DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant’s arguments have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.


Information Disclosure Statement
The information disclosure statement (IDS) submitted on 05/13/2021 & 12/22/2021 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:



Claims 1, 4, 7-12, 13, 16, & 18-25 are rejected under 35 U.S.C 103 as being unpatentable over Chaturvedi et al. (US 2015/0026262), hereon referred to as Chat, in view of Shribman et al. (US 92410444), and hereon referred to as Shribman. 
In regards to claims 1, 13 & 25 Chat discloses sending, by a server, a reporting message to an intermediary registry server using a User Datagram Protocol (UDP) channel wherein the reporting message is associated with a UDP external endpoint and a UDP internal endpoint (The communication with respect to 'Endpoint 104' will be followed. The same method applies for 'Endpoint 1901'. The intermediary server in this case is the combination of 'Access Server 102' and 'Reflector 1002', which operates as a STUN server. Figure 20 shows them as two separate devices but as disclosed in paragraphs 0057-0059 "One or both of the STUN server 214 and redirect server 216 may be incorporated into the access server 102 or may be a standalone device.". The use of UDP is disclosed in paragraph 0140: "The present example uses a SIP messaging model over UDP, and so accommodates the transaction-based SIP model within connection­ less UDP messaging.". The reporting message is disclosed in paragraph 0141: "In steps 2002 and 2006, the endpoints 104 and 1901, respectively, send STUN requests to obtain their corresponding public IP address/port pairs (NATIP, NATPort).". A STUN request contains a private source IP/ port and requests a public IP/port pair, it is therefore associated with both an internal and an external UDP endpoint with regards to the NAT device; Paragraphs 0057-0059; 0140-0143); responding, by the intermediary register server through the UDP channel to the server, seeking confirmation of the UDP external endpoint of the server (The reflector 1002 responds to the STUN requests with the public ; receiving, by intermediary register server, confirmation of the UDP external endpoint of the server (As  the two endpoints 104 and 1901 are not logged in when the present example begins, they must both authenticate with the access server 102. In step 2010, the endpoint 104 sends an authentication request to the access server 102 with its private and public IP address/port pairs; Paragraphs 0057-0059; 0140-0143); and responsive to receiving confirmation from the server the UPD external endpoint of the server is active, recording, by the intermediary registry server, a server identification, the UDP external endpoint, and the UDP internal endpoint of the server in an external address registry (In step 2012, the access server 102 responds to the authentication request and, as described previously, returns information that includes the private and public IP addresses of any buddy endpoints that are currently logged in.". Since the access server is capable of sending private and public IP addresses of buddy endpoints, it implies that it stores all the received authentication information from the endpoints, i.e. external and internal IPs/ports and implicitly endpoint identification to recognize which endpoint was authenticated. Paragraph 0057 further discloses in detail what information the access server stores; Paragraphs 0057-0059; 0140-0143); sending by the intermediary registry server, an external address registry status message to the server confirming listing of the UDP channel of the server in the external address registry and a list of other servers registered by the intermediary registry server in the peer group (A SIP messaging model over UDP, and so accommodates the transaction-based SIP model within connection-less UDP messaging; the endpoints 104 and 1901, respectively, send STUN requests to obtain their corresponding public IP address/port pairs; the access server 102 responds to the authentication request and, as described .
However, Chat does not disclose …in a peer group; and …enabling direct secure communication between the server and the other servers in the peer group (There peer nodes (server group) communicate securely with each other through an intermediate node; (C.80-91; Fig. 5). 
At the time before the effective filing date of the invention, it would have been obvious to the one with ordinary skill in the art to combine the teachings disclosed by Chat, with the teachings disclosed by Shribman regarding …in a peer group; and …enabling direct secure communication between the server and the other servers in the peer group. The suggestion/motivation of the combination would have been to provide additional security by improving communication over the Internet by using intermediate nodes (Shribman; Abs.). 
While Chat discloses the limitations of claims 1, 13 & 25, Chat does not explicitly disclose ”UDP external endpoint”; ”UDP internal endpoint”, etc. It is not clear in the claims with reference to what device the endpoints are "external" and "internal". The independent claims merely register some server information into another server. Functionally, Chat teaches the elements of the instant application as currently presented, though exact terminology is not present. 
Applicant is notified that he use of conditional language indicates that the limitation may or may not occur and therefor does not move to distinguish over prior art.  
In regards to claims 4 & 16, Chat discloses establishing additional secure connections between the server and the intermediary registry server wherein the intermediary registry server associates each additional secure connection as a logical connection with the server (This connection may use a port such as port 443 of the NAT device 1004, which is the default TCP port for HTTP Secure (HTTPS) connections using the Transport Layer Security (TLS) or Secure Socket Layer (SSL) protocols. However, it 
