Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Office Action is in response to the reply filed by Applicant on 12/7/2021. Claims 1-20 are pending. This Office Action is Final.  Action is Final per the steps taken in the First Action Interview Program. 

Allowable Subject Matter
Claims 11 and 20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having 

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 1-10 and 12-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Nainar et al. (US 2017/0302663) in view of Short et al. (US 2010/0115113).

	As per claim 1, Nainar teaches a system for detecting and profiling endpoints of a core network including  a first computing device one is in communication with the  core network, and comprising: at least one processor, and at least one memory device stores in communication with the at least one processor and configured to store a plurality of instructions, which, when executed by the at least one processor, cause the at least one processor to (Nainar, Paragraph 0018 recites “The device may comprise one or more network interfaces 210 (e.g., wired, wireless, PLC, etc.), at least one processor 220, and a memory 240 interconnected by a system bus 250 and powered by a power source (e.g., one or more batteries or other charge storage devices, a power line, etc.).”):
	receive a plurality of packets transmitted to the computer network; determine an identity of a first end point device associated with the plurality of packets (Nainar, Paragraph 0035 recites “As shown in FIG. 3A, assume that a new node F attempts to register with the local network associated with edge device 1. In such a case, node F may send a registration request 302 that includes identification information for node F and/or any other metadata regarding node F towards edge device 1.”);
	obtain a device profile from the first end point device; determine a behavior pattern for the first end point device based on the plurality of packets; and generate a first synthetic profile for the first end point device based on the identity and the behavior pattern, wherein the first synthetic profile is different than the device profile; validate the first end point device by comparing the first synthetic profile to the device profile (Nainar, Paragraph 0047 recites “Since the updated block chain is distributed among block chain servers 150a, etc., the other nodes /devices in the network also have access to the information about node F. In various embodiments, this distribution of the block chain allows the other nodes /devices to verify the identity of node F (e.g., when node F migrates to another local network, when node F sends a request to another node, etc.), to detect anomalies (e.g., by comparing traffic profile information or other behavioral information regarding node F stored in the block chain to an observed behavior of node F), and to perform other functions using the shared information about node F.” And Paragraph 0057 recites “In turn, edge device 2 may compare the observed traffic profile to that previously recorded in the block chain by edge device 1.”  It is being interpreted that the “observed traffic profile” would read on the synthetic profile.).
	Nainar fails to teach provide the first synthetic profile from the core network to an intercept computing device disposed between the first computing device and the first end point device.
	However, in an analogous art Short teaches provide the first synthetic profile from the core network to an intercept computing device disposed between the first computing device and the first end point device  (Short, Paragraph 0018 recites “The system also includes a AAA server in communication with the gateway device and source profile database, wherein the AAA server determines if the source is entitled to access the network based upon the access information stored within the source profile database, and wherein the AAA server determines the access rights of the source with the access rights defining the rights of the source to access destination sites via the network.”).
	It would have been obvious to a person of ordinary skill in the art at the earliest effective filing date to use, Short’s systems and methods for providing dynamic network authorization, authentication and accounting with Nainar’s block chain based IOT device identity verification and anomaly detection because the use of an intercept point would prevent potential harmful data from even entering a network.

	As per claim 2, Nainar in combination with Short teaches the system in accordance with Claim 1, Nainar teaches wherein the instructions further cause the at least one processor to: receive a plurality of data associated with the first end point  (Nainar, Paragraph 0054 recites “In turn, edge node 1 may initiate a block chain update 602 that includes the observed traffic profile of node F.”).

	As per claim 3, Nainar in combination with Short teaches the system in accordance with Claim 1, Nainar teaches wherein the instructions further cause the at least one processor to detect a second end point device based on the plurality of packets (Nainar, Paragraph 0035 recites “ As shown in FIG. 3A, assume that a new node F attempts to register with the local network associated with edge device 1. In such a case, node F may send a registration request 302 that includes identification information for node F and/or any other metadata regarding node F towards edge device 1.” Node F is a new device, and it would be obvious to have this method be applied to any future new nodes). 

