DETAILED ACTION
This action is responsive to communications filed 06 January 2022.
Claims 1-20 are subject to examination.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 07 January 2022 was filed after the mailing date of the office action on 02 November 2021.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Response to Arguments
Applicant’s arguments have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
However, Applicant argues in substance:
Diac does not teach selecting based on a terminal reputation value of the first terminal and an IP reputation value of each virtual IP address in the IP address resource pool, a virtual IP address from the at least two virtual IP addresses comprised in the IP address resource pool..., see Remarks pages 13-14.
In response to Applicant’s arguments, the Examiner respectfully disagrees. The limitations above, under broadest reasonable interpretation, denote selecting a virtual IP address from a pool of addresses based on a reputation value of the terminal and the virtual IP address. As such, Radlein at least discloses and/or teaches virtual IP addresses (e.g. network addresses distributed across different POPs (point-of-presence), executed by one or more virtual machines (i.e. IP address of a virtual machine, a virtual IP)), see at least [col. 17, ls. 39-56] [FIG. 1], where network addresses are selected from a pool, see at least [col. 12, ls. 1-13] [col. 12, ls. 46-col. 13, ls. 3]. Radlein does not explicitly disclose that the addresses are selected based on a reputation value where a higher IP is for a higher terminal. Diac was brought in to at least disclose and/or teach selecting IP addresses based on reputation values, e.g. an IP manager utilizing a sender reputation score, that indicates the reputation of the sender, such as bad reputations being indicative of spam and IP reputation data denotes reputation associated with each IP address in the pool of addresses, such as blacklisted or blocked IPs, therefore the IP address is selected based on the reputation score of the sender and IP reputation data. See at least [col. 4, ls. 5-38] [col. 2, ls. 20-38] [col. 5, ls. 23-65]. It would have been obvious to one of ordinary skill in the pertinent art before the effective filing date of the claimed invention to modify the invention of Radlein in view of Diac to have selected virtual IP addresses in the pool based on reputation values of the terminal and IP address. One of ordinary skill in the art would have been motivated to do so to utilize the sender reputation score and IP reputation data to determine the IP address to be utilized (Diac, [col. 4, ls. 25-38]). Diac’s selection of IP addresses based on reputation values of a sender and Ip to be implemented in Radlein's system comprising virtual IPs and entities in a network would have disclose or taught at least the selection based on reputation values from addresses in a pool, wherein virtual IP addresses would be selected based on the reputation of the virtual IPs and reputation of a terminal in a DNS system.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 1-4, 6, 12-15 and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Radlein et al. (US-9742795-B1) hereinafter Radlein in view of Diac et al. (US-8560616-B1) hereinafter Diac further in view of TAKAHASHI et al. (US-20090019523-A1) hereinafter Takahashi.
Regarding claim 1, Radlein discloses:
A service resource scheduling method applied to a network comprising: a terminal ([col. 9, ls. 56-col. 10, ls. 14] [FIG. 1] accessing computing devices 102), a service server ([col. 10, ls. 50-62] [FIG. 1] content providers 104), a domain name system server ([col. 11, ls. 46-67] [FIG. 1] DNS servers 112), and at least one network security device ([col. 9, ls. 56-col. 10, ls. 14] [FIG. 1] points-of-presence 114); wherein, each of the at least one network security devices has a virtual IP address ([col. 17, ls. 39-56] [FIG. 1] components of the content delivery system 110 may be executed by one or more virtual machines implemented in a hosted computing environment [col. 3, ls. 48-col. 4, ls. 6] network addresses assigned to a distribution may vary across different POPs (i.e. wherein when executed by one or more virtual machines, IP address is a virtual address)), a domain name of a service provided by the service server is mapped to an IP address resource pool on the domain name system server ([col. 4, ls. 30-50] network address (e.g. IP address) may serve content associated with distributions, each associated with a different human-readable network identifier (e.g. domain name) [col. 11, ls. 46-67] DNS servers configured to resolve human-readable network identifiers of distributions (e.g. domain names) into network addresses (e.g. IP addresses)), and the IP address resource pool comprises at least two of the virtual IP addresses ([col. 12, ls. 46-col. 13, ls. 3] DNS servers may maintain a list of available network addresses within an address pool), and the method comprises: 
