DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
This office action is in reply to Applicant’s Response dated 10/08/2021. No claim is amended. Claims 1-18 remain pending in the application.  
	
Response to Arguments
The Applicant argues (see pages 6-8), with respect to the rejection under 35 U.S.C. 112(b), that the claimed limitation of "data flow framework deployment identification subsystem" is well described in paragraphs [0019] and [0021]. The Applicant further argues that the claimed limitation of "bridge wire implementation subsystem" is also well defined in the written description. Specifically, in paragraphs [0019], [0021] and [0022] and that the bridge wire implementation subsystem identifies the secured transmission control protocol connection established between the one or more runtimes, wherein the one or more runtimes are equipped with compute nodes. The Applicant argues that the claimed limitations "data flow framework failure detection subsystem" and "resiliency attaining subsystem" are also defined in the written description, specifically, in paragraph [0023].

It appears that the Applicant argues that the “node” is the corresponding structure for the term "data flow framework deployment identification subsystem" and “runtime” or “compute node” is the corresponding structure for the term "bridge wire implementation subsystem", "data flow framework failure detection subsystem" and "resiliency attaining subsystem". 
However, since a node, as used in this application, is defined in the specification as “a processing block in flow-based programming”, there is no known corresponding structure for the term “node”. This is because there is no known structure corresponding to “a processing block”, which is defined to be a “node”. Similarly, since “runtime” is defined to be a compute node or compute “processing block”, there is no known 
In response to the Applicant’s argument (see pages 8-9) that as described in paragraph [0015] of the written description of the Applicant's published application as well as common general knowledge, the "subsystem" are hardware/ software processing systems, the Examiner respectfully submits that nowhere in paragraph 0015 describes “subsystems” as hardware/software. The term “hardware” is completely absent from the Applicant’s disclosure. 

The Applicant argues (see page 10), that the hypothetical combination of the Eykholt and Helbing does not disclose, teach or reasonably suggest that: "a data flow framework deployment identification subsystem configured to identify one or more nodes, one or more interconnecting wires and one or more runtimes deployed in the distributed dataflow based framework".
In response to the Applicant’s argument, the Examiner respectfully disagrees. Eykholt teaches an incoming untrusted network packet may be received by a firewall at block 205. At block 210, the firewall performs a flow table lookup to compare the untrusted network packet to entries in the flow table. The network packet will include a protocol, a source IP address, a destination IP address, a source port and a destination port. The firewall determines whether there is an entry in the flow table 215 that 
Thus, Eykholt teaches "a data flow framework deployment identification subsystem configured to identify one or more nodes (source IP/destination IP), one or more interconnecting wires (network packets/messages) and one or more runtimes (firewall) deployed in the distributed dataflow based framework". (Eykholt, see fig. 2; see abstract; see col. 5, lines 29-43; see col. 5, lines 44-61)

The Applicant argues (see page 10) that Eykholt and Helbing does not disclose “establish a publisher on a message originating runtime and a subscriber on a message receiving runtime based on an identification of the secured transmission control protocol connection established between each of the one or more runtimes".

Thus, Eykholt teaches "establish a publisher (transmitter) on a message originating runtime (transmitting client device) and a subscriber (receiver) on a message receiving runtime (receiving client device) based on an identification of the secured transmission control protocol connection (TCP protocol) established between each of the one or more runtimes (multiple firewalls and client devices)" (Eykholt, see figs. 1A and 2; see abstract; see col. 5, lines 17-43; see col. 5, lines 44-61; see figs. 6A and 6B; see col. 14, lines 34-46).