	As per claim 4, Nainar in combination with Short teaches the system in accordance with Claim 3, Nainar teaches wherein the instructions further cause the at least one processor to: determine an second identity of a second end point device associated with the plurality of packets; determine a second behavior pattern for the second end point device based on the plurality of packets; and generate a second synthetic profile for second end point device based on the second identity and the second behavior pattern (Nainar, Paragraph 0047 recites “Since the updated block chain is distributed among block chain servers 150a, etc., the other nodes /devices in the network also have access to the information about node F. In various embodiments, this distribution of the block chain allows the other nodes /devices to verify the identity of node F (e.g., when node F migrates to another local network, when node F sends a request to another node, etc.), to detect anomalies (e.g., by comparing traffic profile information or other behavioral information regarding node F stored in the block chain to an observed behavior of node F), and to perform other functions using the shared information about node F.” And Paragraph 0057 recites “In turn, edge device 2 may compare the observed traffic profile to that previously recorded in the block chain by edge device 1.”  It is being interpreted that the “observed traffic profile” would read on the synthetic profile. Node F is a new device, and it would be obvious to have this method be applied to any future new nodes). 

	As per claim 5, Nainar in combination with Short teaches the system in accordance with Claim 1, Nainar teaches wherein the instructions further cause the at least one processor to: receive a second plurality of packets from the first end point device; and update the first synthetic profile based on the second plurality of packets (Nainar, Paragraph 0054 recites “In turn, edge node 1 may initiate a block chain update 602 that includes the observed traffic profile of node F.”).

	As per claim 6, Nainar in combination with Short teaches the system in accordance with Claim 1, Short teaches wherein the instructions further cause the at least one processor to receive the plurality of packets from the intercept point computer device  (Short, Paragraph 0018 recites “The system also includes a AAA server in communication with the gateway device and source profile database, wherein the AAA server determines if the source is entitled to access the network based upon the access information stored within the source profile database, and wherein the AAA server determines the access rights of the source with the access rights defining the rights of the source to access destination sites via the network.”).
	It would have been obvious to a person of ordinary skill in the art at the earliest effective filing date to use, Short’s systems and methods for providing dynamic network authorization, authentication and accounting with Nainar’s block chain based IOT device identity verification and anomaly detection because the use of an intercept point would prevent potential harmful data from even entering a network.

	As per claim 7, Nainar in combination with Short teaches the system in accordance with Claim 1, Short teaches wherein the intercept point computer device is a gateway associated with the first end point device (Short, Paragraph 0018 recites “The system also includes a AAA server in communication with the gateway device and source profile database, wherein the AAA server determines if the source is entitled to access the network based upon the access information stored within the source profile database, and wherein the AAA server determines the access rights of the source with the access rights defining the rights of the source to access destination sites via the network.”).
	It would have been obvious to a person of ordinary skill in the art at the earliest effective filing date to use, Short’s systems and methods for providing dynamic network authorization, authentication and accounting with Nainar’s block chain based IOT device 

	As per claim 8, Nainar in combination with Short teaches the system in accordance with Claim 1, Short teaches wherein the intercept point computer device (i) is associated with the computer network, and (ii) determines whether or not the first end point device may access the computer network  (Short, Paragraph 0018 recites “The system also includes a AAA server in communication with the gateway device and source profile database, wherein the AAA server determines if the source is entitled to access the network based upon the access information stored within the source profile database, and wherein the AAA server determines the access rights of the source with the access rights defining the rights of the source to access destination sites via the network.”).
	It would have been obvious to a person of ordinary skill in the art at the earliest effective filing date to use, Short’s systems and methods for providing dynamic network authorization, authentication and accounting with Nainar’s block chain based IOT device identity verification and anomaly detection because the use of an intercept point would prevent potential harmful data from even entering a network.