receiving, by the domain name system server ([col. 11, ls. 46-67] DNS servers resolve human-readable network identifiers (e.g. domain name; i.e. from a resolution request received, see [col. 7, ls. 4-57])), a domain name resolution request sent by a first terminal ([col. 7, ls. 4-57] client computing device requests resolution of a domain name), wherein the domain name resolution request comprises the domain name ([col. 7, ls. 4-57] client computing device requests resolution of a domain name, wherein a request to resolve a domain must require a domain name as to be resolved); 
selecting a virtual IP address from the at least two virtual IP addresses comprised in the IP address resource pool ([col. 12, ls. 1-13] DNS server may be configured to distribute a specific combination of network addresses (e.g. network addresses selected; i.e. from pool set forth above in [col. 12, ls. 46-col. 13, ls. 3])), and 
sending a domain name resolution response to the first terminal, wherein the domain name resolution response carries the selected virtual IP address ([col. 11, ls. 46-67] DNS servers may further be configured, in response, to provide a combination of network addresses at which content of that distribution may be obtained; DNS servers configured to resolve human-readable network identifiers of distributions (e.g. domain names) into network addresses (e.g. IP addresses)).  
Radlein does not explicitly disclose:
selecting, based on a terminal reputation value of the first terminal and an IP reputation value of each IP address in the IP address resource pool, a IP address from the at least two IP addresses comprised in the IP address resource pool, wherein a terminal reputation value of a terminal is used to indicate a security level of the terminal, and an IP reputation value of a IP address is used to indicate a security level of the IP address, wherein a IP address with a higher security level is selected by the system server for a terminal with a higher security level;
However, Diac discloses:
selecting, based on a terminal reputation value of the first terminal and an IP reputation value of each IP address in the IP address resource pool ([col. 4, ls. 25-38] IP manager module utilizes the sender reputation score and IP reputation data to determine the IP address to be utilized (i.e. selected)), a IP address from the at least two IP addresses comprised in the IP address resource pool ([col. 4, ls. 25-38] IP manager module utilizes the sender reputation score and IP reputation data to determine the IP address to be utilized (i.e. selected) [col. 2, ls. 20-38] IP address, e.g. utilized as the source address for an outbound e-mail address is selected from a pool of IP addresses);
It would have been obvious to one of ordinary skill in the pertinent art before the effective filing date of the claimed invention to modify the invention of Radlein in view of Diac to have selected virtual IP addresses in the pool based on reputation values of the terminal and IP address. One of ordinary skill in the art would have been motivated to do so to utilize the sender reputation score and IP reputation data to determine the IP address to be utilized (Diac, [col. 4, ls. 25-38]).
Radlein-Diac do not explicitly disclose:
wherein a terminal reputation value of a terminal is used to indicate a security level of the terminal, and an IP reputation value of a IP address is used to indicate a security level of the IP address, wherein a IP address with a higher security level is selected by the system server for a terminal with a higher security level;
However, Takahashi discloses:
wherein a terminal reputation value of a terminal is used to indicate a security level of the terminal ([0015] security level specified by settings information [0058] e.g. regarding address to be used for communication between server and client, such as indicative of IPsec preference/requirement, address change, connection method, etc.), and an IP reputation value of a IP address is used to indicate a security level of the IP address ([0059] address obtainable from the request satisfies the desired security level specified by the settings information stored in the server apparatus [0094] e.g. address with highest IPsec communication security level), wherein a IP address with a higher security level is selected by the system server for a terminal with a higher security level ([0094] address “1234:1234:222” selected as it has the security level higher than the security level of the IP address “1233:1233::222” [0059] e.g. security level specified by settings information stored in the server apparatus);
It would have been obvious to one of ordinary skill in the pertinent art before the effective filing date of the claimed invention to modify the invention of Radlein-Diac in view of Takahashi to have indicated security levels of the terminal and IP address so as to select an IP address obtained from the DNS server having the highest security level for use (Takahashi, [0180]).
