DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
	Amendments filed on 02/25/2022 change the scopes of the previously presented claims.  Previously presented rejections are withdrawn.  New grounds of rejections are applied to the amended claims.  The instant Office Action is made FINAL as necessitated by the claim amendments.

Claim Objections
Claim 1 is objected to because of the following informalities:  editing error.  Claim 1 currently ends with “causing the re-packetized input data packets to be internally communicated within the computing device from the TMS to a first application intended to receive the input data packets; and.”   It is apparent that the “and” at the end of the claim is mis-placed.  Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 14, 18, 21, 24, 25, 32 and 34 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 14 recites the limitation "receiving, through the TMS and local on the mobile computing device" in line 28.  There is insufficient antecedent basis for this limitation in the claim.
Claims 18, 21, 24, 25, 32 and 34 are rejected as they depend on rejected claim 14.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1 and 14 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 2 and 4 of U.S. Patent No. 10,097,436. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims are almost identical.

US 10,097,436
1. (Currently amended) A system to monitor network communications, comprising: a computing device comprising a control circuit and memory coupled with the control circuit and computer instructions that when executed by the control circuit cause the control circuit to implement: a tunneled monitoring service (TMS) operated local on the computing device; and a tunnel protocol within the computing device that is configured to establish a tunnel interface between software applications operating on the computing device and the TMS, wherein the tunnel interface is configured to collect output data transactions, communicated by the software applications and intended to be externally communicated from the computing device over a communication network, and direct the output data transactions to the TMS; wherein the TMS is configured to initiate monitoring of one or more output data transactions relative to predefined criteria to identify relevant parameter information, obtained from one or more of the output data transactions, that have a predefined relationship with one or more of the criteria, and cause results of the monitoring relative to the criteria to be recorded, wherein the TMS is configured: open, local on the computing device, raw data packets of the output data transactions from the tunnel interface; Page 2 of 16U.S. Application No.: 16/006,426Attorney Docket No.: 8956-143488-US Customer No. 42798 cause a re-packetizing of a payload of one or more of the data packets producing re- packetized data packets; cause the re-packetized data packets to be communicated from the computing device and over the communication network to one or more intended external computing servers; receive input data transactions comprising input data packets from at least one of the one or more external computing servers and directed to the TMS in response to the communication of the re-packetized data packets; initiate a monitoring of one or more of the input data packets relative to the criteria to identify relevant parameter information from one or more of the input data packets that have a predefined relationship with one or more of the criteria, and cause results of the monitoring relative to the criteria to be recorded; receive, local on the computing device, the input data packets; re-packetize a payload of one or more of the input data packets providing re-packetized input data packets; cause the re-packetized input data packets to be internally communicated within the computing device from the TMS to a first application intended to receive the input data packets; and.
A system to monitor network communications, comprising: a mobile computing device comprising a control circuit and memory coupled with the control circuit and computer instructions that when executed by the control circuit cause the control circuit to implement: a tunneled monitoring service (TMS) operated local on the mobile computing device; and a tunnel protocol within the mobile computing device that is configured to establish a tunnel interface between software applications operating on the computing device and the TMS, wherein the tunnel interface is configured to collect output data transactions, communicated by the software applications and intended to be externally communicated from the computing device over a distributed communication network, and direct the output data transactions to the TMS; wherein the TMS is configured to initiate a monitoring of each output data transaction relative to predefined criteria to identify relevant parameter information, obtained from one or more of the output data transactions, that have a predefined relationship with one or more of the criteria, and cause results of the monitoring relative to the criteria to be recorded, open, local on the mobile computing device, raw data packets of the output data transactions from the tunnel interface; cause a re-packetizing of a payload of each of the data packets producing re-packetized data packets; cause the re-packetized data packets to be communicated from the computing device and over the communication network to one or more intended external computing servers; receive input data transactions comprising input data packets from at least one of the one or more external computing servers and directed to the TMS in response to the communication of the re-packetized data packets; and initiate a monitoring of each of the input data packets relative to the criteria to identify relevant parameter information from one or more of the input data packets that have a predefined relationship with one or more of the criteria, and cause results of the monitoring relative to the criteria to be recorded.

