DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Summary
This action is a responsive to the application filed on 6/18/2021.
Claims 1-20 are pending and have been examined.
Claims 1-20 are rejected.

Information Disclosure Statement
The information disclosure statements (IDS)s submitted on 6/18/2021 and 7/22/2021.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Drawings
The drawings are objected to as failing to comply with 37 CFR 1.84(p)(5) because they include the following reference character(s) not mentioned in the description: 17', 262', 408 and 410a-n.  Corrected drawing sheets in compliance with 37 CFR 1.121(d), or amendment to the specification to add the reference character(s) in the description in compliance with 37 CFR 1.121(b) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the 

Claim Objections
Claim 9 is objected to because of the following informalities:  
Claim 9 – “configured to communicate o the second computing” should be “configured to communicate to the second computing”.
Appropriate correction is required.
	

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 4 and 11 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.

For the purpose of compact prosecution, these claims will be interpreted as the routing tokens being sent with the handshake data.
	

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For 

Claim 1, 3, 6-8, 10, 13-15, 17-18 and 20  is rejected on the ground of nonstatutory double patenting as being unpatentable over claim 1, 3 and 7-8 of  U.S. Patent No. US 11050566 B2 (reference application). 

17351888 Claim:
U.S. Patent No. US 11050566 B2 Claim:
1. A method comprising: receiving, by a first computing device, one or more tokens for establishing a secure connection between the first computing device and a second computing device via one or more third computing devices intermediary to the first computing device and the second computing device, each of the one or more tokens configured to be validated by a corresponding computing device of the one or more third computing devices; communicating, by the first computing device, the one or more tokens to the one or more third computing devices along a network path to the second computing device to cause each of the one or more third computing devices to validate the one or more tokens; and establishing between the first computing device and the second computing device a secure connection via the network path of the one or more third computing devices responsive to at least each of the one or more tokens being validated by each of the one or more third computing devices.
1. A method for establishing a secure connection, the method comprising:
receiving, by a server executing a service, a plurality of routing tokens for establishing a service connection between a service node and the server, along a network path through a plurality of network devices intermediary between the server and the service node, each of the routing tokens configured to be validated by a corresponding network device of the plurality of network devices; transmitting, by the server towards the service node, a first packet comprising the plurality of routing tokens to a first network device of the plurality of network devices, to cause the first network device to validate a first routing token of the plurality of routing tokens and to direct the first packet along the network path to a second network device of the plurality of network devices using the first routing token for the first network device; establishing a cryptographic context between the service node and the server, to establish a secure channel between the service node and the server along the network path; and
transmitting, from the server to the service node via the secure channel, a service node routing token to be validated by the service node.

3. The method of claim 1, further comprising: transmitting, from the server to the service node, handshake data for establishing the cryptographic context between the service node and the server.
6. The method of claim 1, where each of the one or more tokens is valid for one of a predetermined time or a single use.
7. The method of claim 1, wherein each of the plurality of routing tokens is valid for one-time use by a respective network device of the plurality of network devices.
7. The method of claim 1, further comprising communicating data over the secure connection between the first computing device and the second computing device via the one or more third computing devices without one of decryption or encryption by the one or more third computing devices.
8. The method of claim 1, further comprising: communicating, by the server, network traffic with the service node using the established cryptographic context, without decrypting or re-encrypting the network traffic at each of the plurality of network devices.	
8. A system comprising: a first computing device comprising one or more processors, coupled to memory and configured to: receive one or more tokens for establishing a secure connection between the first computing device and a second computing device via one or more third computing devices intermediary to the first computing device and the second computing device, each of the one or more tokens configured to be validated by a corresponding computing device of the one or more third computing devices; communicate the one or more tokens to the one or more third computing devices along a network path to the second computing device to cause the one or more third computing devices to validate the one or more tokens; and establish between the first computing device and the second computing device a secure connection via the network path of the one or more third computing devices responsive to at least each of the one or more tokens being validated by each of the one or more third computing devices.
1. A method for establishing a secure connection, the method comprising:
receiving, by a server executing a service, a plurality of routing tokens for establishing a service connection between a service node and the server, along a network path through a plurality of network devices intermediary between the server and the service node, each of the routing tokens configured to be validated by a corresponding network device of the plurality of network devices; transmitting, by the server towards the service node, a first packet comprising the plurality of routing tokens to a first network device of the plurality of network devices, to cause the first network device to validate a first routing token of the plurality of routing tokens and to direct the first packet along the network path to a second network device of the plurality of network devices using the first routing token for the first network device; establishing a cryptographic context between the service node and the server, to establish a secure channel between the service node and the server along the network path; and
transmitting, from the server to the service node via the secure channel, a service 