Regarding claim 2, Radlein-Diac-Takahashi disclose:
The service resource scheduling method according to claim 1, wherein the selecting, based on a terminal reputation value of the first terminal and an IP reputation value of each virtual IP address in the IP address resource pool, a virtual IP address from the at least two virtual IP addresses comprised in the IP address resource pool, set forth above, comprises: 
Radlein discloses:
virtual IP address ([col. 17, ls. 39-56] [FIG. 1] components of the content delivery system 110 may be executed by one or more virtual machines implemented in a hosted computing environment [col. 3, ls. 48-col. 4, ls. 6] network addresses assigned to a distribution may vary across different POPs (i.e. wherein when executed by one or more virtual machines, IP address is a virtual address));
Radlein does not explicitly disclose:
if the terminal reputation value of the first terminal is greater than or equal to a first user threshold, determining a first IP address set from the IP address resource pool, wherein an IP reputation value of each IP address in the first IP address set is greater than or equal to a first service threshold; and 
selecting a IP address from the first IP address set.
However Diac discloses:
if the terminal reputation value of the first terminal is greater than or equal to a first user threshold ([col. 6, ls. 50-64] isolating senders with poor reputation scores (i.e. user threshold) to a small number of the IP addresses in the overall IP address pool (i.e. 32 is poorer than higher number, IP selected from group including 75, see [col. 6, ls. 35-49])), determining a first IP address set from the IP address resource pool ([col. 6, ls. 35-49] e.g. selects an IP address covering reputation scores 70-80 when sender reputation score is 75), wherein an IP reputation value of each IP address in the first IP address set is greater than or equal to a first service threshold ([col. 6, ls. 35-49] e.g. IP address covering reputation scores 70-80 (i.e. service threshold) when reputation score is 75); and 
selecting a IP address from the first IP address set ([col. 6, ls. 35-49] selects an IP address from IP addresses assigned to the reputation segment covering the scores, e.g. 70-80).  
It would have been obvious to one of ordinary skill in the pertinent art before the effective filing date of the claimed invention to modify the invention of Radlein in view of Diac to have selected a virtual IP address from the first virtual IP address set when an IP reputation value of each virtual IP address in the set is greater than or equal to a first service threshold if the terminal reputation value is greater than or equal a user threshold. One of ordinary skill in the art would have been motivated to do so to select an IP address from IP addresses assigned to the reputation segment covering sender scores (Diac, [col. 6, ls. 35-64]).
Regarding claim 3, Radlein-Diac-Takahashi disclose:
The service resource scheduling method according to claim 2, set forth above, wherein the method further 33comprises: 
Radlein discloses:
receiving, by the domain name system server ([col. 11, ls. 46-67] DNS servers resolve human-readable network identifiers (e.g. domain name; i.e. from a resolution request received, see [col. 7, ls. 4-57])), a domain name resolution request sent by a second terminal ([col. 7, ls. 4-57] client computing device requests resolution of a domain name), wherein the domain name resolution request sent by the second terminal comprises the domain name ([col. 7, ls. 4-57] client computing device requests resolution of a domain name, wherein a request to resolve a domain must require a domain name as to be resolved); 
sending a domain name resolution response to the second terminal, wherein the domain name resolution response carries the virtual IP address ([col. 11, ls. 46-67] DNS servers may further be configured, in response, to provide a combination of network addresses at which content of that distribution may be obtained; DNS servers configured to resolve human-readable network identifiers of distributions (e.g. domain names) into network addresses (e.g. IP addresses))
Radlein does not explicitly disclose:
if a terminal reputation value of the second terminal is less than a second user threshold, determining a second IP address set from the IP address resource pool, wherein an IP reputation value of each IP address in the second IP address set is less than a second service threshold, the first user threshold is greater than or equal to the second user threshold, and the first service threshold is greater than or equal to the second service threshold; 
selecting a IP address from the second IP address set; and 
wherein the response carries the IP address selected from the second IP address set.  
