Notice of Pre-AIA  or AIA  Status

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION

Claims 1 – 20 are pending.
Any references to applicant’s specification are made by way of applicant’s U.S. pre-grant printed patent publication.

Claim Rejections - 35 USC § 112

The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1 – 20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.


	The applicant’s specification fails to clearly define each term so as to enable one of ordinary skill in the art to clearly identify the subject matter falling within and outside the scope of each term.  Furthermore, the applicant’s specification fails to enable one of ordinary skill in the art to clearly and specifically understand the line of distinction between each term.  
	Instead, the examiner notes that the applicant’s specification broadly and nonlimitingly characterizes each of the claimed “service provider network” and “datacenter” as networks owned and operated by the “service provider” (e.g. specification, par. 29, 40), each comprising networking nodes and devices (e.g. routers, access points, gateways), and each being disclosed as equivalents in function (e.g. specification, par. 45 – i.e. “…the datacenters 120A-N and/or the SPN 114 can host, provide, and/or otherwise support one or more instances of virtualized and/or non-virtualized network services, such as but not limited to, communication services, compute services, storage services, routing services, switching services, relay services, and/or other virtualized or non-virtualized network service.”).
	Thus, the subject matter falling within and outside the scope of each of the recited “service provider network” and “datacenter”, including the line of distinction between each, is rendered indefinite.  



Claim Rejections - 35 USC § 102

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1 – 20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Jain et al. (Jain), US 2016/0036838 A1.

	Regarding claim 1, as best understood in view of the above noted lack of claim clarity, Jain discloses:
A system comprising: a processor; and a memory that stores computer-executable instructions that, in response to execution by the processor, cause the processor to perform operations comprising (e.g. Jain, claim 12): 
exposing an application (e.g. Jain, par. 3, 28 – hosted IP services are instantiated to provide services to remote clients) to a service provider network that provides an internet connection (e.g. Jain, fig. 1), wherein the application is provided by a datacenter that communicates with the service provider network (e.g. Jain, fig. 2: instantiated VM servers within datacenter),
 monitoring traffic flows to the application during an observation time period, wherein the traffic flows include probe traffic that attempts to reach the application (e.g. Jain, abstract; tables 1, 2, and 3; par. 1, 2, 26, 38, 47, 48 – herein both incoming and outgoing traffic flows, such as scans [i.e. “probe traffic”] from attacking malware, is  are monitored for periods of time), 
and constructing a scrubbed internet protocol domain such that detected probe traffic is prevented from reaching a plurality of virtual machines provided by the datacenter, wherein constructing the scrubbed internet protocol domain includes scrubbing the detected probe traffic from the service provider network and the datacenter (e.g. Jain, par. 2, 26, 28, 41, 55, 57).  Herein, one or more virtual IP addresses, within the datacenter, are protected from malware traffic (i.e. “a scrubbed internet protocol domain”) by virtue of scrubbing the traffic flows received from the IP network.   

Regarding claim 2, Jain discloses:
wherein the operations further comprise: generating a scrubbing scheme (e.g. Jain, abstract; par. 26, 28 – deployed mitigation strategy) so as to distribute scrubbing of the detected probe traffic across the service provider network and the datacenter, and distributing the scrubbing scheme to designated scrubbing points within the service provider network and the datacenter (e.g. Jain, par. 26, 28, 38-41, 44; fig. 1:138; fig. 2:240, 242, 226-230).  Herein, the mitigation strategy is deployed and distributed to security and monitoring components (i.e. “designated scrubbing points”) throughout the datacenter, the shim layer, and core layer of the service provider’s network.  

Regarding claim 3, Jain discloses:
wherein the designated scrubbing points include at least one of a carrier-grade router, an access router, a virtual router, or a cloud gateway (e.g. Jain, par. 39, 44; fig. 2:234-238; 212-216).

Regarding claim 4, Jain discloses:
wherein the operations further comprise: instructing the service provider network to automatically allow the traffic flows to be routed to the application during the observation time period (e.g. Jain, par. 28).  Herein, during observation periods, traffic flows to a VM may be scaled or rate limited vs. completely blocked or redirected.

Regarding claim 5, Jain discloses:
wherein the operations further comprise: withdrawing exposure of the application to the service provider network in response to the observation time period elapsing (e.g. Jain, par. 28, 70; fig. 11:1120).  Herein, after observable time granularities, an attack can be determined, and a VM can be shutdown.


wherein the scrubbed internet protocol domain includes a plurality of publicly routable internet protocol addresses that can be advertised via the internet connection while being protected from the detected probe traffic (e.g. Jain, par. 2, 26, 28, 41, 55, 57).  Herein, the plurality of VMs are publicly addressable by one or more virtual IP addresses within the datacenter, and they are protected from malware traffic (i.e. “a scrubbed internet protocol domain”) by virtue of scrubbing the traffic flows received from the IP network. 

Regarding claim 7, Jain discloses:
wherein the operations further comprise: maintaining the scrubbed internet protocol domain by identifying and discarding inactive filtering rules at designated scrubbing points within the service provider network and the datacenter (e.g. Jain, par.26, 28, 41, 55; tables 1-3).  Herein, in response to any observable one of a plurality of attacks, the system can deploy a new mitigation strategy to the “designated scrubbing points” for filtering traffic (i.e. blocking, redirecting, rate limiting, etc.)

	Regarding claims 8 – 20, they are method and medium claims essentially corresponding to the above system claims, and they are rejected, at least, for the same reasons.

Conclusion

:
See Notice of References Cited.	

Any inquiry concerning this communication or earlier communications from the examiner should be directed to JEFFERY L WILLIAMS whose telephone number is (571)272-7965.  The examiner can normally be reached on 7:30 am - 4:00 pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/JEFFERY L WILLIAMS/Primary Examiner, Art Unit 2495