3. The method of claim 1, further comprising: transmitting, from the server to the service node, handshake data for establishing the cryptographic context between the service node and the server.
13. The system of claim 8, where each of the one or more tokens is valid for one of a predetermined time or a single use.
7. The method of claim 1, wherein each of the plurality of routing tokens is valid for one-time use by a respective network device of the plurality of network devices.
14. The system of claim 8, wherein the first computing device is further configured to communicate data over the secure connection between the first computing device and the second computing device via the one or more third computing devices without one of decryption or encryption by the one or more third computing devices.
8. The method of claim 1, further comprising: communicating, by the server, network traffic with the service node using the established cryptographic context, without decrypting or re-encrypting the network traffic at each of the plurality of network devices.
15. A system comprising: a server in communication with a controller via one or more networks, the server configured to: receive a plurality of tokens from the controller in response to a request by a client device to access a service on a remote computing device, wherein the plurality of tokens to be validated by a corresponding one of the remote computing device and one or more intermediary devices a network path between the server and the remote computing device to establish a secure connection for the client's access to the service provided by the remote computing device; and communicate the plurality of tokens to the one or more intermediary devices along the network path to the remote computing device to cause the one or intermediary devices and the remote computing device to validate each of their corresponding token of the plurality of tokens; and establish a secure connection between the server and the remote computing 

receiving, by a server executing a service, a plurality of routing tokens for establishing a service connection between a service node and the server, along a network path through a plurality of network devices intermediary between the server and the service node, each of the routing tokens configured to be validated by a corresponding network device of the plurality of network devices; transmitting, by the server towards the service node, a first packet comprising the plurality of routing tokens to a first network device of the plurality of network devices, to cause the first network device to validate a first routing token of the plurality of routing tokens and to direct the first packet along the network path to a second network device of the plurality of network devices using the first routing token for the first network device; establishing a cryptographic context between the service node and the server, to establish a secure 
transmitting, from the server to the service node via the secure channel, a service node routing token to be validated by the service node.

3. The method of claim 1, further comprising: transmitting, from the server to the service node, handshake data for establishing the cryptographic context between the service node and the server.
18. The system of claim 15, where each of the plurality of tokens is valid for one of a predetermined time or a single use.
7. The method of claim 1, wherein each of the plurality of routing tokens is valid for one-time use by a respective network device of the plurality of network devices.
20. The system of claim 15, wherein the server is further configured to communicate data over the secure connection between the server and the remote computing device via the one or more intermediary devices without one of decryption or encryption by the one or more intermediary devices.
8. The method of claim 1, further comprising: communicating, by the server, network traffic with the service node using the established cryptographic context, without decrypting or re-encrypting the network traffic at each of the plurality of network devices.
	


As seen in the mappings above, the U.S. Patent substantially discloses all of the limitations of the claims of present application. Therefore, claims 1, 3, 6-8, 10, 13-15, 17-18 and 20 are properly rejected under nonstatutory double patenting.
	

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of 
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 1-4, 8-11, 15 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Haddad et al. (US 20110179277 A1) and further in view of Muthuswamy et al. (US 20070133488 A1).

As to claim 1, Haddad et al. teaches each of the one or more tokens configured to be validated by a corresponding computing device of the one or more third computing devices (See ¶¶ [0018], [0022], Teaches that transmitting a first message in a first direction between the two endpoints along a path including nodes of the network, the path starting at a node directly connected to one of the two endpoints and ending at a node directly connected to another of the two endpoints and the path being chosen in some suitable way such as being established according to a suitable routing protocol, the first message carrying a specially selected piece of information called first special information or a hint token, the hint token being stored in each of the nodes along the path. Each of the nodes along the path is arranged to store the cryptographic information carried in the second message, either by extracting from the received second message or by obtaining it in some other way, the latter case being valid for the node which is directly connected to said another of the two endpoints and at which the transmission of the second message starts); 
and establishing between the first computing device and the second computing device a secure connection via the network path of the one or more third computing devices responsive to at least each of the one or more tokens being validated by each of the one or more third computing devices (See ¶¶ [0031], [0065] Teaches that then, the unit for preparing the first message is arranged to include in the first message position information indicating that the first message is to be transmitted to the first node along the path or that the first message comes directly from the access node that starts establishing the secure path. The method includes two “token-passing” phases between the two endpoints S and C, via the routers R0, R1, . . . Ri.). 
However, it does not expressly teach a method comprising: receiving, by a first computing device, one or more tokens for establishing a secure connection between the first computing device and a second computing device via one or more third computing devices intermediary to the first computing device and the second computing device; communicating, by the first computing device, the one or more tokens to the one or more third computing devices along a network path to the second computing device to cause each of the one or more third computing devices to validate the one or more tokens.
Muthuswamy et al., from analogous art, teaches a method comprising: receiving, by a first computing device, one or more tokens for establishing a secure connection between the first computing device and a second computing device via one or more third computing devices intermediary to the first computing device and the second computing device (See ¶¶ [0063], [0067], [0059], Teaches that at step 304, the token manager 340 can then transmit the authenticated tokens to the originating node 320A. In response to the neighbor reply message, at step 310, the originating node 320A can transmit the number information units to the neighbor node 320B and optionally the number of authenticated tokens. Alternatively, the originating node 320A can wait until it receives an acknowledgment (ACK) message from the destination node 330 at step 313 before transmitting the number of authenticated tokens. However, it should be appreciated that in FIGS. 3, 5 and 6, Neighbor Node B can represent either a single intermediate node between Node A (Source) and Node I (Destination) or a plurality of intermediate nodes in a given routing path between Node A (Source) and Node I (Destination)), 
communicating, by the first computing device, the one or more tokens to the one or more third computing devices along a network path to the second computing device to cause each of the one or more third computing devices to validate the one or more tokens (See ¶¶ [0064], Teaches that at step 306, the originating node 320A can transmit a request-to-route (RTR) message to its neighbor nodes which in this case are node B 320B. The RTR message can include a number of information units the originating node 320A wants to transmit and a number of authenticated tokens the originating node 320A is willing to pay the neighbor node 320B in exchange for routing the number of information units to the destination node 330).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Muthuswamy et al. into Haddad et al. to perform a routing function to assist other nodes in routing packets throughout an ad hoc network.
One of ordinary skill in the art would have been motivated because it allows one to perform a routing function to assist other nodes in routing packets throughout an ad hoc network (See Muthuswamy et al. ¶ [0009]).