However, Diac discloses:
if a terminal reputation value of the second terminal is less than a second user threshold ([col. 6, ls. 50-64] isolating senders with poor reputation scores (i.e. user threshold) to a small number of the IP addresses in the overall IP address pool (i.e. 32 is poorer than higher number, IP selected from group including 32, see [col. 6, ls. 35-49])), determining a second IP address set from the IP address resource pool ([col. 6, ls. 35-49] e.g. selects an IP address covering reputation scores 30-40 when sender reputation score is 32), wherein an IP reputation value of each IP address in the second IP address set is less than a second service threshold ([col. 6, ls. 35-49] e.g. IP address covering reputation scores 30-40 (i.e. service threshold) when reputation score is 32), the first user threshold is greater than or equal to the second user threshold ([col. 6, ls. 50-64] isolating senders with poor reputation scores (e.g. from higher reputation scores)), and the first service threshold is greater than or equal to the second service threshold ([col. 6, ls. 35-49] e.g. 70-80 higher than 30-40); 
selecting a IP address from the second IP address set ([col. 6, ls. 35-49] selects an IP address from IP addresses assigned to the reputation segment covering the scores, e.g. 30-40); and 
wherein the response carries the IP address selected from the second IP address set ([col. 6, ls. 35-49] selects an IP address from IP addresses assigned to the reputation segment covering the scores, e.g. 30-40 [col. 6, ls. 20-34] distributes the IP addresses).
It would have been obvious to one of ordinary skill in the pertinent art before the effective filing date of the claimed invention to modify the invention of Radlein in view of Diac to have selected a virtual IP address from the second virtual IP address set when an IP reputation value of each virtual IP address in the set is lesser than a second service threshold if the terminal reputation value is less than a user threshold. One of ordinary skill in the art would have been motivated to do so to select an IP address from IP addresses assigned to the reputation segment covering sender scores (Diac, [col. 6, ls. 35-64]).
Regarding claim 4, Radlein-Diac-Takahashi disclose:
The service resource scheduling method according to claim 1, set forth above, wherein the obtaining the terminal reputation value of the first terminal comprises: 
Radlein does not explicitly disclose:
receiving the terminal reputation value of the first terminal sent by the first terminal.  
However, Diac discloses:
receiving the terminal reputation value of the first terminal sent by the first terminal ([col. 4, ls. 25-38] sender reputation score may be provided by the sending computer).
It would have been obvious to one of ordinary skill in the pertinent art before the effective filing date of the claimed invention to modify the invention of Radlein in view of Diac to have received the terminal reputation value sent by the terminal. One of ordinary skill in the art would have been motivated to do so to provide the reputation score by the sending computer (Diac, [col. 4, ls. 25-38]).
Regarding claim 6, Radlein-Diac-Takahashi disclose:
The service resource scheduling method according to claim 1, set forth above, wherein the obtaining the terminal reputation value of the first terminal comprises: 
Radlein does not explicitly disclose:
receiving a terminal device parameter sent by the first terminal; and determining the terminal reputation value of the first terminal based on the terminal device parameter.  
However, Diac discloses:
receiving a terminal device parameter sent by the first terminal ([col. 4, ls. 5-38] e.g. content scores calculated for e-mail messages sent by the sender, complaints received by recipients of e-mail messages sent by the sender, e-mail messages sent by the sender that are returned as undeliverable, and the like, wherein sender reputation score provided by the sending computer); and determining the terminal reputation value of the first terminal based on the terminal device parameter ([col. 4, ls. 5-38] sender reputation score may be determined by cumulative data regarding the sender’s email activity, e.g. complaints, undeliverable, content scores, etc.).
It would have been obvious to one of ordinary skill in the pertinent art before the effective filing date of the claimed invention to modify the invention of Radlein in view of Diac to have determined a terminal reputation value based on a parameter. One of ordinary skill in the art would have been motivated to do so to determine a reputation score based on cumulative data (Diac, [col. 4, ls. 5-38]).
