Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
	The response of 01/04/22 was received and considered.  Claims 1-22 are presented for examination.
Response to Arguments
	Applicant’s arguments and amendments, filed 01/04/22, with respect to the rejection of claims 11-22 under 35 U.S.C. 112 have been fully considered and are persuasive.  The 35 U.S.C. 112 rejection of claims 11-22 has been withdrawn. 
	As per claims 1-3 and 5-10, Applicant's arguments filed 01/04/22 have been fully considered but they are not persuasive.  Applicant argues the Lipiniski reference does not teach or suggest that the “headless server computer” is only capable of communication with the “recovery computer”.   The examiner respectfully disagrees.  Lipinski discloses “ A headless computer refers to a computer or appliance without external connections”, paragraph 0007.  
In response to applicant's argument that Lipinski intends for the “headless server” to be in communication with multiple devices, a recitation of the intended use of the claimed invention must result in a structural difference between the claimed invention and the prior art in order to patentably distinguish the claimed invention from the prior art.  If the prior art structure is capable of performing the intended use, then it meets the claim.
Applicant argues Lipinski intends for the “headless server computer” to be in communication with multiple devices, not only the “recovery computer” because “the headless server computer 100 has a network port 104 that is connectable to a network 106, which can be connected to various client devices 108”.  However, just because the headless server computer can be or intends to be connected to various client devices, does not mean it is in fact connected to other devices.  Lipinski teaches, paragraph 0010, “Establishing a direct connection means that the headless server computer communicates with the recovery computer, but not to any other computer.”  
In response to applicant's argument that the references fail to show certain features of applicant’s invention, it is noted that the features upon which applicant relies (i.e., not communicating over a network or through a network port) are not recited in the rejected claim(s).  Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims.  See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993).  
As per claims 4 and 14, Applicant argues Cornell does not cure the deficiency of Lipiniski.  In response to applicant's arguments against the references individually, one cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references.  See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986).
As per claims 11-13 and 15-22, Applicant argues Kothandaraman does not cure the deficiency of Lipiniski.  In response to applicant's arguments against the references individually, one cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references.  See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986).   Furthermore, the examiner is not relying on the Kothandaraman reference to teach “wherein each secured server is only able to communicate with the work station”.  That feature is taught in the Lipinski reference, as stated above.   Applicant's arguments fail to comply with 37 CFR 1.111(b) because they amount to a general allegation that the claims define a patentable invention without specifically pointing out how the language of the claims patentably distinguishes them from the references.


Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1-3 and 5-10 are rejected under 35 U.S.C. 102(a)(1)/(a)(2) as being anticipated by Lipinski et al., US 2011/0083004.

Regarding claim 1, Lipinski discloses a secured computer system comprising: 
a public facing work station; at least one secured server in data communication with only the work station; and a secured connection coupling the work station to the secured server (paragraph 0010: Establishing a direct connection means that the headless server computer communicates with the recovery computer, but not to any other computer. In one embodiment, a "direct connection" between the headless server computer and the recovery computer is a direct link (wired or wireless link) that does not involve any intermediate devices between the headless server computer and the recovery computer. In an alternative embodiment, a "direct connection" refers to a connection between the headless server computer and the recovery computer through a layer 2 switch.). Regarding claim 2, Lipinski discloses the secured computer system of claim 1, wherein the work station has a first data transmission device and each secured server has an additional data transmission device (0034, the network ports 104 and 114 are Ethernet ports, then the associated network interface controllers 116 and 132 in the corresponding headless server computer 100 and recovery computer 102 would be able to perform an autosensing procedure in which the network interface controllers 116 and 132 are able to detect each other's presence and to configure the network interface controllers 116 and 132 with the appropriate transmit and receive connections.). Regarding claim 3, Lipinski discloses the secured computer system of claim 2, wherein each data transmission device of each secured server is only capable of communicating with the first data transmission device (0034, the network ports 104 and 114 are Ethernet ports, then the associated network interface controllers 116 and 132 in the corresponding headless server computer 100 and recovery computer 102 would be able to perform an autosensing procedure in which the network interface controllers 116 and 132 are able to detect each other's presence and to configure the network interface controllers 116 and 132 with the appropriate transmit and receive connections.). Regarding claim 5, Lipinski discloses the secured computer system of claim 1, wherein the work station is adapted to send and receive data from at least an internet or an unsecured data source (0012: recovery application and a recovery image. The recovery application and recovery image may be initially stored on a removable storage media that can be loaded into the recovery computer for communication to the headless server computer over the direct connection between the recovery computer and headless server computer. Alternatively, the recovery application and the recovery image may be permanently installed on the recovery computer, such as on the hard disk drive of the recovery computer. As yet another alternative, the recovery computer may be able to access the recovery application and recovery image over a network, such as the Internet, from a support site). Regarding claim 6, Lipinski discloses the secured computer system of claim 1, wherein each secured server is walled off from outside sources of data (0016, "Disconnecting" the headless server computer 100 from the network 106 can refer to one or more of the following: physically disconnecting a cable between the headless server computer 100 and a network device (e.g., switch, router, etc.) in the network 106; setting a state of the network device in the network 106 to perform electrical isolation between the headless server computer 100 and the network 106; or any other type of disconnection.). Regarding claim 7, Lipinski discloses the secured computer system of claim 1, wherein the work station is in data communication with a plurality of secured servers (Fig. 3, Headless server computer and PXE Server). Regarding claim 8, Lipinski discloses the secured computer system of claim 1, wherein each secured server has at least one user access point (0014, The client devices 108 (e.g., personal computers, personal digital assistants, etc.) can access the headless server computer 100 over the network 106 to access various services.). Regarding claim 9, Lipinski discloses the secured computer system of claim 1, wherein the system is a mobile system and the work station is one of a mobile phone, tablet, or laptop (0014, The client devices 108 (e.g., personal computers, personal digital assistants, etc.) can access the headless server computer 100 over the network 106 to access various services.).Regarding claim 10, Lipinski discloses the secured computer system of claim 1, wherein each secured server is invisible to external systems (0016, "Disconnecting" the headless server computer 100 from the network 106 can refer to one or more of the following: physically disconnecting a cable between the headless server computer 100 and a network device (e.g., switch, router, etc.) in the network 106; setting a state of the network device in the network 106 to perform electrical isolation between the headless server computer 100 and the network 106; or any other type of disconnection.).
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 4 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Lipinski et al., US 2011/0083004 and further in view of Cornell et al. US 2005/0114710
Regarding claims 4 and 14, Lipinski lacks or does not expressly disclose wherein the secured connection is an intermittent laser.  However, Cornell discloses wherein the secured connection is an intermittent laser (0073, The network port 1506 is connected, through various electrical connections in the secure tap 1504, to an edge connector 1508 that is an interface portion of the secure SFP module 1502. The network traffic, in the form of an electronic signal, is passed to an encryption module 1510. The encryption module 1510 includes a hardware embedded encryption key and logic designed to encrypt the network traffic. The encrypted network traffic, which at this point is still an electronic signal, is fed into a laser diode 1512. The laser diode 1512 converts the encrypted electronic network traffic to an optical signal that is transmitted on a secure link 1514.).  It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Lipinski with Cornell wherein the secured connection is an intermittent laser in order to convert the network traffic to an optical signal using a secure link, as taught by Cornell, paragraph 0073.