As to claim 2, the combination of Haddad et al. and Muthuswamy et al. teaches the method according to claim 1 above. Haddad et al. further teaches further comprising communicating by the first computing device to the second computing device, a second token to be validated by the second computing device for establishing the secure connection (See ¶¶ [0031], [0065] and Figs. 3 and 4 Teaches that then, the unit for preparing the first message is arranged to include in the first message position information indicating that the first message is to be transmitted to the first node along the path or that the first message comes directly from the access node that starts establishing the secure path. The method includes two “token-passing” phases between the two endpoints S and C, via the routers R0, R1, . . . Ri.). 

As to claim 3, the combination of Haddad et al. and Muthuswamy et al. teaches the method according to claim 1 above. Haddad et al. further teaches further comprising communicating, by the first computing device to the second computing device, handshake data for establishing the secure connection (See ¶¶ [0013], [0016], [0072], Teaches that thus generally, in a method and a system for communicating information/data between two endpoints connected to a network a secure and confidential distribution of a special key is performed. This is allowed by performing a “path handshake” in order to make sure that only nodes on one particular path will receive the special key or information related thereto. In the “path handshake” procedure, a first message is forwarded in one direction along a path between two endpoints and a second message is thereafter forwarded in the opposite direction along the same path. This type of “path handshaking” is needed in order to make sure that packets requiring special treatment will always follow the same path within the infrastructure and to avoid an unnecessary disruption/confusion of a router or routers, which do not belong to the set of routers through which the PATH_INIT message has passed). 

As to claim 4, the combination of Haddad et al. and Muthuswamy et al. teaches the method according to claim 1 above. Haddad et al. further teaches wherein the one or more tokens comprises handshake data for establishing the secure connection (See ¶¶ [0016], [0065], Teaches that In the “path handshake” procedure, a first message is forwarded in one direction along a path between two endpoints and a second message is thereafter forwarded in the opposite direction along the same path. These messages carry special information that is used in the nodes along the path for checking purposes. Such special information can be stored in the nodes when receiving the first message and then, when receiving the second message, the special information therein can be matched against the stored special information. The method includes two “token-passing” phases between the two endpoints S and C, via the routers RO, R1,... Ri. In a first, “leftbound-phase”, herein called PATH_INIT, the second endpoint S initiates the propagation of a so-called hint token which generally is some appropriately selected first special information. In this embodiment, this hint token initially equals Kh, and each on-path router will hash it using the one-way hash function H, before passing it on to its left neighbour. That is, an inner router Rj, j=1, 2, ... , i-1, receives a hint token called X from its right neighbour Rj+1. This hint token x is Kh, hashed one or more times. The inner router Rj stores this hint token for later use, and passes on a hashed hint token y=H(x) to the left/preceding node Rj-1, along the path. By the properties of the hash function H, the inner router Rj-1, will know y, but not (yet) x. Eventually, a hint-token reaches the access router ARC (=R0) of the first endpoint C. This access router ARC, which is assumed to already know the header key Kh, checks that the header key Kh, hashed an appropriate number of times, gives or agrees with the received hint token. This process is simplified if the routers also maintain a hop-count, see the discussion below). 