Regarding claim 12, Radlein-Diac-Takahashi disclose:
The service resource scheduling method according to claim 4, set forth above, wherein the method further comprises: 
Radlein discloses:
receiving attack information sent by one of the at least one network security device, wherein the attack information comprises an attacked IP address ([col. 25, ls. 39-col. 26, ls. 12] removal/replacement of a single attacked network address from DNS records (i.e. requires knowing the attacked IP address, e.g. notified the IP address that is attacked)); and 
determining the IP reputation value of each virtual IP address based on the attacked IP address ([col. 17, ls. 39-56] [FIG. 1] components of the content delivery system 110 may be executed by one or more virtual machines implemented in a hosted computing environment [col. 3, ls. 48-col. 4, ls. 6] network addresses assigned to a distribution may vary across different POPs (i.e. wherein when executed by one or more virtual machines, IP address is a virtual address) [col. 25, ls. 39-col. 26, ls. 12] e.g. reclassified from normal to high risk).
Regarding claim 13, Radlein-Diac-Takahashi disclose:
The service resource scheduling method according to claim 12, set forth above, wherein the method further comprises: 
Radlein discloses:
wherein the attack information further comprises an IP address of an attack source ([col. 7, ls. 4-57] identifying the source of an attack, e.g. to cease to service requests originating from the source/handle in a different manner (e.g. redirect); i.e. halt providing access to the distribution via an original POP and begin providing access to the distribution via an alternative POP),
Radlein does not explicitly disclose:
if the IP address of the attack source is an IP address of the first terminal, updating the terminal reputation value of the first terminal.  
However, Diac discloses:
if the IP address of the attack source is an IP address of the first terminal, updating the terminal reputation value of the first terminal ([col. 2, ls. 20-38] sender with bad reputation (e.g. spam) to a limited number of IP addresses from a pool of available IP addresses [col. 4, ls. 5-38] upon receiving e-mail message from sending computer (i.e. terminal) provides sender reputation score, reputation score based on e-mail activity of the sender, e.g. spam (i.e. for determination of a number of IP addresses to be utilized as the source for the message)).
It would have been obvious to one of ordinary skill in the pertinent art before the effective filing date of the claimed invention to modify the invention of Radlein in view of Diac to have updated the reputation value of the terminal if the IP address of the attack is the terminal. One of ordinary skill in the art would have been motivated to do so to provide a sender reputation score upon receiving an e-mail message from a sending computer as to determine a number of IP addresses to be utilized as the source for the message (Diac, [col. 4, ls. 5-38]).
Regarding claims 14 and 19, they do not further define nor teach over the limitations of claims 1, therefore, claims 14 and 19 are rejected for at least the same reasons set forth above as in claims 1. 
Regarding claim 15, it does not further define nor teach over the limitations of claim 2, therefore, claim 15 is rejected for at least the same reasons set forth above as in claim 2.
Claim 5, 7, 16-17 and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Radlein-Diac-Takahashi in view of Clegg et al. (US-7873695-B2) hereinafter Clegg.
Regarding claim 5, Radlein-Diac-Takahashi disclose:
The service resource scheduling method according to claim 4, set forth above,
Radlein-Diac-Takahashi do not explicitly disclose:
wherein the terminal reputation value of the first terminal is carried in the domain name resolution request sent by the first terminal.  
However, Clegg discloses:
wherein the terminal reputation value of the first terminal is carried in the domain name resolution request sent by the first terminal ([col. 40, ls. 45-64] receiving the request for the reputation of the message sender by receiving a request formatted as a DNS request).
It would have been obvious to one of ordinary skill in the pertinent art before the effective filing date of the claimed invention to modify the invention of Radlein-Diac-Takahashi in view of Clegg to have carried the terminal reputation value in the DNS request. One of ordinary skill in the art would have been motivated to do so to receive the request for the reputation of the message sending by receiving a request formatted as a DNS request (Clegg, [col. 40, ls. 45-64]).
