Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Office Action is in response to the instant Application 16/767,998 filed on 5/28/2020. Claims 1-17 are pending. This Office Action is Non-Final.

Information Disclosure Statement
The information disclosure statement (IDS), submitted on 5/28/2020, 10/13/2020 and 8/26/2021, is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) is/are: “unit” and “module” in claims 11-14.
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


Claim(s) 1, 2, 4-6, 9-12 and14-16 is/are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Vinukonda et al. (US 2018/0205742).

	As per claim 1, Vinukonda discloses a method for recognizing abnormal access behavior, comprising: receiving an access request sent by a client terminal and generating a recognition identifier for the client terminal based on the access request (Vinukonda, Paragraph 0101 recites “In some embodiments, CMS server 504 can validate the content access request to determine whether or not to authorize the content access request. As one example, validation might be performed to ensure that any geographic restrictions exist (a geo-restriction validation). Embodiments of the present disclosure can be used for validation of anonymous users. In some embodiments of the present disclosure, token-based validation can be used in combination with other types of validation, such as and without limitation geo-based validation (such as the geo-restrictions discussed herein), user-based validation (e.g., validation to ensure that the user based on identification information, such as and without limitation a username and password), or the like.” It is being interpreted that content the validation/authorization of an access request would read on a recognition identifier, where the system would identify/recognize that the content request is authorized); 
	obtaining device fingerprint information of the client terminal and generating a unique identifier based on the recognition identifier and the device fingerprint information (Vinukonda, Paragraph 0053 recites “The present disclosure provides novel systems and methods for automatically generating a secure token upon validation of an initial request to access content, which secure token is used to validate subsequent requests to access content that include the secure token. According to some embodiments, the disclosed systems and methods generate the secure token which is associated with the IP address of the user device from which the initial content access request is received, and transmits the secure token to the user device.” An IP address would be a device fingerprint.  And a secure token which acknowledges the request is authorized and associated with an IP address would be a unique identifier);
(Vinukonda, Paragraph 0053 recites “If the count of the number of different IP address exceeds the threshold number, access is denied; otherwise, access is granted. In so doing, present systems and methods provide flexibility to accommodate IP address changes while minimizing unauthorized (or abusive) attempts to access the content.”).

	As per claim 2, Vinukonda discloses the method of claim 1, Vinukonda further discloses wherein generating the recognition identifier for the client terminal based on the access request includes: extracting access information of the client terminal from the access request, wherein the access information includes at least an IP address of the client terminal and user-agent information of the client terminal (Vinukonda, Paragraph 0053 recites “The present disclosure provides novel systems and methods for automatically generating a secure token upon validation of an initial request to access content, which secure token is used to validate subsequent requests to access content that include the secure token. According to some embodiments, the disclosed systems and methods generate the secure token which is associated with the IP address of the user device from which the initial content access request is received, and transmits the secure token to the user device.”); 
	and randomly generating an identification code of a specified length and encrypting a combination of the recognition identifier and the access information to generate the recognition identifier for the client terminal (Vinukonda, Paragraph 0014 recites “The secure token can comprise an encrypted value generated from information, such as and without limitation the IP address received with the content access request alone or in combination with a short-lived expiration time. The secure token can be generated by encrypting the information using an encryption algorithm such as MD5. The secure token is provided to the user device (having the IP address) from which the content access request is received, in response to the received content access request. In one example, the secure token is transmitted with a content master playlist comprising information for retrieving any of a number of variant media playlist. In some embodiments, the response can include a URL comprising one or more secure token parameters. As another alternative, the secure token can be transmitted via a cookie (e.g., an HTTP session cookie) to the user device from which the content access request is received (e.g., in a case that cookies are supported by the user device and are not blocked).”).

	As per claim 4, Vinukonda discloses the method of claim 1, Vinukonda further discloses wherein generating the unique identifier based on the recognition identifier and the device fingerprint information includes: encrypting the combination of the recognition identifier and the device fingerprint information to obtain an encryption key of a specified length and making the encryption key of the specified length as the unique identifier for the client terminal (Vinukonda, Paragraph 0014 recites “After a determination is made to authorize access to the content (via geographic, user, etc. validation(s)), a secure token is generated and associated with the IP address used by the user device in making the content access request. The IP address associated with the content access request can be the IP address received with the content access request. The secure token can comprise an encrypted value generated from information, such as and without limitation the IP address received with the content access request alone or in combination with a short-lived expiration time. The secure token can be generated by encrypting the information using an encryption algorithm such as MD5. The secure token is provided to the user device (having the IP address) from which the content access request is received, in response to the received content access request. In one example, the secure token is transmitted with a content master playlist comprising information for retrieving any of a number of variant media playlist. In some embodiments, the response can include a URL comprising one or more secure token parameters. As another alternative, the secure token can be transmitted via a cookie (e.g., an HTTP session cookie) to the user device from which the content access request is received (e.g., in a case that cookies are supported by the user device and are not blocked).”)