2. The system of claim 1, wherein the TMS is further configured to: receive, local on the mobile computing device, the input data packets; re-packetize a payload of each of the input data packets providing re-packetized input data packets; and cause the re-packetized input data packets to be internally communicated within the computing device from the TMS to a first application intended to receive the input data packets.
A method of monitoring network communications, comprising: by a control circuit of a computing device: implementing, local on the computing device, a tunneled monitoring service (TMS); implementing, through a tunnel protocol within the computing device, a tunnel interface between software applications operating on the computing device and the TMS; collecting, through the tunnel protocol, output data transactions communicated by the software applications and intended to be externally communicated from the computing device over a communication network; directing, by the tunnel protocol, the output data transactions to the TMS; initiating, by the TMS, monitoring, local on the computing device, the content of output data transaction relative to predefined criteria to identify relevant parameter information, obtained from one or more of the output data transactions, that have a predefined relationship with one or more of the criteria; causing results of the monitoring relative to the criteria to be recorded; opening, through the TMS local on the computing device, raw data packets of the output data transactions from the tunnel interface; causing a re-packetizing of a payload of one or more of the data packets producing re- packetized data packets; causing the re-packetized data packets to be communicated from the computing device and over the communication network to one or more intended external computing server; receiving, at the TMS, input data transactions comprising input data packets from at least one of the one or more external computing servers and directed to the TMS in response to the communication of the re-packetized data packets; Page 6 of 16U.S. Application No.: 16/006,426Attorney Docket No.: 8956-143488-USCustomer No. 42798initiating a monitoring of each of the input data packets relative to the criteria to identify relevant parameter information from one or more of the input data packets that have a predefined relationship with one or more of the criteria, and cause results of the monitoring relative to the criteria to be recorded; receiving, through the TMS and local on the mobile computing device, the input data packets; re-packetizing a payload of each of the input data packets providing re-packetized input data packets; and causing the re-packetized input data packets to be internally communicated within the computing device from the TMS to a first application intended to receive the input data packets.
A method of monitoring network communications, comprising: by a control circuit of a mobile computing device: implementing, local on the mobile computing device, a tunneled monitoring service (TMS); implementing, through a tunnel protocol within the mobile computing device, a tunnel interface between software applications operating on the computing device and the TMS; collecting, through the tunnel protocol, output data transactions communicated by the software applications and intended to be externally communicated from the computing device over a distributed communication network; directing, by the tunnel protocol, the output data transactions to the TMS; initiating, by the TMS, monitoring of each output data transaction relative to predefined criteria to identify relevant parameter information, obtained from one or more of the output data transactions, that have a predefined relationship with one or more of the criteria; causing results of the monitoring relative to the criteria to be recorded; opening, through the TMS local on the mobile computing device, raw data packets of the output data transactions from the tunnel interface; causing a re-packetizing of a payload of each of the data packets producing re-packetized data packets; causing the re-packetized data packets to be communicated from the computing device and over the communication network to one or more intended external computing servers; receiving, at the TMS, input data transactions comprising input data packets from at least one of the one or more external computing servers and directed to the TMS in response to the communication of the re-packetized data packets; and initiating a monitoring of each of the input data packets relative to the criteria to identify relevant parameter information from one or more of the input data packets that have a predefined relationship with one or more of the criteria, and cause results of the monitoring relative to the criteria to be recorded.

4. The method of claim 3, further comprising: receiving, through the TMS and local on the mobile computing device, the input data packets; re-packetizing a payload of each of the input data packets providing re-packetized input data packets; and causing the re-packetized input data packets to be internally communicated within the computing device from the TMS to a first application intended to receive the input data packets.