As to claim 8, Haddad et al. teaches each of the one or more tokens configured to be validated by a corresponding computing device of the one or more third computing devices (See ¶¶ [0018], [0022], Teaches that transmitting a first message in a first direction between the two endpoints along a path including nodes of the network, the path starting at a node directly connected to one of the two endpoints and ending at a node directly connected to another of the two endpoints and the path being chosen in some suitable way such as being established according to a suitable routing protocol, the first message carrying a specially selected piece of information called first special information or a hint token, the hint token being stored in each of the nodes along the path. Each of the nodes along the path is arranged to store the cryptographic information carried in the second message, either by extracting from the received second message or by obtaining it in some other way, the latter case being valid for the node which is directly connected to said another of the two endpoints and at which the transmission of the second message starts); 
and establish between the first computing device and the second computing device a secure connection via the network path of the one or more third computing devices responsive to at least each of the one or more tokens being validated by each of the one or more third computing devices (See ¶¶ [0031], [0065] Teaches that then, the unit for preparing the first message is arranged to include in the first message position information indicating that the first message is to be transmitted to the first node along the path or that the first message comes directly from the access node that starts establishing the secure path. The method includes two “token-passing” phases between the two endpoints S and C, via the routers R0, R1, . . . Ri.). 
However, it does not expressly teach a system comprising: a first computing device comprising one or more processors, coupled to memory and configured to: receive one or more tokens for establishing a secure connection between the first computing device and a second computing device via one or more third computing devices intermediary to the first computing device and the second computing device; communicate the one or more tokens to the one or more third computing devices along a network path to the second computing device to cause the one or more third computing devices to validate the one or more tokens.
Muthuswamy et al., from analogous art, teaches a system comprising: a first computing device comprising one or more processors, coupled to memory and (See ¶¶ [0063], [0067], [0059], Teaches that at step 304, the token manager 340 can then transmit the authenticated tokens to the originating node 320A. In response to the neighbor reply message, at step 310, the originating node 320A can transmit the number information units to the neighbor node 320B and optionally the number of authenticated tokens. Alternatively, the originating node 320A can wait until it receives an acknowledgment (ACK) message from the destination node 330 at step 313 before transmitting the number of authenticated tokens. However, it should be appreciated that in FIGS. 3, 5 and 6, Neighbor Node B can represent either a single intermediate node between Node A (Source) and Node I (Destination) or a plurality of intermediate nodes in a given routing path between Node A (Source) and Node I (Destination)), 
communicate the one or more tokens to the one or more third computing devices along a network path to the second computing device to cause the one or more third computing devices to validate the one or more tokens (See ¶¶ [0064], Teaches that at step 306, the originating node 320A can transmit a request-to-route (RTR) message to its neighbor nodes which in this case are node B 320B. The RTR message can include a number of information units the originating node 320A wants to transmit and a number of authenticated tokens the originating node 320A is willing to pay the neighbor node 320B in exchange for routing the number of information units to the destination node 330).

One of ordinary skill in the art would have been motivated because it allows one to perform a routing function to assist other nodes in routing packets throughout an ad hoc network (See Muthuswamy et al. ¶ [0009]).

As to claim 9, the combination of Haddad et al. and Muthuswamy et al. teaches the system according to claim 8 above. Haddad et al. further wherein the first computing device is further configured to communicate o the second computing device a second token to be validated by the second computing device in order to establish the secure connection (See ¶¶ [0031], [0065] and Figs. 3 and 4 Teaches that then, the unit for preparing the first message is arranged to include in the first message position information indicating that the first message is to be transmitted to the first node along the path or that the first message comes directly from the access node that starts establishing the secure path. The method includes two “token-passing” phases between the two endpoints S and C, via the routers R0, R1, . . . Ri.). 

As to claim 10, the combination of Haddad et al. and Muthuswamy et al. teaches the system according to claim 8 above. Haddad et al. further teaches wherein the first computing device is further configured to communicate to the second computing device handshake data used to establish the secure connection (See ¶¶ [0013], [0016], [0072], Teaches that thus generally, in a method and a system for communicating information/data between two endpoints connected to a network a secure and confidential distribution of a special key is performed. This is allowed by performing a “path handshake” in order to make sure that only nodes on one particular path will receive the special key or information related thereto. In the “path handshake” procedure, a first message is forwarded in one direction along a path between two endpoints and a second message is thereafter forwarded in the opposite direction along the same path. This type of “path handshaking” is needed in order to make sure that packets requiring special treatment will always follow the same path within the infrastructure and to avoid an unnecessary disruption/confusion of a router or routers, which do not belong to the set of routers through which the PATH_INIT message has passed). 

As to claim 11, the combination of Haddad et al. and Muthuswamy et al. teaches the system according to claim 8 above. Haddad et al. further teaches wherein the one or more tokens comprises handshake data for establishing the secure connection (See ¶¶ [0016], [0065], Teaches that In the “path handshake” procedure, a first message is forwarded in one direction along a path between two endpoints and a second message is thereafter forwarded in the opposite direction along the same path. These messages carry special information that is used in the nodes along the path for checking purposes. Such special information can be stored in the nodes when receiving the first message and then, when receiving the second message, the special information therein can be matched against the stored special information. The method includes two “token-passing” phases between the two endpoints S and C, via the routers RO, R1,... Ri. In a first, “leftbound-phase”, herein called PATH_INIT, the second endpoint S initiates the propagation of a so-called hint token which generally is some appropriately selected first special information. In this embodiment, this hint token initially equals Kh, and each on-path router will hash it using the one-way hash function H, before passing it on to its left neighbour. That is, an inner router Rj, j=1, 2, ... , i-1, receives a hint token called X from its right neighbour Rj+1. This hint token x is Kh, hashed one or more times. The inner router Rj stores this hint token for later use, and passes on a hashed hint token y=H(x) to the left/preceding node Rj-1, along the path. By the properties of the hash function H, the inner router Rj-1, will know y, but not (yet) x. Eventually, a hint-token reaches the access router ARC (=R0) of the first endpoint C. This access router ARC, which is assumed to already know the header key Kh, checks that the header key Kh, hashed an appropriate number of times, gives or agrees with the received hint token. This process is simplified if the routers also maintain a hop-count, see the discussion below). 