The Applicant argues (see page 10) that Eykholt and Helbing does not disclose "a data flow framework failure detection subsystem operatively coupled to the bridge wire implementation subsystem, wherein the data flow framework failure detection subsystem is configured to detect loss of connectivity of the at least one network and 
In response, the Examiner respectfully disagrees. As the Applicant stated on page 14 of the Remarks, Eykholt discloses sending keepalive message along with a probe message to detect that the device has not lost network connection. Eykholt also discloses that based on the receipt of the response message to a TCP request message the processing logic determines whether there is network connectivity or not.
Eykholt further teaches If the timeout period has not been determined to a desired level of accuracy (or cannot be determined based on present data), the method returns to block 610. Note that if the firewall timeout period cannot be determined, then it is an operational failure (Eykholt, see figs. 6A and 6B; see col. 11, lines 52 – 67; see col. 14, lines 39-53; see col. 13, lines 37-55).
Thus, Eykholt teaches a data flow framework failure detection subsystem (system to detect lost network connectivity and timeout period) operatively coupled to the bridge wire implementation subsystem (system of nodes and firewalls), wherein the data flow framework failure detection subsystem is configured to detect loss of connectivity of the at least one network (no network connectivity) and operational failure of the one or more nodes (client device lost connectivity) and the one or more runtimes (cannot determine timeout period of firewalls) deployed in the distributed dataflow-based framework (deployed in the UDP/TCP flow network) based on implementation of the one or more bridge wires (keepavile/probe/response messages) (Eykholt, see figs. 6A and 6B; see col. 11, lines 52 – 67; see col. 14, lines 39-53; see col. 13, lines 37-55).

The Applicant argues (see page 14-15) that although Helbing is related to techniques for dynamic network resiliency by monitoring and controlling the configuration of one or more network components. However, it is not applicable in distributed dataflow framework. Therefore, both the inventions are directed to two very different inventive concepts.  the cited references cannot be combined as the working principles of each of the references is different from each other.
In response to applicant's argument that Helbing is nonanalogous art, it has been held that a prior art reference must either be in the field of applicant’s endeavor or, if not, then be reasonably pertinent to the particular problem with which the applicant was concerned, in order to be relied upon as a basis for rejection of the claimed invention.  See In re Oetiker, 977 F.2d 1443, 24 USPQ2d 1443 (Fed. Cir. 1992).  In this case, as the Applicant stated on page 14 of the Remarks, Helbing is related to techniques for dynamic network resiliency by monitoring and controlling the configuration of one or more network component. Claim 1 of the Applicant’s application requires “a resiliency attaining subsystem operatively coupled to the data flow framework failure detection subsystem, wherein the resiliency attaining subsystem is configured to attain a predefined level of resiliency”.  Clearly, network resiliency is a problem in which the Applicant was concerned. Thus, Helbing is pertinent to the particular problem with which the applicant was concerned.


The Applicant argues (see page 15) that Helbing merely discloses that a resiliency agent based on the spikes in traffic and/or logged system errors force appropriate instances or autoscaling in the network. However, this cannot be equated to a subsystem attaining a predefined level of resiliency of the distributed dataflow based framework over the one or more bridge wires in at least one condition based on the loss of connectivity of the at least one network and operational failure of the one or more nodes detected. As the subsystem not only checks a loss of connectivity in the network but also operational failures and then upon detection achieved the predefined resiliency level. 
Helbing teaches that resiliency agent 102 may detect up/down spikes in traffic and logged system errors specific to one or more of system 440 and cloud-based APIs and dynamically force either regional activation or failover-based on pre-configuration of the API to work in other regions---and trigger appropriate instances and autoscaling to support the failover and that resiliency agent 102 may allow these interdependent network components to be visualized at any level of their network infrastructure and/or reconnected when broken. Helbing also teaches that the inclusion of user-initiated 
Thus, Helbing teaches “a subsystem attaining a predefined level of resiliency (pre-configuration of API) of the distributed dataflow based framework over the one or more bridge wires (traffic) in at least one condition (spikes in traffic/errors) based on the loss of connectivity (reconnect when broken/ outage or failure of any network component) of the at least one network and operational failure (errors specific to one or more system) of the one or more nodes detected” (Helbing, see col. 11, lines 37-65; see col. 11, lines 22-36; see col. 10, lines 35-67).

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitations are: “data flow framework deployment identification subsystem”, “bridge wire implementation subsystem”, “data flow framework failure detection subsystem” and “resiliency attaining subsystem” in claim 1.
Because these claim limitations are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof. However, a review of the specification fails to show or describe the corresponding structures for these claim limitations.


Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-17 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. Claim limitations “data flow framework deployment identification subsystem”, “bridge wire implementation subsystem”, “data flow framework failure detection subsystem” and “resiliency attaining subsystem” in claim 1 invoke 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link  fail to remedy the deficiencies of claim 1 and are likewise rejected.
	Applicant may:
(a)        Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph; 
(b)        Amend the written description of the specification such that it expressly recites what structure, material, or acts perform the entire claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 
(c)        Amend the written description of the specification such that it clearly links the structure, material, or acts disclosed therein to the function recited in the claim, without introducing any new matter (35 U.S.C. 132(a)).
If applicant is of the opinion that the written description of the specification already implicitly or inherently discloses the corresponding structure, material, or acts and clearly links them to the function so that one of ordinary skill in the art would recognize what structure, material, or acts perform the claimed function, applicant should clarify the record by either: 
(a)        Amending the written description of the specification such that it expressly recites the corresponding structure, material, or acts for performing the claimed function and clearly links or associates the structure, material, or acts to the claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1-10 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Eykholt et al. (U.S. Patent No. 9661083) in view of Helbing et al. (U.S. Patent No. 10587457).

Regarding claims 1 and 18, Eykholt teaches A system for resiliency of distributed data flow-based framework for reconnecting peer-to-peer communicating runtimes comprising: data flow framework deployment identification subsystem configured to identify one or more nodes, one or more interconnecting wires and one or more runtimes deployed in the distributed dataflow-based framework; (Eykholt, see fig. 2 source IP, dest. IP (identification of nodes); see abstract; see col. 5, lines 29-61 where include a protocol, a source IP address, a destination IP address, a source port and a destination port. The firewall determines whether there is an entry in the flow table 215 that matches the protocol, source IP address, destination IP address, source port and destination port of the network packet. If at block 220 a matching flow is found in the flow table, the firewall forwards the network packet to the protected network at block..., which indicates interconnection between source node and destination node)
a bridge wire implementation subsystem operatively coupled to the data flow framework deployment identification subsystem, wherein the bridge wire implementation subsystem is configured to: (Eykholt, see fig. 2 source IP, dest. IP (identification of nodes); see col. 5, lines 44-61 where include a protocol, a source IP address, a destination IP address, a source port and a destination port. The firewall determines whether there is an entry in the flow table 215 that matches the protocol, source IP address, destination IP address, source port and destination port of the network packet. If at block 220 a matching flow is found in the flow table, the firewall forwards the network packet to the protected network at block..., which indicates interconnection between source node and destination node)

establish a publisher on a message originating runtime and a subscriber on a message receiving runtime based on an identification of the secured transmission control protocol connection established between each of the one or more runtimes; and (Eykholt, see figs. 6A and 6B; see abstract; see col. 14, lines 34-46 where processing logic sends one or more TCP request messages to the remote computing device. The TCP request messages may be similar to the UDP request messages, but may be sent using the TCP protocol rather than the UDP protocol. At block 650, processing logic determines whether any response messages to the TCP request messages have been received; see figs. 1A and 2; see col. 5, lines 17-61)
implement one or more bridge wires with each of the one or more runtimes upon identifying a relationship established between the publisher and the subscriber between the one or more runtimes within at least one network; (Eykholt, see figs. 6A and 6B; see 
a data flow framework failure detection subsystem operatively coupled to the bridge wire implementation subsystem, wherein the data flow framework failure detection subsystem is configured to detect loss of connectivity of the at least one network and operational failure of the one or more nodes and the one or more runtimes deployed in the distributed dataflow-based framework based on implementation of the one or more bridge wires; and (Eykholt, see figs. 6A and 6B; see col. 11, lines 52 - 67 where the keep-alive messages are not acknowledged by a response (no connection verification) unless an error is detected.; see col. 14, lines 39-53 where If no response messages are received, then the method proceeds to block 655, and processing logic determines that there is no network connectivity and/or that the remote computing device is unreachable; see col. 13, lines 37-55).
However, Eykholt does not explicitly teach a resiliency attaining subsystem operatively coupled to the data flow framework failure detection subsystem, wherein the resiliency attaining subsystem is configured to attain a predefined level of resiliency of the distributed data flow-based framework over the one or more bridge wires in at least 
Helbing teaches a resiliency attaining subsystem operatively coupled to the data flow framework failure detection subsystem, wherein the resiliency attaining subsystem is configured to attain a predefined level of resiliency of the distributed data flow-based framework over the one or more bridge wires in at least one condition based on the loss of connectivity of the at least one network and operational failure of the one or more nodes detected. (Helbing, see col. 11, lines 37-65 where resiliency agent 102 may allow these interdependent network components to be visualized at any level of their network infrastructure and/or reconnected when broken without time-consuming and expensive delays or human error; see col. 11, lines 22-36 where resiliency agent 102 may reset API endpoints and traffic configuration to accommodate any region or other traffic routing failover; see col. 10, lines 35-67 where cause issues when one of the regions fails. For example, if the east region fails,...)
It would have been obvious to one of ordinary skill in the art, at the time the invention was filed, to combine Eykholt and Helbing to provide the technique of a resiliency attaining subsystem operatively coupled to the data flow framework failure detection subsystem, wherein the resiliency attaining subsystem is configured to attain a predefined level of resiliency of the distributed data flow-based framework over the one or more bridge wires in at least one condition based on the loss of connectivity of the at least one network and operational failure of the one or more nodes detected of Helbing in the system of Eykholt in order to make a reconnection without time-consuming and expensive delays or human error (Helbing, see col. 11, lines 37-50).