In regards to claims 7 &18, Chat discloses wherein the list includes registration data of each server in the peer group enabling direct communication between servers, the registration data selected from the group consisting of server identification, UDP channel, UDP external endpoint, and pre-shared key  (A SIP messaging model over UDP, and so accommodates the transaction-based SIP model within connection-less UDP messaging; the endpoints 104 and 1901, respectively, send STUN requests to obtain their corresponding public IP address/port pairs; the access server 102 responds to the authentication request and, as described previously, returns information that includes the private and public IP addresses of any buddy endpoint; The notification of step 3102 may include information to be used by the access server 102 in tracking the recording of the communication session 3004. In the present example, the information may include a unique key generated or otherwise known by the endpoint 104 for the communication session 3004; Paragraphs 0140-0145); 0222).
In regards to claims 8 & 19, Chat discloses wherein the external address registry status message includes membership status of each server in the peer group based on the pre-shared key and any changes to membership status of any server in the peer group (A SIP messaging model over UDP, and so accommodates the transaction-based SIP model within connection-less UDP messaging; the endpoints 104 and 1901, respectively, send STUN requests to obtain their corresponding public IP address/port pairs; the access server 102 responds to the authentication request and, as described previously, returns information that includes the private and public IP addresses of any buddy endpoint; The notification of step 3102 may include information to be used by the access server 102 in tracking the recording of the communication session 3004. In the present example, the information may include a unique key generated or otherwise known by the endpoint 104 for the communication session 3004; access server 102 may retrieve additional information such as the length of the recording session (or start time to .
In regards to claims 9 & 19, Chat discloses receiving, by the intermediary registry server from the server, a request to create an invitation group wherein the invitation group is associated with a One-Time Private Key (OTPK), and forming, by the intermediary registry server, the invitation group wherein each member of the peer group is associated with the invitation group (These claims relate to forming a server group and registering new servers in said server group using a one-time private key. Creating server groups and registering new servers in a closed group using a private key are however widely known in the art (e.g. servers in a failover cluster). Moreover, Chat already discloses inviting more "buddy" endpoints into a group using some form of authentication (Chat; Paragraphs 0057-0059; 0138; 0140-0143). It would therefore be a mere design choice for the skilled person to implement such an approach into the teachings of Chat, without any further adaptation of Chat in order to provide improved security when adding a new server into a server group. The above claims cannot therefore be considered inventive).
In regards to claims 10 & 20, Chat discloses establishing, by the intermediary registry server, a new secure connection through a new UDP channel with an additional server, receiving, from the additional server, registration data with the OTPK identifying the invitation group, and sending, by the intermediary registry server to a randomly chosen member of the peer group, registration data from the additional server, and to the additional server, registration data of the randomly chosen member of the peer group (These claims relate to forming a server group and registering new servers in said server group using a one-time private key. Creating server groups and registering new servers in a closed group using a private key are however widely known in the art (e.g. servers in a failover cluster). Moreover, Chat already discloses inviting more "buddy" endpoints into a group using some form of authentication (Chat; Paragraphs 0057-0059; 0138; 0140-0143). It would therefore be a mere design choice for the .
In regards to claims 11 & 21, Chat discloses establishing a secure communication channel between the randomly chosen member of the peer group and the additional server using the OTPK, confirming membership of the additional server in the peer group, providing, by the randomly chosen member of the peer group to the additional server, the pre-shared key, and establishing the additional server as a member of the peer group (These claims relate to forming a server group and registering new servers in said server group using a one-time private key. Creating server groups and registering new servers in a closed group using a private key are however widely known in the art (e.g. servers in a failover cluster). Moreover, Chat already discloses inviting more "buddy" endpoints into a group using some form of authentication (Chat; Paragraphs 0057-0059; 0138; 0140-0143). It would therefore be a mere design choice for the skilled person to implement such an approach into the teachings of Chat, without any further adaptation of Chat in order to provide improved security when adding a new server into a server group. The above claims cannot therefore be considered inventive).
In regards to claims 12 & 24, Chat discloses responsive to receiving by the intermediary registry server from the additional server a response, further comprising adding the additional server to the external address registry as a member of the peer group (These claims relate to forming a server group and registering new servers in said server group using a one-time private key. Creating server groups and registering new servers in a closed group using a private key are however widely known in the art (e.g. servers in a failover cluster). Moreover, Chat already discloses inviting more "buddy" endpoints into a group using some form of authentication (Chat; Paragraphs 0057-0059; 0138; 0140-0143). It would therefore be a mere design choice for the skilled person to implement such an approach into the .