As to claim 15, Haddad et al. teaches wherein the plurality of tokens to be validated by a corresponding one of the remote computing device and one or more intermediary devices a network path between the server and the remote computing device to establish a secure connection for the client's access to the service provided by the remote computing device (See ¶¶ [0018], [0022], [0031], [0065] Teaches that transmitting a first message in a first direction between the two endpoints along a path including nodes of the network, the path starting at a node directly connected to one of the two endpoints and ending at a node directly connected to another of the two endpoints and the path being chosen in some suitable way such as being established according to a suitable routing protocol, the first message carrying a specially selected piece of information called first special information or a hint token, the hint token being stored in each of the nodes along the path. Each of the nodes along the path is arranged to store the cryptographic information carried in the second message, either by extracting from the received second message or by obtaining it in some other way, the latter case being valid for the node which is directly connected to said another of the two endpoints and at which the transmission of the second message starts. The unit for preparing the first message is arranged to include in the first message position information indicating that the first message is to be transmitted to the first node along the path or that the first message comes directly from the access node that starts establishing the secure path. The method includes two “token-passing” phases between the two endpoints S and C, via the routers R0, R1, . . . Ri); 
and establish a secure connection between the server and the remote computing device via the network path of the one or more third computing devices responsive to at least each of the plurality of tokens being validated (See ¶¶ [0031], [0065] Teaches that then, the unit for preparing the first message is arranged to include in the first message position information indicating that the first message is to be transmitted to the first node along the path or that the first message comes directly from the access node that starts establishing the secure path. The method includes two “token-passing” phases between the two endpoints S and C, via the routers R0, R1, . . . Ri.). 
However, it does not expressly teach a system comprising: a server in communication with a controller via one or more networks, the server configured to: receive a plurality of tokens from the controller in response to a request by a client device to access a service on a remote computing device; and communicate the plurality of tokens to the one or more intermediary devices along the network path to the remote computing device to cause the one or intermediary devices and the remote computing device to validate each of their corresponding token of the plurality of tokens.
Muthuswamy et al., from analogous art, teaches system comprising: a server in communication with a controller via one or more networks, the server configured to: receive a plurality of tokens from the controller in response to a request by a client device to access a service on a remote computing device (See ¶¶ [0063], [0067], [0059], Teaches that at step 304, the token manager 340 can then transmit the authenticated tokens to the originating node 320A. In response to the neighbor reply message, at step 310, the originating node 320A can transmit the number information units to the neighbor node 320B and optionally the number of authenticated tokens. Alternatively, the originating node 320A can wait until it receives an acknowledgment (ACK) message from the destination node 330 at step 313 before transmitting the number of authenticated tokens. However, it should be appreciated that in FIGS. 3, 5 and 6, Neighbor Node B can represent either a single intermediate node between Node A (Source) and Node I (Destination) or a plurality of intermediate nodes in a given routing path between Node A (Source) and Node I (Destination)), 
and communicate the plurality of tokens to the one or more intermediary devices along the network path to the remote computing device to cause the one or intermediary devices and the remote computing device to validate each of their corresponding token of the plurality of tokens (See ¶¶ [0064], Teaches that at step 306, the originating node 320A can transmit a request-to-route (RTR) message to its neighbor nodes which in this case are node B 320B. The RTR message can include a number of information units the originating node 320A wants to transmit and a number of authenticated tokens the originating node 320A is willing to pay the neighbor node 320B in exchange for routing the number of information units to the destination node 330).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Muthuswamy et al. into Haddad et al. to perform a routing function to assist other nodes in routing packets throughout an ad hoc network.
One of ordinary skill in the art would have been motivated because it allows one to perform a routing function to assist other nodes in routing packets throughout an ad hoc network (See Muthuswamy et al. ¶ [0009]).

As to claim 17, the combination of Haddad et al. and Muthuswamy et al. teaches the system according to claim 15 above. Haddad et al. further teaches wherein the server is further configured to initiate negotiation of a cryptographic content with a next (See ¶¶ [0018], [0022], [0031], [0065] Teaches that transmitting a first message in a first direction between the two endpoints along a path including nodes of the network, the path starting at a node directly connected to one of the two endpoints and ending at a node directly connected to another of the two endpoints and the path being chosen in some suitable way such as being established according to a suitable routing protocol, the first message carrying a specially selected piece of information called first special information or a hint token, the hint token being stored in each of the nodes along the path. Each of the nodes along the path is arranged to store the cryptographic information carried in the second message, either by extracting from the received second message or by obtaining it in some other way, the latter case being valid for the node which is directly connected to said another of the two endpoints and at which the transmission of the second message starts. The unit for preparing the first message is arranged to include in the first message position information indicating that the first message is to be transmitted to the first node along the path or that the first message comes directly from the access node that starts establishing the secure path. The method includes two “token-passing” phases between the two endpoints S and C, via the routers R0, R1, . . . Ri).


