Each intermediate node 200 in network 100 maintains information associated with reservations for data flows processed by the node 200 in the node's reservation data structure 800.  FIG. 8 is an illustration of a reservation data structure 800 that may be advantageously used with the present invention.  Data structure 800 is illustratively represented as a table comprising one or more entries 810 wherein each entry 810 is associated with a data flow and contains information related to the data flow including a reservation ID field 830, a sender address field 840, a sender port field 850, a receiver address field 860, a receiver port field 870, a resource allocation field 880 and a GID set field 890.  It should be noted that entry 810 may contain other fields, such as a previous hop field that holds an address of a previous hop in the path traversed by the data flow or a valid field that indicates whether the entry 810 contains valid information.  Further, data structure 800 may be organized as a series of tables that may include, for example, a session table that holds information (e.g., state) about RSVP sessions, a sender table that holds information about senders and a reservation table that holds information about RSVP reservations processed by the intermediate node 200.
[0079] At Step 1080, the reservation data structure entry 810 associated with the new data flow is updated to reflect the resources (if any) allocated to the new data flow.  In addition, illustratively, the receiver address 565 and port 567 contained in the Resv message 500 are used to update the contents of the new data flow's receiver address 860 and receiver port 870 fields, respectively.  At Step 1085, the reservation request message is forwarded to the next upstream node.  

    PNG
    media_image4.png
    473
    747
    media_image4.png
    Greyscale

Davie does not specifically mention about, which is well-known in the art, which Oliver discloses, reputation determination information, and determining a reputation of the data from the reputation determination information in the data visa, performing an action based on the determined reputation of the data from the data visa,
[0104] Referring to FIG. 8 herein, there is illustrated schematically a message format for sending a reputation data message between computer entities within the network.  The message comprises a source node identifier field 800 for identifying a computer entity generating the message; a target node identifier 801 identifying a computer node in the network which is subject of the message, and to which the reputation data applies; a plurality of reputation data type fields 803, 805, 807 each defining a type of reputation data which attaches to the target identified; and a plurality of reputation data value fields 804, 806, 808 respectively, each value field giving a value for a particular reputation data type which applies to the target node subject of the message. [0105] Reputation data messages may be transferred asynchronously between different computer nodes within the network, so that an individual computer node can build up a picture of a reputation data of other individual computer nodes in the network, without directly collecting reputation for each and every node within the network in order to gain an appreciation of the performance of those other individual nodes.  [0106] Once a particular computer entity has determined that a target node in the network has a poor performance parameter, that is it has a poor reputation, then it communicates that information to other peer computers within the network, of which it is aware, so that the reputation data, or changes in reputation data, concerning that selected target node propagates through the network to other peer computers within the network.  Typically, the other peer computers within the network may not have a prior knowledge, i.e. a prior stored data, concerning the reputation of the target node, and so effectively, a reputation message sent from the computer entity concerning the target node to the other peer nodes in the network comprises a reputation service provided by the local computer entity to the other peer perform an automated reputation service in which individual nodes of the network are monitored, and any significant changes in reputation of a node may propagate by way of reputation data messages throughout the network to other computer entities in the network. 


    PNG
    media_image1.png
    613
    763
    media_image1.png
    Greyscale

based on determination of a destination of data (based on the identified target/target node for the data/data type, target node identifier, para 105, also usage of target node identifier of figure 8 is used for determining of the destination, figure 8).