Regarding claim 7, Radlein-Diac-Takahashi disclose:
The service resource scheduling method according to claim 6, set forth above,
Radlein does not explicitly disclose:
wherein the terminal device parameter of the first terminal is carried in the domain name resolution request sent by the first terminal.  
However, Diac discloses:
wherein the terminal device parameter of the first terminal is carried in the request sent by the first terminal ([col. 4, ls. 5-38] e.g. content scores calculated for e-mail messages sent by the sender, complaints received by recipients of e-mail messages sent by the sender, e-mail messages sent by the sender that are returned as undeliverable, and the like, wherein sender reputation score provided by the sending computer).
It would have been obvious to one of ordinary skill in the pertinent art before the effective filing date of the claimed invention to modify the invention of Radlein in view of Diac to have sent a parameter. One of ordinary skill in the art would have been motivated to do so to determine a reputation score based on cumulative data (Diac, [col. 4, ls. 5-38]).
Radlein-Diac do not explicitly disclose:
wherein the terminal device parameter of the first terminal is carried in the domain name resolution request sent by the first terminal.
However, Clegg discloses:
wherein the terminal reputation value of the first terminal is carried in the domain name resolution request sent by the first terminal ([col. 40, ls. 45-64] receiving the request for the reputation of the message sender by receiving a request formatted as a DNS request).
It would have been obvious to one of ordinary skill in the pertinent art before the effective filing date of the claimed invention to modify the invention of Radlein-Diac in view of Clegg to have carried the parameter in the DNS request. One of ordinary skill in the art would have been motivated to do so to receive the request for the reputation of the message sending by receiving a request formatted as a DNS request (Clegg, [col. 40, ls. 45-64]) and determine a reputation score based on cumulative data (Diac, [col. 4, ls. 5-38]).
Regarding claim 20, Radlein-Diac-Takahashi disclose:
The terminal according to claim 19, set forth above, wherein the terminal further comprises: 
Radlein discloses:
a memory comprising instructions ([col. 10, ls. 34-49] e.g. computer, laptop, etc. wherein computers/laptops include a memory comprising instructions); and 
one or more processors coupled with the memory, wherein the one or more processors execute the instructions ([col. 10, ls. 34-49] e.g. computer, laptop, etc. wherein computers/laptops include a memory comprising instructions executable by a processor) to: 
Radlein does not explicitly disclose:
obtain the terminal device parameter; and 
the communications interface is further configured to send the terminal device parameter to the domain name system server; or 
the instructions when executed by the one or more processors further cause the domain name 38system server to determine the terminal reputation value based on the terminal device parameter; and 
the communications interface is further configured to send the terminal reputation value to the domain name system server.
However, Diac discloses:
obtain the terminal device parameter ([col. 4, ls. 5-38] e.g. content scores calculated for e-mail messages sent by the sender, complaints received by recipients of e-mail messages sent by the sender, e-mail messages sent by the sender that are returned as undeliverable, and the like, wherein sender reputation score provided by the sending computer); and
the communications interface is further configured to send the terminal device parameter to the domain name system server ([col. 4, ls. 5-38] e.g. content scores calculated for e-mail messages sent by the sender, complaints received by recipients of e-mail messages sent by the sender, e-mail messages sent by the sender that are returned as undeliverable, and the like, wherein sender reputation score provided by the sending computer); or
the instructions when executed by the one or more processors further cause the domain name 38system server to determine the terminal reputation value based on the terminal device parameter ([col. 4, ls. 5-38] sender reputation score may be determined by cumulative data regarding the sender’s email activity, e.g. complaints, undeliverable, content scores, etc.); and
It would have been obvious to one of ordinary skill in the pertinent art before the effective filing date of the claimed invention to modify the invention of Radlein in view of Diac to have determined a terminal reputation value based on a parameter. One of ordinary skill in the art would have been motivated to do so to determine a reputation score based on cumulative data (Diac, [col. 4, ls. 5-38]).