Claims 5-6, 12-13, 16 and 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Haddad et al. (US 20110179277 A1) and Muthuswamy et al. (US 20070133488 A1) and further in view of Fiedler (US 20180255036 A1).

As to claim 5, the combination of Haddad et al. and Muthuswamy et al. teaches the method according to claim 1 above. However, it does not expressly teach further comprising communicating, by the first computing device, the one or more tokens via a packet transmitted to the one or more third computing devices.
Fiedler, from analogous art, teaches further comprising communicating, by the first computing device, the one or more tokens via a packet transmitted to the one or more third computing devices (See ¶¶ [0049], [0073] Teaches that Packets sent over the network in embodiments of the inventive subject matter are prefixed with one byte identifying the type of packet. There are four packet types: 0, 1, 2, and 3. Packet type 0 indicates a request packet. Packet type 0 has the form [0][flow token 0, flow token 1, . . . , flow token n-1] and corresponds to the flow route data structure prefixed by a zero byte. Packet type 1 indicates a response packet. Packet type 2 indicates a payload packet that passes from client to server. Packet type 3 indicates a payload packet that passes from server to client. Packet sequence numbers only apply to response packets and payload packets. Packet types 1 has the form: [1][packet sequence][Flow ID][flow version][hmac], while packet types 2 and 3 have the form: [1,2 or 3][packet sequence][Flow ID][flow version][hmac](payload data). FIG. 5A shows an embodiment of a flow route. Within each flow route are a series of flow tokens, each flow token corresponding to a particular node. Node 0 always corresponds to the client, and the last node (e.g., node n-1) always corresponds to the dedicated server. All nodes in between (e.g., nodes 1 through n-2) correspond to relays, and are ordered in a sequence indicating a desired flow route.).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Fiedler into the combination of Haddad et al. and Muthuswamy et al. to connect clients with dedicated servers that does not expose the IP address of the server and provides some degree of control over the route taken by packets between the client and server.
One of ordinary skill in the art would have been motivated because it allows one to connect clients with dedicated servers that does not expose the IP address of the server and provides some degree of control over the route taken by packets between the client and server (See Fiedler ¶ [0011]).

As to claim 6, the combination of Haddad et al. and Muthuswamy et al. teaches the method according to claim 1 above. However, it does not expressly teach where each of the one or more tokens is valid for one of a predetermined time or a single use.
Fiedler, from analogous art, teaches where each of the one or more tokens is valid for one of a predetermined time or a single use (See ¶ [0073], Teaches that FIG. 5B shows an embodiment of a flow token, which includes: Flow ID, Flow version, expiration timestamp, previous node IP address+port, next node IP address+port, and a flow private key. In some embodiments, the previous node IP+address+port in the flow token, may be substituted with a “none” entry, indicating that the relay corresponding to that token should use the address that the request packet was sent from as the previous IP address+port for that flow entry).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Fiedler into the combination of Haddad et al. and Muthuswamy et al. to connect clients with dedicated servers that does not expose the IP address of the server and provides some degree of control over the route taken by packets between the client and server.
One of ordinary skill in the art would have been motivated because it allows one to connect clients with dedicated servers that does not expose the IP address of the server and provides some degree of control over the route taken by packets between the client and server (See Fiedler ¶ [0011]).

As to claim 12, the combination of Haddad et al. and Muthuswamy et al. teaches the system according to claim 8 above. However, it does not expressly teach wherein the first computing device is further configured to communicate the one or more tokens via a packet transmitted to the one or more third computing devices.
Fiedler, from analogous art, teaches wherein the first computing device is further configured to communicate the one or more tokens via a packet transmitted to the one or more third computing devices (See ¶¶ [0049], [0073], Teaches that Packets sent over the network in embodiments of the inventive subject matter are prefixed with one byte identifying the type of packet. There are four packet types: 0, 1, 2, and 3. Packet type 0 indicates a request packet. Packet type 0 has the form [0][flow token 0, flow token 1, . . . , flow token n-1] and corresponds to the flow route data structure prefixed by a zero byte. Packet type 1 indicates a response packet. Packet type 2 indicates a payload packet that passes from client to server. Packet type 3 indicates a payload packet that passes from server to client. Packet sequence numbers only apply to response packets and payload packets. Packet types 1 has the form: [1][packet sequence][Flow ID][flow version][hmac], while packet types 2 and 3 have the form: [1,2 or 3][packet sequence][Flow ID][flow version][hmac](payload data). FIG. 5A shows an embodiment of a flow route. Within each flow route are a series of flow tokens, each flow token corresponding to a particular node. Node 0 always corresponds to the client, and the last node (e.g., node n-1) always corresponds to the dedicated server. All nodes in between (e.g., nodes 1 through n-2) correspond to relays, and are ordered in a sequence indicating a desired flow route.).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Fiedler into the combination of Haddad et al. and Muthuswamy et al. to connect clients with dedicated servers that does not expose the IP address of the server and provides some degree of control over the route taken by packets between the client and server.
One of ordinary skill in the art would have been motivated because it allows one to connect clients with dedicated servers that does not expose the IP address of the server and provides some degree of control over the route taken by packets between the client and server (See Fiedler ¶ [0011]).