Regarding claim 2, Eykholt-Helbing teaches wherein the one or more nodes comprises one or more compute nodes or one or more battery powered sensing nodes. (Eykholt, see fig. 1A computing devices, server computing device, client devices; see col. 2, lines 43-51 where the client-server architecture 100 includes a server computing device 125 connected to one or more client devices 140 via a local area network (LAN))

Regarding claim 3, Eykholt-Helbing teaches wherein the one or more runtimes comprises one or more compute nodes equipped with a predetermined functionality for execution of distributed data flow. (Eykholt, see fig. 2 source IP, dest. IP (identification of nodes); see col. 5, lines 44-61 where include a protocol, a source IP address, a destination IP address, a source port and a destination port. The firewall determines whether there is an entry in the flow table 215 that matches the protocol, source IP address, destination IP address, source port and destination port of the network packet. If at block 220 a matching flow is found in the flow table, the firewall forwards the network packet to the protected network at block...)

Regarding claim 4, Eykholt-Helbing teaches wherein the one or more runtimes in the distributed data flow framework receives a flow configuration file from a controller prior to establishing a relationship between the publisher and the subscriber. (Eykholt, see figs. 6A and 6B; see col. 8, lines 1-14 where connection manager 150 would determine the TCP flow timeout; see col. 8, lines 42-57 where notification messages notify the client to establish a TCP connection to the server to enable the client to 

Regarding claim 5, Eykholt-Helbing teaches wherein the flow configuration file comprises one or more node configurations, configurations of the one or more interconnecting wires, runtime configuration including port, internet protocol address and public key information. (Eykholt, see figs. 6A and 6B; see col. 11, lines 25-34 where notification protocol may be secured using a standard encryption protocol with a pre-shared secret key...then the key can be shared or determined between the client and the server using a separate TCP protocol. The pre-shared key may be different for each client, and may be changed anytime by the server. If the key changes, the client may receive a new key from the server using the TCP protocol)

Regarding claim 6, Eykholt-Helbing teaches wherein the transmission control protocol connection established between the one or more runtimes comprises initiation of connection by a publisher of one of a runtime and listening the established connection by a subscriber of another runtime among the one or more runtimes. (Eykholt, see figs. 6A and 6B; see col. 14; lines 10-20 where identifies a connection between the processing logic and the remote computing device; see col. 8, lines 1-14 where connection manager 150 would determine the TCP flow timeout; see col. 8, lines 

Regarding claim 7, Eykholt-Helbing teaches wherein the at least one network comprises a private network, a public network and a hybrid network. (Eykholt, see fig. 1A; see col. 2, lines 43-50 where may be a public network (e.g., the Internet), a private network (e.g., an intranet), or a combination thereof.)

Regarding claim 8, Eykholt-Helbing teaches wherein the at least one condition comprises reconnection mechanism when a runtime becomes active from an inactive state or down state. (Eykholt, see fig. 5; see col. 12, lines 14-23 where the connection manager may then remain in the wait state until a probe (or other delayed response message) 530 is received after a specified delay, or after a timeout occurs. Receipt of the probe, or the timeout occurring, causes the connection manager to switch to the send state 505, and thus to send another request message to the server.)