Claims 5 and 18 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 2 and 4 of U.S. Patent No. 10,097,436 in view of Kunze (US 2004/0083354). 
US 10,097,436 discloses the features with regards to claims 1 and 14 as shown above.
Claims 2 and 4 of US 10,097,436 does not disclose the following features: regarding claims 5 and 18, receive, at the TMS, input data transactions comprising input data packets from an external computing server; modify a payload of at least a first input data packet, of the input data packets, in response to an identification that data of the first input data packet has a predefined relationship with one or more rules; re-packetizing the modified payload of the first input data packet in place of the payload of the first input data packet; and cause the re-packetized first input data packet to be internally communicated within the computing device from the TMS to a first application intended to receive the first input data packet.
Kunze discloses the following features.
Regarding claims 5 and 18, receive, at the TMS, input data transactions comprising input data packets from an external computing server (see Fig. 3, wherein 
It would have been obvious to one of ordinary skill in the art at the effective filing date of the instant application to modify the system of claims 2 or 4 of US 10,097,436 using features, as taught by Kunze, in order to allow the processing and forwarding of packets (see paragraph [0028] of Kunze).

Claims 8 and 21 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 2 and 4 of U.S. Patent No. 10,097,436 in view of Martini (US 2013/0276054).
US 10,097,436 discloses the features with regards to claims 1 and 14 as shown above.
Claims 2 and 4 of US 10,097,436 does not disclose the following features: regarding claims 8 and 21, communicate over the communication network one or more 
Martini discloses the following features.
Regarding claims 8 and 21, communicate over the communication network one or more data packets of the output data transaction to an external service configured to monitor data packets relative to the criteria and to record the results of the monitoring (see “The recording application 20 monitors incoming and outgoing data from the monitored computers 42 and begins a recording if the type of network activity matches the configured criteria and threshold level” recited in paragraph [0024], wherein the recording application 20 lies on a device external from the host devices 42 as shown in Fig. 1).
It would have been obvious to one of ordinary skill in the art at the effective filing date of the instant application to modify the system of claims 2 or 4 of US 10,097,436 using features, as taught by Martini, in order to monitor and record computer with activity violating the network policy (see abstract of Martini).

Claims 11 and 24 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 2 and 4 of U.S. Patent No. 10,097,436 in view of McNair (US 8,839,350).
US 10,097,436 discloses the features with regards to claims 1 and 14 as shown above.
Claims 2 and 4 of US 10,097,436 does not disclose the following features: communicate over the communication network multiple of the output data transactions 
McNair discloses the following features.
Regarding claims 11 and 24, communicate over the communication network multiple of the output data transactions to an evaluation server configured to receive and analyze the data transactions relative to one or more rules (see Security Module 126 for receiving outbound network traffic from the client 112 as shown in Fig. 1 and see "receiving outbound network traffic sent from a client to a server and performing an enforcement action on the network traffic responsive to determining that the network traffic violates a security policy” as recited in column 1, line 66- column 2 line13); receive action instructions corresponding to one or more of the data transactions from the evaluation service based on the evaluation of the multiple data packets relative to the one or more rules (see “sending the response, including the inserted out-of-band notification message, to the client” recited in column 1, line 66- column 2 line13 and "The presentation module 416 presents the notification message to the user of the client 112” recited in column 7, line 61-column 8, line 5, wherein the client device is instructed by the response including the notification to present the notification message).
It would have been obvious to one of ordinary skill in the art at the effective filing date of the instant application to modify the system claims 2 or 4 of US 10,097,436 using features, as taught by McNair, in order to inform the user and apply security policy enforcement actions (see abstract of McNair).