As to claim 13, the combination of Haddad et al. and Muthuswamy et al. teaches the system according to claim 8 above. However, it does not expressly teach where each of the one or more tokens is valid for one of a predetermined time or a single use.
Fiedler, from analogous art, teaches where each of the one or more tokens is valid for one of a predetermined time or a single use (See ¶ [0073], Teaches that FIG. 5B shows an embodiment of a flow token, which includes: Flow ID, Flow version, expiration timestamp, previous node IP address+port, next node IP address+port, and a flow private key. In some embodiments, the previous node IP+address+port in the flow token, may be substituted with a “none” entry, indicating that the relay corresponding to that token should use the address that the request packet was sent from as the previous IP address+port for that flow entry).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Fiedler into the combination of Haddad et al. and Muthuswamy et al. to connect clients with dedicated servers that does not expose the IP address of the server and provides some degree of control over the route taken by packets between the client and server.
One of ordinary skill in the art would have been motivated because it allows one to connect clients with dedicated servers that does not expose the IP address of the server and provides some degree of control over the route taken by packets between the client and server (See Fiedler ¶ [0011]).

As to claim 16, the combination of Haddad et al. and Muthuswamy et al. teaches the system according to claim 15 above. However, it does not expressly teach wherein 
Fiedler, from analogous art, teaches wherein the controller is deployed on one or more networks external to one of the client device or the server (See ¶¶ [0041], [0043], Teaches that FIGS. 1 and 2 show several background polling operations. Periodically (e.g., at regular or irregular intervals), the dedicated servers (e.g., a dedicated game server that is headless version of the game running in a data center such as a private cloud (e.g., a data center, or “bare metal”), or a public cloud such as Google Compute, Amazon EC2, or Microsoft Azure) report their IP addresses, ports, and public keys to the matchmaker. This could be for example, servers running the same game mode the client requested or servers in the same region as the client 103, with a the same game version number and a set of players of similar skill to the client player, or any other criteria.).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Fiedler into the combination of Haddad et al. and Muthuswamy et al. to connect clients with dedicated servers that does not expose the IP address of the server and provides some degree of control over the route taken by packets between the client and server.
One of ordinary skill in the art would have been motivated because it allows one to connect clients with dedicated servers that does not expose the IP address of the server and provides some degree of control over the route taken by packets between the client and server (See Fiedler ¶ [0011]).

As to claim 18, the combination of Haddad et al. and Muthuswamy et al. teaches the system according to claim 15 above. However, it does not expressly teach where each of the plurality of tokens is valid for one of a predetermined time or a single use.
Fiedler  from analogous art, teaches where each of the plurality of tokens is valid for one of a predetermined time or a single use (See ¶ [0073], Teaches that FIG. 5B shows an embodiment of a flow token, which includes: Flow ID, Flow version, expiration timestamp, previous node IP address+port, next node IP address+port, and a flow private key. In some embodiments, the previous node IP+address+port in the flow token, may be substituted with a “none” entry, indicating that the relay corresponding to that token should use the address that the request packet was sent from as the previous IP address+port for that flow entry).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Fiedler into the combination of Haddad et al. and Muthuswamy et al. to connect clients with dedicated servers that does not expose the IP address of the server and provides some degree of control over the route taken by packets between the client and server.
One of ordinary skill in the art would have been motivated because it allows one to connect clients with dedicated servers that does not expose the IP address of the server and provides some degree of control over the route taken by packets between the client and server (See Fiedler ¶ [0011]).

As to claim 19, the combination of Haddad et al. and Muthuswamy et al. teaches the system according to claim 15 above. However, it does not expressly teach wherein 
Fiedler, from analogous art, teaches wherein the server is further configured to establish a connection with the client responsive to the request (See ¶ [0066] and Fig. 3, Teaches that FIG. 3 shows the first steps in establishing a flow route. In the context of a game, for example, the matchmaker 101 is a server owned by a game company that keeps track of all of the dedicated servers s1 s2 . . . sj that are operating to host the game. The client's request to the matchmaker includes a set of parameters (e.g., game type, number of players, game map, etc.) along with the client's public key, as shown in 301.).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Fiedler into the combination of Haddad et al. and Muthuswamy et al. to connect clients with dedicated servers that does not expose the IP address of the server and provides some degree of control over the route taken by packets between the client and server.
One of ordinary skill in the art would have been motivated because it allows one to connect clients with dedicated servers that does not expose the IP address of the server and provides some degree of control over the route taken by packets between the client and server (See Fiedler ¶ [0011]).



Claims 7, 14 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Haddad et al. (US 20110179277 A1) and Muthuswamy et al. (US 20070133488 A1) and further in view of Ben-Itzhak et al. (US 20140040610 A1).