	As per claim 5, Vinukonda discloses the method of claim 1, Vinukonda further discloses wherein sending the unique identifier to the client terminal includes: sending the unique identifier to the client terminal in the form of cookie data (Vinukonda, Paragraph 0014 recites “After a determination is made to authorize access to the content (via geographic, user, etc. validation(s)), a secure token is generated and associated with the IP address used by the user device in making the content access request. The IP address associated with the content access request can be the IP address received with the content access request. The secure token can comprise an encrypted value generated from information, such as and without limitation the IP address received with the content access request alone or in combination with a short-lived expiration time. The secure token can be generated by encrypting the information using an encryption algorithm such as MD5. The secure token is provided to the user device (having the IP address) from which the content access request is received, in response to the received content access request. In one example, the secure token is transmitted with a content master playlist comprising information for retrieving any of a number of variant media playlist. In some embodiments, the response can include a URL comprising one or more secure token parameters. As another alternative, the secure token can be transmitted via a cookie (e.g., an HTTP session cookie) to the user device from which the content access request is received (e.g., in a case that cookies are supported by the user device and are not blocked).”)

	As per claim 6, Vinukonda discloses the method of claim 1, Vinukonda further discloses, wherein recognizing whether the access behavior of the client terminal is abnormal includes: receiving again the access request sent by the client terminal and recognizing whether the access request includes the unique identifier; and if the access request does not include the unique identifier, determining that the access behavior of the client terminal is abnormal (Vinukonda, Paragraph 0009 recites “As discussed herein, a way to circumvent a geo-restriction is to obtain (e.g., via an unauthorized publication) the URL(s) corresponding to a content master playlist, a variant media playlist, and/or a media segment. Each user device that uses an unauthorized publication of a URL does so using a different IP address. Such unauthorized attempts to access content should be identified and blocked. Normal changes in IP address (for reasons such as discussed above) should be identified and authorized so that an authorized user can continue to experience content despite a change in IP address. However, since it is difficult, if not impossible, to determine whether a IP address change is associated with an unauthorized access request or is associated with an authorized access request, a typical approach is to deny access in response to any IP address change even in a case that it is associated with an authorized access request.”).

	As per claim 9, Vinukonda discloses the method of claim 6, Vinukonda further discloses if the access request sent by the client terminal includes the unique identifier, recognizing whether the access request includes a request source; counting the number of target access requests that do not include the request sources out of all the access requests sent by the client terminal in a specified time period; and if the counted number is greater than or equal to a specified threshold, determining that the access behavior of the client terminal is abnormal (Vinukonda, Paragraph 0056 recites “In accordance with one or more embodiments, a threshold number (e.g., 3) IP addresses are permitted per a given time interval (e.g., 30 seconds), where the time interval can be identified by the expiration information associated with the secure token. It should be apparent that any threshold number and time interval can be used with embodiments of the present disclosure. In accordance with at least one embodiment, the number of distinct user IP addresses that are allowed to simultaneously (within the time interval) access a content item per secure token is tracked and used to determine whether or not to permit access to the content.”).

	As per claim 10, Vinukonda discloses the method of claim 9, Vinukonda further discloses wherein recognizing whether the access request includes the request source includes: recognizing a content in referer field of the access request; if referer field is empty, determining that the access request does not include the request source; and if referer field includes an identifier of a webpage, determining that the webpage identified by the identifier of the webpage is the request source for the access request (Vinukonda, Paragraph 0017 recites “The disclosed systems and methods, if the IP address received with the content access request does not match the IP address received with the content download request, initialize a count (e.g., a mismatch counter) to an initial value (e.g., set to 1 to memorialize the first mismatch), if there is no previous mismatch; or, if there is a previous mismatch, increment an existing mismatch counter (e.g., by 1 to memorialize the current mismatch). A determination is made whether or not the number of mismatches (using the mismatch counter) exceeds a threshold number of mismatches. If the mismatch counter does not exceed the threshold number, the requested content (e.g., a variant media playlist, a section of content, etc.) is transmitted to the user device in response to the received content download request. If the number of mismatches exceeds the threshold number, the content download request is denied. In such a case, the user of the user device can make another content access request. The determination whether or not the mismatch counter exceeds the threshold number of mismatches is selectively performed based on the outcome of the IP-address matching determination.” Examiner Note: The term ‘referer’ appears to be a placeholder for determining some form of data.  In this instance the IP address.).

Regarding claims 11 and 15, claims 11 and 15 are directed to a server and another server associated with the method of claim 1. Claims 11 and 15 are of similar scope to claim 1, and are therefore rejected under similar rationale.

Regarding claims 12 and 16, claims 12 and 16 are directed to a server and another server associated with the method of claim 2. Claims 12 and 16 are of similar scope to claim 2, and are therefore rejected under similar rationale.