Regarding claim 9, Eykholt-Helbing teaches wherein the reconnection mechanism to attain the predefined level of resiliency comprises enabling transmission control protocol keepalives by transmission control protocol connection utilized by the 

Regarding claim 10, Eykholt-Helbing teaches wherein the reconnection mechanism to attain the predefined level of resiliency comprises implementing a heartbeat mechanism over the one or more bridge wires to indicate liveliness of a runtime. (Eykholt, see figs. 5, 6A and 6B; see col. 12, lines 24-35 where keep-alive messages and/or probe messages to the server in accordance with the determined flow timeout. Alternatively, the server may periodically send keep-alive messages and/or probe messages to the connection manager in accordance with the determined flow timeout; see col. 12, lines 36-46 where determining a timeout period of a firewall and of maintaining an open path to a remote computing device.)

Claims 11-12 are rejected under 35 U.S.C. 103 as being unpatentable over Eykholt et al. (U.S. Patent No. 9661083) in view of Helbing et al. (U.S. Patent No. 10587457) further in view of Chang et al. (U.S. PGPub 2013/0331091).

Regarding claim 11, Eykholt-Helbing teaches all the features of claim 8. However, Eykholt-Helbing does not explicitly teach wherein the reconnection mechanism to attain the predefined level of resiliency comprises re-establishment of the transmission control protocol connection through one or more socket operations.
Chang teaches wherein the reconnection mechanism to attain the predefined level of resiliency comprises re-establishment of the transmission control protocol connection through one or more socket operations. (Chang, see figs. 4 and 5; see paragraph 0027 where transmit a periodic keep-alive message...client reconnects to the push notification service; see paragraph 0028 where timely response is not received then the cellular connection is closed at 506 and, at 507, the wireless client reconnects to the push notification service over the Wifi interface; see paragraph 0023 where detected over a TCP socket for a period of time the TCP socket...)
It would have been obvious to one of ordinary skill in the art, at the time the invention was filed, to combine Eykholt-Helbing and Chang to provide the technique of the reconnection mechanism to attain the predefined level of resiliency comprises re-establishment of the transmission control protocol connection through one or more socket operations of Chang in the system of Eykholt-Helbing in order to reduce power consumption for messaging (Chang, see paragraph 0002).

Regarding claim 12, Eykholt-Helbing teaches all the features of claim 8. However, Eykholt-Helbing does not explicitly teach wherein the reconnection mechanism to attain the predefined level of resiliency comprises reducing implementation overhead based on automatic reconnection capability of the runtime.

It would have been obvious to one of ordinary skill in the art, at the time the invention was filed, to combine Eykholt-Helbing and Chang to provide the technique of the reconnection mechanism to attain the predefined level of resiliency comprises reducing implementation overhead based on automatic reconnection capability of the runtime  Chang in the system of Eykholt-Helbing in order to reduce power consumption for messaging (Chang, see paragraph 0002).


Claims 13 and 15-17 are rejected under 35 U.S.C. 103 as being unpatentable over Eykholt et al. (U.S. Patent No. 9661083) in view of Helbing et al. (U.S. Patent No. 10587457) further in view of Bono et al. (U.S. PGPub 2009/0254750).

Regarding claim 13, Eykholt-Helbing teaches all the features of claim 1. However, Eykholt-Helbing does not explicitly teach wherein the at least one condition comprises a reconnection mechanism of the one or more bridge wires attached to a runtime when security keys of the one or more runtimes expire.

It would have been obvious to one of ordinary skill in the art, at the time the invention was filed, to combine Eykholt-Helbing and Bono to provide the technique of the at least one condition comprises a reconnection mechanism of the one or more bridge wires attached to a runtime when security keys of the one or more runtimes expire of Bono in the system of Eykholt-Helbing in order to improve security by making the key or keys less susceptible to compromise (Bono, see paragraph 0006).

Regarding claim 15, Eykholt-Helbing-Bono teaches wherein the reconnection mechanism of the one or more bridge wires when the security keys of the one or more runtimes expire comprises requirement of separate security key pairs by the one or 

Regarding claim 16, Eykholt-Helbing-Bono teaches wherein the reconnection mechanism of the one or more bridge wires when the security keys of the one or more runtimes expire comprises refreshing data channel key pair by the one or more runtimes periodically or on demand to improve security posture of the distributed data flow based framework (Bono, see figs. 17-19; see paragraphs 0020-0021 where connect to the WA using its secret key and request the WK...Security policies in force on the client may require the client to contact the WA after key expiration for a key update (but the client may also check for key updates before key expiration if desired). When receiving a connection, security policies in force on the client may require a fresh and unexpired WK, verifying the status of the WK by the WA if necessary; see paragraph 0022 where current workgroup key version number (and optionally if the current time is greater than the workgroup key refresh alarm time); see paragraph 0151 where determine if client 1's WK is expired, client 1 may compare the TTL value associated with client 1's WK to the current time or the WK timestamp. The WK timestamp may indicate when the WK was generated or delivered to client 1...).