    PNG
    media_image2.png
    553
    891
    media_image2.png
    Greyscale

Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known data/information from the flow/message for determining reputation. The reputation of the data/information would be performed to accomplish monitoring the nodes of the network. Any significant changes in the reputation would enable an action such as propagating updated reputation data/information throughout the network to other computer entities in the network, para 104, 112. 
Davie and Oliver do not specifically mention about, which is well-known in the art, which Deyo discloses, indicating a positive/neutral reputation (reputation features of received information indicating reputation, which is based on particular type of reputation (features), which is used to generate a score. Note: the score is not same each time and implies positive/neutral based on the value of the score. Applicant’s claim does not define which reputation is considered positive versus neutral versus negative, 
Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known action to allow the received data. The allowed data would be processed for associated reputation, para 84, 85.
Davie, Deyo and Oliver do not specifically mention about, which is well-known in the art, which Agrawal discloses well-known action including removing the data from the data flow by updating, para 44, and to improve the reputation by performing DLP, para 5. Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to include these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known action to remove old data and update the data of the data flow and to improve the reputation using well-known DLP. Upon identifying the malware one of ordinary skilled in the art would readily know that the malware needs to be isolated/removed/quarantine so that the malware would not hard the system. Hence, based on the reputation of the data the malware would be identified and the system security would be maintained, para 44, 5.
Note: “indicating positive/neutral reputation” is not used for anything. Regardless of whether the indication is “positive” or “negative” it is still a reputation indication. The steps, extracting, determining, and performing an action are performed regardless of whether the indication is “positive” or “negative”.
Also regarding, “indicating positive/neutral reputation, these differences are only found in the nonfunctional descriptive material and are not functionally involved in the steps recited. All the steps of the claim will be performed regardless of whether the indication of reputation is positive or neutral. Thus this descriptive material will not distinguish the claimed invention from the prior art in terms of patentability, see In re Gulack, 703 F.2d 1381, 1385, 217 USPQ 401,404 (Fed. Cir. 1983); In re Lowry, 32 F.3d 1579, 32 USPQ2d 1031 (Fed. Cir. 1994).
 
Referring to claim 27, Davie discloses updating the data visa and communicating the updated data visa and the data to a next network element in the data flow (updated structure is sent to next hop in the data flow, para 68, 79).

Referring to claim 31, Davie discloses wherein the identity information indicates information about a user or device that originated the data (address field of the device, para 68).

Referring to claim(s) 33, 40, Davie discloses an apparatus/method for: receiving data in a data flow; extracting a data visa from the data flow, and the data visa includes identity information

    PNG
    media_image3.png
    562
    1076
    media_image3.png
    Greyscale

[0068] Each intermediate node 200 in network 100 maintains information associated with reservations for data flows processed by the node 200 in the node's reservation data structure 800.  FIG. 8 is an illustration of a reservation data structure 800 that may be advantageously used with the present Data structure 800 is illustratively represented as a table comprising one or more entries 810 wherein each entry 810 is associated with a data flow and contains information related to the data flow including a reservation ID field 830, a sender address field 840, a sender port field 850, a receiver address field 860, a receiver port field 870, a resource allocation field 880 and a GID set field 890.  It should be noted that entry 810 may contain other fields, such as a previous hop field that holds an address of a previous hop in the path traversed by the data flow or a valid field that indicates whether the entry 810 contains valid information.  Further, data structure 800 may be organized as a series of tables that may include, for example, a session table that holds information (e.g., state) about RSVP sessions, a sender table that holds information about senders and a reservation table that holds information about RSVP reservations processed by the intermediate node 200.
[0079] At Step 1080, the reservation data structure entry 810 associated with the new data flow is updated to reflect the resources (if any) allocated to the new data flow.  In addition, illustratively, the receiver address 565 and port 567 contained in the Resv message 500 are used to update the contents of the new data flow's receiver address 860 and receiver port 870 fields, respectively.  At Step 1085, the reservation request message is forwarded to the next upstream node.  

