DETAILED ACTION
This communication is responsive to the application # 16/391,944 filed on April 23, 2019. Claims 1-20 are pending and are directed toward CYBERSECURITY GUARD FOR CORE NETWORK ELEMENTS.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.


 Claims 1-20 are rejected under 35 U.S.C. 102(a)(1) as being unpatentable over Roth et al. (US 2013/0085880, Pub. Date: Apr. 4, 2013), hereinafter referred to as Roth.
As per claim 1, Roth teaches a method comprising: obtaining, by a second core network element, a control plane request from a first core network element (For example as seen in FIG. 5, a user may request a control plane to enable secure communications on a computing resource. The control plane may receive 502 the request from the user. Roth, [0029]);
For example, the control plane may receive the request to set up secure communications for the guest operating system. The control plane may create a public/private key pair on behalf of the guest operating system. Roth, [0031]), pausing processing of the control plane request on the second core network element (In some embodiments, this process may run without further user intervention from the click of the button 616. In other embodiments, the user may be allowed to intervene, such as import digital certificate and/ or key pair information rather than having it generated for the user. Roth, [0031]); and
activating a security agent of the second core network element to generate a query for a security verification (Using identifying information about the guest operating system and the public key, the control plane request a digital certificate be issued to the guest operating system. Roth, [0031]);
sending the query for the security verification to a security verification device (The control plane may then deliver the secure communication setup information, such as digital certificate, keys and other secure information to the hypervisor through a trusted network. The hypervisor may store the secure setup information for use in preparing secure communications on behalf of the guest operating system. Roth, [0031]); and
responsive to sending the query, receiving an alert message from the security verification device that indicates validation status of the first core network element (Once complete, the hypervisor may notify the control plane that the setup is complete. The control plane may then notify the user that the setup is complete and the secure communication may be enabled. Roth, [0031]).
claim 2, Roth teaches the method of claim 1, wherein the security verification device includes a repository of cryptographically generated numbers, wherein the repository includes a predetermined cryptographically generated number for the first core network element (The control plane may then deliver the secure communication setup information, such as digital certificate, keys and other secure information to the hypervisor through a trusted network. The hypervisor may store the secure setup information for use in preparing secure communications on behalf of the guest operating system. Roth, [0031]).
As per claim 3, Roth teaches the method of claim 1, wherein the security verification device determines the validation status of the first core network element based on comparing a cryptographic number of the query to a predetermined cryptographically generated number for the second core network element (The control plane may then notify the user that the setup is complete and the secure communication may be enabled. Roth, [0031]).
As per claim 4, Roth teaches the method of claim 1, wherein pausing processing and activating the security agent is further based on a quality service level of a service associated with the control plane request (A service provider 712 may enable secure communications through enabling a support system to intercept and secure communications to and from a guest system 706, 728. Roth, [0032]).
As per claim 5, Roth teaches the method of claim 1, wherein the alert message further indicates the validation status of the second core network element (Upon receiving the credentials 710, the server 704 may send the credentials to a support system responsible for the secure communications of the guest system 706. In one embodiment, the support system may be a network device, such as a network attached security component 718. Roth, [0033]).
claim 6, Roth teaches the method of claim 1, further comprising based on the alert message indicating that the first core network element is valid (A credential generator 708 may generate and set up credentials 710. This credential generation may include contacting a certificate authority to obtain a valid digital certificate. Roth, [0032]), instructing the second core network element to resume processing of the control plane request (The control plane may then notify the user that the setup is complete and the secure communication may be enabled. Roth, [0031]).
As per claim 7, Roth teaches the method of claim 1, further comprising based on the alert message indicating that the first core network element is not valid, instructing the second core network element to reject further processing of the control plane request (If the message is determined 304 not to be a secure message and determined 306 not to be a secure communication control message, the message may be treated 324 as an insecure message. Depending on the user settings, insecure messages may or may not be allowed. In some embodiments all insecure messages may be rejected. Roth, [0025]).
As per claim 8, Roth teaches the method of claim 1, wherein the security agent is a virtual machine (Roth, FIG. 2 – FIG. 5).
Claims 9-20 have limitations similar to those treated in the above rejection, and are met by the references as discussed above, and are rejected for the same reasons of anticipation as used above.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-
Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 11,172,358. Although the claims at issue are not identical, they are not patentably distinct from each other because all elements of claims 21-40 of the instant application correspond to elements of claims 1-20 of the U.S. Patent No. 11,172,358. The above claims of the present application would have been obvious over claims of U.S. Patent No. 11,172,358 because each element of the claims of the present application is anticipated by the claims of U.S. Patent No. 11,172,358 and as such are unpatentable for obviousness-type double patenting (In re Goodman (CAFC) 29 USPQ2D 2010 (12/3/1993)).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to OLEG KORSAK whose telephone number is (571)270-1938.  The examiner can normally be reached on Monday-Friday 7:30am - 5:00pm EST.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571)272-4006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private 

/OLEG KORSAK/
Primary Examiner, Art Unit 2492