	

Regarding claim 17, Eykholt-Helbing-Bono teaches wherein the reconnection mechanism of the one or more bridge wires when the security keys of the one or more runtimes expire comprises deletion or establishment of the one or more bridge wires when a new distributed data flow framework and/or metadata update is received by the one or more bridge wires (Bono, see figs. 17-19; see paragraphs 0020-0021 where connect to the WA using its secret key and request the WK...Security policies in force on the client may require the client to contact the WA after key expiration for a key update (but the client may also check for key updates before key expiration if desired). When receiving a connection, security policies in force on the client may require a fresh and unexpired WK, verifying the status of the WK by the WA if necessary; see paragraph 0022 where current workgroup key version number (and optionally if the current time is greater than the workgroup key refresh alarm time); see paragraph 0151 where determine if client 1's WK is expired, client 1 may compare the TTL value associated with client 1's WK to the current time or the WK timestamp. The WK timestamp may indicate when the WK was generated or delivered to client 1...).
The motivation regarding to the obviousness to claim 13, with respect to the combination of Eykholt, Helbing and Bono, is also applied to claim 17.

Claim 14 are rejected under 35 U.S.C. 103 as being unpatentable over Eykholt et al. (U.S. Patent No. 9661083) in view of Helbing et al. (U.S. Patent No. 10587457) further in view of Bono et al. (U.S. PGPub 2009/0254750) further in view of Patil et al. (U.S. PGPub 2016/0218866).

Regarding claim 14, Eykholt-Helbing-Bono teaches wherein the one or more administrative tasks comprises a flow file propagation from a controller to a runtime and a notification of runtime configuration changes from one or more runtimes to the controller of a distributed data flow-based framework (Bono, see figs. 17-19; see paragraphs 0020-0021 where connect to the WA using its secret key and request the WK...Security policies in force on the client may require the client to contact the WA after key expiration for a key update (but the client may also check for key updates before key expiration if desired). When receiving a connection, security policies in force on the client may require a fresh and unexpired WK, verifying the status of the WK by the WA if necessary; see paragraph 0022 where current workgroup key version number (and optionally if the current time is greater than the workgroup key refresh alarm time); see paragraph 0151 where determine if client 1's WK is expired, client 1 may compare the TTL value associated with client 1's WK to the current time or the WK timestamp. The WK timestamp may indicate when the WK was generated or delivered to client 1...). The motivation regarding to the obviousness to claim 13, with respect to the combination of Eykholt, Helbing and Bono, is also applied to claim 14.
However, Eykholt-Helbing-Bono does not explicitly teach wherein the reconnection mechanism of the one or more bridge wires when the security keys of the 
Patil teaches wherein the reconnection mechanism of the one or more bridge wires when the security keys of the one or more runtimes expire comprises utilization of a separate communication channel for one or more administrative tasks, (Patil, see fig. 2 Key 1 expired, Key 3 generated; see paragraph 0064 where the key delivery message 180 may further include a key identifier 143, illustrated as the key ID in FIG. 1. The key identifier 143 may indicate a lifespan or an expiration time of the second group key...transmitted via the second wireless channel...)
It would have been obvious to one of ordinary skill in the art, at the time the invention was filed, to combine Eykholt-Helbing-Bono and Patil to provide the technique of wherein the reconnection mechanism of the one or more bridge wires when the security keys of the one or more runtimes expire comprises utilization of a separate communication channel for one or more administrative tasks of Patil in the system of Eykholt-Helbing-Bono in order to reduce traffic and overhead to the network (Patil, see paragraph 0003).

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MENG VANG whose telephone number is (571)270-7023. The examiner can normally be reached Monday - Friday 8:30 AM - 4:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, NICHOLAS TAYLOR can be reached on (571) 272-3889. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 





/MENG VANG/Primary Examiner, Art Unit 2443