Claims 2-3, 5, 14-15 & 17 are rejected under 35 U.S.C 103 as being unpatentable over the combination of Chat and Shribman, in view of Yoon et al. (US 2021/0166593), and hereon referred to as Yoon. 
In regards to claims 2 & 14, the combination of Chat and Shribman does not disclose establishing a secure connection between the server and the intermediary registry server through the UDP external port and wherein the UDP channel is a single UDP channel. However, in an analogous art Yoon discloses establishing a secure connection between the server and the intermediary registry server through the UDP external port and wherein the UDP channel is a single UDP channel (These claims relate to establishing a secure connection between the server and the intermediary registry server, more specifically using DTLS with a pre-shared key. Using DTLS to secure a communication channel from attackers is however widely known in the art. Yoon discloses the use of pre-shared keys with DTLS in order to secure communications (Yoon; Paragraphs 0047-0055). The skilled person would therefore apply the teachings of Yoon to the teachings of Chat in order to solve the problem of securing communications between the servers. The above claims cannot therefore be considered inventive.)
At the time before the effective filing date of the invention, it would have been obvious to the one with ordinary skill in the art to combine the teachings disclosed by the combination of Chat and Shribman, with the teachings disclosed by Yoon regarding establishing a secure connection between the server and the intermediary registry server through the UDP external port and wherein the UDP channel is a single UDP channel. The suggestion/motivation of the combination would have been to provide additional security data transmission technology using a relay server (Yoon; Paragraph 0003). 
In regards to claims 3 & 15 Yoon discloses wherein the secure connection is a Datagram Transport Layer Security (DTLS) session (These claims relate to establishing a secure connection between .
In regards to claims 5 & 17, Yoon discloses responding, by the server, with a cookie value to logically associate multiple secure connections with the server, a pre-shared key identifying a peer group, and registration data encrypted using the pre-shared key (These claims relate to establishing a secure connection between the server and the intermediary registry server, more specifically using DTLS with a pre-shared key. Using DTLS to secure a communication channel from attackers is however widely known in the art. Yoon discloses the use of pre-shared keys with DTLS in order to secure communications (Yoon; Paragraphs 0047-0055). The skilled person would therefore apply the teachings of Yoon to the teachings of Chat in order to solve the problem of securing communications between the servers. The above claims cannot therefore be considered inventive.).


Conclusion

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHARIF E ULLAH whose telephone number is (571)272-5453. The examiner can normally be reached Mon-Fri 7:00-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.