Claims 12 and 25 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 2 and 4 of U.S. Patent No. 10,097,436 in view of Chan (US 2017/0201489).
US 10,097,436 discloses the features with regards to claims 1 and 14 as shown above.
Claims 2 and 4 of US 10,097,436 does not disclose the following features: regarding claims 12 and 25, perform an analysis of the one or more data transactions relative to one or more rules defined on the TMS; and prevent, local on the computing device, access to an external, intended recipient service and prevent one or more data transactions from being communicated from the computing device to the intended recipient service in response to the analysis of the one or more data transactions intended to be communicated to the intended recipient service.
Chan discloses the following features.
Regarding claims 12 and 25, perform an analysis of the one or more data transactions relative to one or more rules defined on the TMS; and prevent, local on the computing device, access to an external, intended recipient service and prevent one or more data transactions from being communicated from the computing device to the intended recipient service in response to the analysis of the one or more data transactions intended to be communicated to the intended recipient service (see “firewall…rule, such as a specified...destination port, should be blocked..." recited in paragraph [0008]).
.

Claims 13 is rejected on the ground of nonstatutory double patenting as being unpatentable over claims 2 of U.S. Patent No. 10,097,436 in view of Freund (US 2004/0199763).
US 10,097,436 discloses the features with regards to claim 1 as shown above.
Claim 2 of US 10,097,436 does not disclose the following features: regarding claim 13, detect an unauthorized access to perform one or circumventing, uninstalling, disabling and modifying the operation of the TMS, and to cause a notification of the unauthorized access to be communicated to predefined recipient.
Freund discloses the following features.
Regarding claim 13, detect an unauthorized access to perform one or circumventing, uninstalling, disabling and modifying the operation of the TMS (see “malicious application (e.g., malware application 321 as shown at FIG. 3), attempts to send a message to the registered application (e.g., the ZoneAlarm firewall manager 341 as shown at FIG. 3). The malware application may send a wide variety of communications (messages) to the firewall manager in an attempt to disable the firewall manager or otherwise circumvent the security measures provided by the security system” recited in paragraph [0091]), and to cause a notification of the unauthorized access to be communicated to predefined recipient (see “the firewall manager may, 
It would have been obvious to one of ordinary skill in the art at the effective filing date of the instant application to modify the system of claim 2 of US 10,097,436 using features, as taught by Freund, in order to protect the computer system (see paragraph [0014] of Freund).

Claims 31-34 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 2 and 4 of U.S. Patent No. 10,097,436 in view of Ronaldi (US 9,043,944).
US 10,097,436 discloses the features with regards to claims 1 and 14 as shown above.
Claims 2 and 4 of US 10,097,436 does not disclose the following features: regarding claims 31-32, inhibit transmission of a monitored output data transaction that includes at least one of predefined nudity and profanity to prevent a payload of one or more output data transaction from reaching a requesting application; regarding claims 33-34, monitor for predefined content with one or more of the criteria that includes at least one of predefined symbols, derogatory words, customer names, competitor names; and preventing the communication of the predefined content.
Ronaldi discloses the following features.
Regarding claims 31-32, wherein the TMS is configured to inhibit transmission of a monitored output data transaction that includes at least one of predefined nudity and profanity (see “A non-transitory computer-readable medium encoded with instructions 
Regarding claims 33-34, monitor for predefined content with one or more of the criteria that includes at least one of predefined symbols, derogatory words, customer names, competitor names (see “content can be screened for nudity, specific words and other types of undesirable and/or inappropriate components” recited in column 7, lines 55-61); and preventing the communication of the predefined content (see “provides flexible capability in restricting a subset of content resident on a source device from being transmitted to any destination devices, applications” recited in column 2, lines 52-57).
It would have been obvious to one of ordinary skill in the art at the effective filing date of the instant application to modify the system of claims 2 or 4 of US 10,097,436  using features, as taught by Ronaldi, in order to in order to prevent sending contents that does not interest or considered offensive to the recipient (see column 1, lines 37-49 of Ronaldi).

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JUTAI KAO whose telephone number is (571)272-9719. The examiner can normally be reached Monday-Friday 8:00-17:00 EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/JUTAI KAO/           Primary Examiner, Art Unit 2473