	As per claim 9, Nainar in combination with Short teaches the system in accordance with Claim 8, Short teaches wherein the intercept point computer device is programmed to: receive a particular packet from the first end point, wherein the particular packet is separate from the plurality of packets (Short, Paragraph 0018 recites “The system includes a gateway device for receiving a request from the source for access to the network, and a source profile database in communication with the gateway device and located external to the gateway device, wherein the source profile database stores access information identifiable by an attribute associated with the source, and wherein the attribute is identified based upon a data packet transmitted from the source computer and received by the gateway device. The system also includes a AAA server in communication with the gateway device and source profile database, wherein the AAA server determines if the source is entitled to access the network based upon the access information stored within the source profile database, and wherein the AAA server determines the access rights of the source with the access rights defining the rights of the source to access destination sites via the network.”  The request itself is determined to be a particular packet, since it would be a packet that is separate from the actual traffic that is received after the request is granted.).
	It would have been obvious to a person of ordinary skill in the art at the earliest effective filing date to use, Short’s systems and methods for providing dynamic network authorization, authentication and accounting with Nainar’s block chain based IOT device identity verification and anomaly detection because the use of an intercept point would prevent potential harmful data from even entering a network.

	As per claim 10, Nainar in combination with Short teaches the system in accordance with Claim 9, Short teaches wherein the intercept point computer device is further programmed to: compare the particular packet to the first synthetic profile; and determine whether or not to route the particular packet based on the comparison of the particular packet to the first synthetic profile (Short, Paragraph 0018 recites “The system includes a gateway device for receiving a request from the source for access to the network, and a source profile database in communication with the gateway device and located external to the gateway device, wherein the source profile database stores access information identifiable by an attribute associated with the source, and wherein the attribute is identified based upon a data packet transmitted from the source computer and received by the gateway device. The system also includes a AAA server in communication with the gateway device and source profile database, wherein the AAA server determines if the source is entitled to access the network based upon the access information stored within the source profile database, and wherein the AAA server determines the access rights of the source with the access rights defining the rights of the source to access destination sites via the network.”  The request itself is determined to be a particular packet, since it would be a packet that is separate from the actual traffic that is received after the request is granted.).

	
	Regarding claim 12, claim 12 is directed to a similar method associated with the system of claim 1 respectively. Claim 12 is similar in scope to claim 1, respectively, and are therefore rejected under similar rationale. 

	Regarding claim 13, claim 13 is directed to a similar method associated with the system of claim 2 respectively. Claim 13 is similar in scope to claim 2, respectively, and are therefore rejected under similar rationale. 

	Regarding claim 14, claim 14 is directed to a similar method associated with the system of claim 3 respectively. Claim 14 is similar in scope to claim 3, respectively, and are therefore rejected under similar rationale. 

	Regarding claim 15, claim 15 is directed to a similar method associated with the system of claim 4 respectively. Claim 15 is similar in scope to claim 4, respectively, and are therefore rejected under similar rationale. 

	Regarding claim 16, claim 16 is directed to a similar method associated with the system of claim 5 respectively. Claim 16 is similar in scope to claim 5, respectively, and are therefore rejected under similar rationale. 

	Regarding claim 17, claim 17 is directed to a similar method associated with the system of claim 8 respectively. Claim 17 is similar in scope to claim 8, respectively, and are therefore rejected under similar rationale. 

	Regarding claim 18, claim 18 is directed to a similar method associated with the system of claim 9 respectively. Claim 18 is similar in scope to claim 9, respectively, and are therefore rejected under similar rationale.

	Regarding claim 19, claim 19 is directed to a similar method associated with the system of claim 10 respectively. Claim 19 is similar in scope to claim 10, respectively, and are therefore rejected under similar rationale.  

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to RODERICK TOLENTINO whose telephone number is (571)272-2661. The examiner can normally be reached Mon- Fri 8am-4pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on 571-270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

RODERICK . TOLENTINO
Examiner
Art Unit 2439



/RODERICK TOLENTINO/Primary Examiner, Art Unit 2439