	As per claim 14, Vinukonda discloses the server of claim 11, Vinukonda further discloses wherein the access behavior recognition unit includes: an identifier recognition module configured to receive again the access request sent by the client terminal and to recognize whether the access request includes the unique identifier, wherein if the access request does not include the unique identifier, it is determined that the access behavior of the client terminal is abnormal (Vinukonda, Paragraph 0017 recites “he disclosed systems and methods, if the IP address received with the content access request does not match the IP address received with the content download request, initialize a count (e.g., a mismatch counter) to an initial value (e.g., set to 1 to memorialize the first mismatch), if there is no previous mismatch; or, if there is a previous mismatch, increment an existing mismatch counter (e.g., by 1 to memorialize the current mismatch). A determination is made whether or not the number of mismatches (using the mismatch counter) exceeds a threshold number of mismatches. If the mismatch counter does not exceed the threshold number, the requested content (e.g., a variant media playlist, a section of content, etc.) is transmitted to the user device in response to the received content download request. If the number of mismatches exceeds the threshold number, the content download request is denied. In such a case, the user of the user device can make another content access request. The determination whether or not the mismatch counter exceeds the threshold number of mismatches is selectively performed based on the outcome of the IP-address matching determination.”).

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to 

Claim 3, 13 and 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Vinukonda et al. (US 2018/0205742) in view of Sharma et al. (US 2015/0170149).

	As per claim 3, Vinukonda discloses the method of claim 1, but fails to teach wherein obtaining the device fingerprint information of the client terminal includes: when returning response information to the client terminal in response to the access request, sending a detection script to the client terminal at the same time; and after the detection script is executed at the client terminal, collecting the device fingerprint information of the client terminal.
	However, in an analogous art Sharma teaches wherein obtaining the device fingerprint information of the client terminal includes: when returning response information to the client terminal in response to the access request, sending a detection script to the client terminal at the same time; and after the detection script is executed at the client terminal, collecting the device fingerprint information of the client terminal (Sharma, Paragraph 0037 recites “In some implementations, the embedded code may include an application, a code snippet, a script, a widget, etc. that, when executed by user device 210 or processor server 240, causes user device 210 to determine location information (e.g., a GPS location, a cell location, latitude and longitude coordinates, etc.) and an identifier (e.g., a MDN, a MEID, a telephone number, an IP address, etc.) associated with user device 210.”).
	It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date to use Sharma’s financial authorization of an online transaction based on a location and an identifier of a user device with Viunkonda’s automatic token based secure content streaming method and apparatus because the use of having a script to determine a location, would help to ensure accurate location/identifier information.

Regarding claims 13 and 17, claims 13 and 17 are directed to a server and another server associated with the method of claim 3. Claims 13 and 17 are of similar scope to claim 3, and are therefore rejected under similar rationale.


Claims 7 and 8 is/are rejected under 35 U.S.C. 103 as being unpatentable over Vinukonda et al. (US 2018/0205742) in view of Mao et al. (US 2014/0283120).

	As per claim 7, Vinukonda discloses the method of claim 6, but fails to teach if the access request sent by the client terminal includes the unique identifier, measuring an access frequency of the access requests sent by the client terminal; and if the access frequency is greater than or equal to a specified frequency threshold, determining that the access behavior of the client terminal is abnormal.
(Mao, Paragraph 0064 recites “In step 506, the request can be granted or denied. In an aspect, a decision of granting the request can be based upon the access rights of the one or more users or devices. As an example, granting the request can be dependent upon a location of the one or more users, content type, access type, or time duration relating to content, or a combination thereof. As a further example, granting the request can comprise facilitating access to the content.”).
	It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date to use Mao’s Methods And Systems For Managing Data Assets with Viunkonda’s automatic token based secure content streaming method and apparatus because the use of having restrictions for content, would help ensure that content is used properly to prevent unauthorized accesses.


	As per claim 8, Vinukonda discloses the method of claim 6, but fails to teach if the access request sent by the client terminal includes the unique identifier, recognizing an access target indicated in the access request; and if the access target is a sensitive target, determining that the access behavior of the client terminal is abnormal.
	However, in an analogous art Mao teaches teach if the access request sent by the client terminal includes the unique identifier, recognizing an access target indicated (Mao, Paragraph 0064 recites “In step 506, the request can be granted or denied. In an aspect, a decision of granting the request can be based upon the access rights of the one or more users or devices. As an example, granting the request can be dependent upon a location of the one or more users, content type, access type, or time duration relating to content, or a combination thereof. As a further example, granting the request can comprise facilitating access to the content.”).
	It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date to use Mao’s Methods And Systems For Managing Data Assets with Viunkonda’s automatic token based secure content streaming method and apparatus because the use of having restrictions for content, would help ensure that content is used properly to prevent unauthorized accesses.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to RODERICK TOLENTINO whose telephone number is (571)272-2661. The examiner can normally be reached Mon- Fri 8am-4pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

RODERICK . TOLENTINO
Examiner
Art Unit 2439



/RODERICK TOLENTINO/Primary Examiner, Art Unit 2439