As to claim 7, the combination of Haddad et al. and Muthuswamy et al. teaches the method according to claim 1 above. However, it does not expressly teach further comprising communicating data over the secure connection between the first computing device and the second computing device via the one or more third computing devices without one of decryption or encryption by the one or more third computing devices.
Ben-Itzhak et al., from analogous art, teaches further comprising communicating data over the secure connection between the first computing device and the second computing device via the one or more third computing devices without one of decryption or encryption by the one or more third computing devices (See ¶ [0032], Teaches that at step 1150 security gateway A creates an SSL certificate using the attributes of the server certificate. Finally, at step 1155 security gateway A and the client perform an SSL handshake to authenticate the certificate created by security gateway A. Upon success of the handshake, an SSL connection is established between security gateway A and the client. At this stage, subsequent requests from the client to the server may be communicated over the established connections. Ben-Itzhak et al. does not teach re-encrypting the network traffic).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Ben-Itzhak et al. into the combination of Haddad et al. and Muthuswamy et al. to provide a more efficient 
One of ordinary skill in the art would have been motivated because it allows one to provide a more efficient way to network a security gateway computer with one or more third party gateway computers, when the one or more third party gateway computers do not need to inspect data content (See Ben-Itzhak et al. ¶ [0006]).

As to claim 14, the combination of Haddad et al. and Muthuswamy et al. teaches the system according to claim 8 above. However, it does not expressly teach wherein the first computing device is further configured to communicate data over the secure connection between the first computing device and the second computing device via the one or more third computing devices without one of decryption or encryption by the one or more third computing devices.
Ben-Itzhak et al., from analogous art, teaches wherein the first computing device is further configured to communicate data over the secure connection between the first computing device and the second computing device via the one or more third computing devices without one of decryption or encryption by the one or more third computing devices (See ¶ [0032], Teaches that at step 1150 security gateway A creates an SSL certificate using the attributes of the server certificate. Finally, at step 1155 security gateway A and the client perform an SSL handshake to authenticate the certificate created by security gateway A. Upon success of the handshake, an SSL connection is established between security gateway A and the client. At this stage, subsequent requests from the client to the server may be communicated over the established connections. Ben-Itzhak et al. does not teach re-encrypting the network traffic).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Ben-Itzhak et al. into the combination of Haddad et al. and Muthuswamy et al. to provide a more efficient way to network a security gateway computer with one or more third party gateway computers, when the one or more third party gateway computers do not need to inspect data content.
One of ordinary skill in the art would have been motivated because it allows one to provide a more efficient way to network a security gateway computer with one or more third party gateway computers, when the one or more third party gateway computers do not need to inspect data content (See Ben-Itzhak et al. ¶ [0006]).

As to claim 20, the combination of Haddad et al. and Muthuswamy et al. teaches the system according to claim 15 above. However, it does not expressly teach wherein the server is further configured to communicate data over the secure connection between the server and the remote computing device via the one or more intermediary devices without one of decryption or encryption by the one or more intermediary devices.
Ben-Itzhak et al., from analogous art, teaches wherein the server is further configured to communicate data over the secure connection between the server and the remote computing device via the one or more intermediary devices without one of (See ¶ [0032], Teaches that at step 1150 security gateway A creates an SSL certificate using the attributes of the server certificate. Finally, at step 1155 security gateway A and the client perform an SSL handshake to authenticate the certificate created by security gateway A. Upon success of the handshake, an SSL connection is established between security gateway A and the client. At this stage, subsequent requests from the client to the server may be communicated over the established connections. Ben-Itzhak et al. does not teach re-encrypting the network traffic).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Ben-Itzhak et al. into the combination of Haddad et al. and Muthuswamy et al. to provide a more efficient way to network a security gateway computer with one or more third party gateway computers, when the one or more third party gateway computers do not need to inspect data content.
One of ordinary skill in the art would have been motivated because it allows one to provide a more efficient way to network a security gateway computer with one or more third party gateway computers, when the one or more third party gateway computers do not need to inspect data content (See Ben-Itzhak et al. ¶ [0006]).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Burch et al. (US 20110296486 A1) teaches Apparatus, systems, and methods may operate to authenticate a desktop client to an identity service (IS), to receive a request, from an application, at the IS via the desktop client for a virtual service internet protocol (IP) address associated with a service. The IS may operate to build a routing token that includes an original physical IP address associated with the service when a policy associated with the IS permits access to the service by a user identity associated with the desktop client. After the routing token is validated, the application may be connected to the service via the desktop client. The application may comprise an e-mail application or a remote control application, such as a virtual network computing (VNC) application. Additional apparatus, systems, and methods are disclosed.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to James R Hollister whose telephone number is (571)270-3152. The examiner can normally be reached Mon - Fri 7:30 am - 4:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Umar Cheema can be reached on (571) 270-3037. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is 





James Hollister
/J.R.H./Examiner, Art Unit 2454                                                                                                                                                                                                        2/12/2022


/UMAR CHEEMA/Supervisory Patent Examiner, Art Unit 2454