Claims 11-13 and 15-22 are rejected under 35 U.S.C. 103 as being unpatentable over Lipinski et al., US 2011/0083004 and further in view of Kothandaraman et al., US 2015/0073500
Regarding claims 11, 21 and 22, Lipinski discloses a method of providing a secure computer system, comprising the steps of: coupling a public facing work station to a data source; coupling at least one secured server to the work station with a secured connection (paragraph 0010: Establishing a direct connection means that the headless server computer communicates with the recovery computer, but not to any other computer. In one embodiment, a "direct connection" between the headless server computer and the recovery computer is a direct link (wired or wireless link) that does not involve any intermediate devices between the headless server computer and the recovery computer. In an alternative embodiment, a "direct connection" refers to a connection between the headless server computer and the recovery computer through a layer 2 switch.), 
wherein each secured server is only able to communicate with the work station; parsing each incoming data transmission at the work station for abnormalities in the data (0034, the network ports 104 and 114 are Ethernet ports, then the associated network interface controllers 116 and 132 in the corresponding headless server computer 100 and recovery computer 102 would be able to perform an autosensing procedure in which the network interface controllers 116 and 132 are able to detect each other's presence and to configure the network interface controllers 116 and 132 with the appropriate transmit and receive connections.).
Lipinski lacks or does not expressly disclose rejecting data transmissions with abnormalities at the work station.
However, Kothandaraman discloses rejecting data transmissions with abnormalities at the work station (00046, If a block 70 is invalid because either the ID code check or error code check fails, the IPG can take appropriate action, such as by rejecting the block 70); appending data transmissions without abnormalities with a data information tag at the work station (0046, the validity module 230 preferably determines whether blocks appear to be free of transmission errors (per CRC codes 76));  transmitting the tagged data transmissions from the work station to at least one secured server via the secured connection; parsing each incoming tagged data transmission at the secured server for compliance with the data information tag (0047: valid blocks are passed to a filter module 250 in the microcontroller 205, where the filtering algorithm is performed, and which comprises a firewall module 255 and an instruction analysis module 260.); and one of rejecting the tagged data transmission or accepting the tagged data transmission (0047: valid blocks are passed to a filter module 250 in the microcontroller 205, where the filtering algorithm is performed, and which comprises a firewall module 255 and an instruction analysis module 260.); 
wherein abnormalities include at least one of unexpected data size, unexpected data contents, unexpected data source, and unexpected data transmissions (0046, the validity module 230 preferably determines whether blocks appear to be free of transmission errors (per CRC codes 76));
wherein the data information tag includes at least one of a size of the data, a transmission rate of the data, timing of the data, and contents of the data (0046, Time stamps may also be appended to the blocks 70 at this point or earlier, which as discussed later can be useful for the filtering algorithm to consider.). 
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Lipinski with Kothandaraman to reject data transmissions with abnormalities in order to determine if the transmissions are compliant with the system rules, as taught by Kothandaraman, abstract.Lipinski, as modified above, further discloses claims 12-13 and 15-20, wherein claims 12-13 and 15-20are a method version of the claimed system discussed above in claims 2-3 and 5-10 wherein all claimed limitations have also been addressed and/or cited as set forth above.

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.  
US 2018/0341931 to Myshkin et al. pargraph 0046 discloses Secure computer 310 only connects to platform server 330, and only connects through secure connection 332, which is a non-IP protocol communication link.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AUBREY H WYSZYNSKI whose telephone number is (571)272-8155.  The examiner can normally be reached on M-F 9-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, KAMBIZ ZAND can be reached on 571-272-3811.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/AUBREY H WYSZYNSKI/Examiner, Art Unit 2434                                                                                                                                                                                                        /KAMBIZ ZAND/Supervisory Patent Examiner, Art Unit 2434