    PNG
    media_image4.png
    473
    747
    media_image4.png
    Greyscale

Davie does not specifically mention about, which is well-known in the art, which Oliver discloses, reputation determination information, and determining a reputation of the data from the reputation determination information in the data visa,
[0104] Referring to FIG. 8 herein, there is illustrated schematically a message format for sending a reputation data message between computer entities within the network.  The message comprises a source node identifier field 800 for identifying a computer entity generating the message; a target node identifier 801 identifying a computer node in the network which is subject of the message, and to which the reputation data applies; a plurality of reputation data type fields 803, 805, 807 each defining a type of reputation data which attaches to the target identified; and a plurality of reputation data value fields 804, 806, 808 respectively, each value field giving a value for a particular reputation data type which applies to the target node subject of the message. [0105] Reputation data messages may be transferred asynchronously between different computer nodes within the network, so that an individual computer node can build up a picture of a reputation data of other individual computer nodes in the network, without directly collecting reputation for each and every node within the network in order to gain an appreciation of the performance of those other individual nodes.  [0106] Once a particular computer entity has determined that a target node in the network has a poor performance parameter, that is it has a poor reputation, then it communicates that information to other peer computers within the network, of which it is aware, so that the reputation data, or changes in reputation data, concerning that selected target node propagates through the network to other peer computers within the network.  Typically, the other peer computers within the network may not have a prior knowledge, i.e. a prior stored data, concerning the reputation of the target node, and so effectively, a reputation message sent from the computer entity concerning the target node to the other peer nodes in the network comprises a reputation service provided by the local computer entity to the other peer computers in the network.  [0112] Reputation data collected from a plurality of human users of a peer to peer network is accumulated at individual nodes within the network, and is used to perform an automated reputation service in which individual nodes of the network are monitored, and any significant changes in reputation of a node may propagate by way of reputation data messages throughout the network to other computer entities in the network. 


    PNG
    media_image1.png
    613
    763
    media_image1.png
    Greyscale

 based on determination of a destination of data (based on the identified target/target node for the data/data type, target node identifier, para 105, also usage of target node identifier of figure 8 is used for determining of the destination, figure 8).

([0104] Referring to FIG. 8 herein, there is illustrated schematically a message 
format for sending a reputation data message between computer entities within 
the network.  The message comprises a source node identifier field 800 for 
identifying a computer entity generating the message; a target node identifier 
801 identifying a computer node in the network which is subject of the message, 
plurality of reputation data type 
fields 803, 805, 807 each defining a type of reputation data which attaches to 
the target identified; and a plurality of reputation data value fields 804, 
806, 808 respectively, each value field giving a value for a particular 
reputation data type which applies to the target node subject of the message.)

    PNG
    media_image2.png
    553
    891
    media_image2.png
    Greyscale

Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known data/information from the flow/message for determining reputation. The reputation of the data/information would be performed to accomplish monitoring the nodes of the network. Any significant changes in the reputation would enable propagating updated reputation data/information throughout the network to other computer entities in the network, para 104, 112. 

Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known action to allow the received data. The allowed data would be processed for associated reputation, para 84, 85.
Davie, Deyo and Oliver do not specifically mention about, which is well-known in the art, which Agrawal discloses well-known action including removing the data from the data flow by updating, para 44, and to improve the reputation by performing DLP, para 5. Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to include these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known action to remove old data and update the data of the data flow and to improve the reputation using well-known DLP. Upon identifying the malware one of ordinary skilled in the art would readily know that the malware needs to be isolated/removed/quarantine so that the malware would not hard the system. Hence, based on the reputation of the data the malware would be identified and the system security would be maintained, para 44, 5.
Note: “indicating positive/neutral reputation” is not used for anything. Regardless of whether the indication is “positive” or “negative” it is still a reputation indication. The steps, extracting, determining, and performing an action are performed regardless of whether the indication is “positive” or “negative”.
Also regarding, “indicating positive/neutral reputation, these differences are only found in the nonfunctional descriptive material and are not functionally involved in the steps recited. All the steps of the claim will be performed regardless of whether the indication of reputation is positive or neutral. Thus this descriptive material will not distinguish the claimed invention from the prior art in terms of patentability, see In re Gulack, 703 F.2d 1381, 1385, 217 USPQ 401,404 (Fed. Cir. 1983); In re Lowry, 32 F.3d 1579, 32 USPQ2d 1031 (Fed. Cir. 1994)
   
Claim(s) 29, 36, 43, is/are rejected under 35 U.S.C. 103 as being unpatentable over Davie in view of Oliver, Deyo, Agrawal and Daoud et al., 2012/0124057.
Referring to claim(s) 36, 43, Davie, Deyo, Agrawal and Oliver do not disclose, which is well-known in the art, which Daoud discloses wherein the reputation of the data is determined from meta data included in the data visa and the meta data includes a title or role of a user, a geo-location of the user, or a historic data use profile of the user (a reputation value for the user is generated/determined from the collected data, abstract, the metadata including reputation information, user location, user history, para 29, 32, retrieve user reputational data, 404, determine based on the user reputational data, 406, figure 4, usage of networks such as client/server or peer-to-peer or distributed network architectures, para 12).
Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known meta data and user information. The meta data would provide association between the information related to reputation and the user information. The user information/profile would be available for determining the conditions associated with the information related to reputation for processing the reputation information, para 29, 32.  

Referring to claim(s) 29, Davie, Deyo, Agrawal and Oliver do not disclose, which is well-known in the art, which Daoud discloses wherein the reputation of the data is determined from meta data included in the data visa and the meta data includes a title or role of a user, a geo-location of the user, or a historic data use profile of the user (a reputation value for the user is generated/determined from the collected data, abstract, the metadata including reputation information, user location, user history, para 29, 32, retrieve user reputational data, 404, determine based on the user reputational data, 406, figure 4, usage of networks such as client/server or peer-to-peer or distributed network architectures, para 12).
Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known meta data and user information. The meta data would provide association between the information related to reputation and the user information. The user information/profile would be available for determining the conditions associated with the information related to reputation for processing the reputation information, para 29, 32.  

Claim(s) 30, 37, 44, is/are rejected under 35 U.S.C. 103 as being unpatentable over in view of Oliver, Agrawal, Deyo and Huang 20100057895.
Referring to claim(s) 30, Davie, Agrawal, Deyo and Oliver do not disclose, which is well-known in the art, which Daoud discloses wherein the reputation of the data is determined based on an Internet protocol (IP) address of a source of the data or a country of origin for a server on a communication path (IP address of the device for the reputation information transmitted via server on the communication path of the data (para 12, 9, 55). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do 

Referring to claim(s) 37, 44, Davie, Deyo, Agrawal and Oliver do not disclose, which is well-known in the art, which Daoud discloses wherein the reputation of the data is determined based on an Internet protocol (IP) address of a source of the data or a country of origin for a server on a communication path (IP address of the device for the reputation information transmitted via server on the communication path, para 12, 9, 55). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known IP address of the source etc., The IP address of the source etc would provide association between the information related to reputation and the IP address. The IP address would be available for determining the conditions associated with the device, which sent the data over the path for processing the reputation information, para 12, 9.  

Claim(s) 32, 39, is/are rejected under 35 U.S.C. 103 as being unpatentable over Davie in view of Deyo, Oliver, Agrawal and Sargent et al., 20100115040.
Referring to claim(s) 32, Davie, Agrawal and Oliver do not disclose, which is well-known in the art, which Sargent discloses passport information, context information, or forensic information (context-specific reputation data, para 28). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known reputation data related information. The 

Referring to claim(s) 39, Davie, Agrawal, Deyo and Oliver do not disclose, which is well-known in the art, which Sargent discloses passport information, context information, or forensic information (context-specific reputation data, para 28). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known reputation data related information. The reputation data related information would provide association between the information related to reputation and the reputation data. The information related to reputation such as context information would be available for determining the conditions associated with the device, for processing the reputation data, para 28.  

Claim(s) 32, 39, is/are rejected under 35 U.S.C. 103 as being unpatentable over Davie in view of Deyo, Oliver, Agrawal and Flake et al., 20080005223.
Referring to claim(s) 32, Davie, Agrawal and Oliver do not disclose, which is well-known in the art, which Sargent discloses passport information, context information, or forensic information (reputation data associated with context, content and properties/attributes, para 52). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known reputation 

Referring to claim(s) 39, Davie, Deyo, Agrawal and Oliver do not disclose, which is well-known in the art, which Sargent discloses passport information, context information, or forensic information (reputation data associated with context, content and properties/attributes, para 52). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known reputation data related information. The reputation data related information would provide association between the information related to reputation and the reputation data. The information related to reputation such as context information would be available for determining the conditions associated with the device, for processing the reputation data, para 52.  

Claim(s) 27, 34, 41, is/are rejected under 35 U.S.C. 103 as being unpatentable over Davie, Agrawal, Oliver and Deyo in view of Buss 2009/0193520.
Referring to claims 27, 34, 41, Davie discloses updating the data visa and communicating the updated data visa and the data to a next network element in the data flow (updated structure is sent to next hop in the data flow, para 68, 79). Dave discloses updating the data visa and communicating the updated data visa and the data to a next network element in the data flow (updated structure is sent to next hop in the data flow, para 68, 79). Davie, Deyo and Oliver do not specifically mention about, which is well-known in the art, which Buss discloses, add reputation information (reputation is added to the .

Claim(s) 46, is/are rejected under 35 U.S.C. 103 as being unpatentable over Davie in view of Oliver, Deyo in view of Thomas 2011/0246753.
Referring to claim 46, Davie discloses wherein the identity information indicates information about a user or device that originated the data (address field of the device, para 68). Davie, Deyo and Oliver do not specifically mention about, which is well-known in the art, which Thomas discloses, determining if the data should be protected, based on a determination of the reputation of the data (protecting data based on the reputation of the data, para 73, hence inherent determination of the reputation). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known action to protect the data. Based on the reputation of the data, the data would be protected to contain threats to the system, para 73.

Claim(s) 38, 45, is/are rejected under 35 U.S.C. 103 as being unpatentable over Davie, Oliver, Deyo in view of Kumar et al., 2013/0298244.
Referring to claim 38, Davie discloses wherein the identity information indicates information about a user or device that originated the data (address field of the device, para 68). Davie, Deyo and Oliver do wherein the action is identifying malware (usage of network flow remediation system, malware analyzers and reputation service; to perform action based on the reputation of the data of the flow, para 199, to perform action(s) including quarantine, para 218). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Davie to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known action to identify malware. Upon identifying the malware one of ordinary skilled in the art would readily know that the malware needs to be isolated/removed/quarantine so that the malware would not hard the system. Based on the reputation of the data the malware would be identified and the system security would be maintained, para 218, 199.

Referring to claim 46, Kumar discloses determining if the data should be protected, based on a determination of the reputation of the data (action to make the date safe based on determination of the reputation of the data, para 218, 199).

Response to Arguments
Applicant's arguments filed 10/6/21, pages 9-14 have been fully considered, and accordingly the rejections are updated.  Therefore, rejection of claims 26, 27, 29-34, 36-41, 43, 44, 46 is maintained. 
Regarding applicant’s concern for the double patenting rejections, please see above updated double patenting rejections.
Regarding applicant’s concern for the amended claimed claim, the rejections are updated accordingly. Please see the above updated rejections.

Conclusion
             Applicant is reminded for compact prosecution, rather extended prosecution. 
One of ordinary skilled in the art would readily know that mere addition of well-known limitations in the art including replacing the action such as removing the data from the data flow, enhancing/updating the reputation after DLP/scanning would not make the claimed subject matter novel. 
As per the prosecution history, Applicant’s mere addition of well-known limitations in the art, to the below core invention:
“receiving data in a data flow;
extracting a data visa from the data flow, wherein the data visa includes reputation
determination information indicating a positive reputation, a neutral reputation, or a suspect
reputation;
determining a reputation of the data from the reputation determination information in
the data visa, based on a determination of a destination for the data;”, which is taught by the references;
do not alter the scope of the above core invention. The reputation of the data is already determined. Mere well-known enhancement of the reputation and/or a particular well-known action would not make the subject matter novel over the rejected core invention. 
For example, one can replace the action of the claimed claim 1 to increment/decrement/multiply the data from the data flow and would make the subject matter patentable. Similarly replacement with thousands of such well-known actions would make thousands of subject matter patentable, and each would be patentable. Similar applies to well-known enhancing step.
Hence, Applicant is suggested to claim novel subject matter, which is not mere amendments of well-known limitations to the above core invention.

             
As seen above, prior arts, Davie et al., 2006/0089988, Oliver et al., 2005/0052998, Daoud et al., 2012/0124057, Huang 20100057895, Sargent et al., 20100115040, Flake et al., 20080005223; are used for the rejections, which demonstrate that the claimed subject matter was known in the prior art for long. The search history of the prosecution history reveals that hundreds of reference include the claimed traversing reputation information using table/structures in the network.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HARESH PATEL whose telephone number is (571)272-3973.  The examiner can normally be reached on M-F 9-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on 5712723862.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/HARESH N PATEL/Primary Examiner, Art Unit 2493