Radlein-Diac do not explicitly disclose:
the communications interface is further configured to send the terminal reputation value to the domain name system server
However, Clegg discloses:
the communications interface is further configured to send the terminal reputation value to the domain name system server ([col. 40, ls. 45-64] receiving the request for the reputation of the message sender by receiving a request formatted as a DNS request).
It would have been obvious to one of ordinary skill in the pertinent art before the effective filing date of the claimed invention to modify the invention of Radlein-Diac in view of Clegg to have carried the terminal reputation value in the DNS request. One of ordinary skill in the art would have been motivated to do so to receive the request for the reputation of the message sending by receiving a request formatted as a DNS request (Clegg, [col. 40, ls. 45-64]).
Regarding claim 16, it does not further define nor teach over the limitations of claims 4-5, therefore, claim 16 is rejected for at least the same reasons set forth above as in claims 4-5. 
Regarding claim 17, it does not further define nor teach over the limitations of claims 6-7, therefore, claim 17 is rejected for at least the same reasons set forth above as in claims 6-7.
Claim 8-9, 11 and 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Radlein-Diac-Takahashi in view of Klein et al. (US-20160156637-A1) hereinafter Klein.
Regarding claim 8, Radlein-Diac-Takahashi disclose:
The service resource scheduling method according to claim 6, set forth above, wherein the determining the terminal reputation value of the first terminal based on the terminal device parameter comprises: 
Radlein-Diac-Takahashi do not explicitly disclose:
wherein the terminal device parameter comprises at least one hardware fingerprint,
querying a preset reputation score corresponding to each hardware fingerprint of the at least one hardware fingerprint, and determining the terminal reputation value of the first terminal based on the preset reputation score corresponding to each hardware fingerprint, wherein 
the at least one hardware fingerprint includes one or more of the following: a GPS fingerprint, a Bluetooth fingerprint, a battery fingerprint, a camera fingerprint, a Wi-Fi module fingerprint, a temperature sensor fingerprint, and a microphone module fingerprint.  
However, Klein discloses:
wherein the terminal device parameter comprises at least one hardware fingerprint ([0032] if communication device is using 3/4/5G to communicate, instead of BT, the security level may change (i.e. networking hardware) [0022] hardware security),
querying a preset reputation score corresponding to each hardware fingerprint of the at least one hardware fingerprint ([0032] 3/4/5G vs BT, different security levels (i.e. preset scores)), and determining the terminal reputation value of the first terminal based on the preset reputation score corresponding to each hardware fingerprint ([0032] e.g. security level determined to be level 2), wherein 
the at least one hardware fingerprint includes one or more of the following: a GPS fingerprint, a Bluetooth fingerprint ([0032] BT (Bluetooth)), a battery fingerprint, a camera fingerprint, a Wi-Fi module fingerprint, a temperature sensor fingerprint, and a microphone module fingerprint.
It would have been obvious to one of ordinary skill in the pertinent art before the effective filing date of the claimed invention to modify the invention of Radlein-Diac-Takahashi in view of Klein to have a parameter comprise a fingerprint as to query preset scores to determine a reputation value, including a Bluetooth fingerprint. One of ordinary skill in the art would have been motivated to do so to determine security levels for a communication device (Klein, [0032]).
Regarding claim 9, Radlein-Diac-Takahashi disclose:
The service resource scheduling method according to claim 6, set forth above, wherein the determining the terminal reputation value of the first terminal based on the terminal device parameter further comprises: 
Radlein-Diac-Takahashi do not explicitly disclose:
wherein the terminal device parameter comprises at least one software fingerprint,
querying a preset reputation score corresponding to each software fingerprint of the at least one software fingerprint, and determining the terminal reputation value of the first terminal based on the preset reputation score corresponding to each software fingerprint, wherein 
the at least one software fingerprint includes one or more of the following: an international mobile equipment identity (IMEI), a universally unique identifier (UUID), a network type, a terminal type, an operating system type, a network mode, a battery temperature, a power feature, a SIM card serial number, and a mobile phone number.  
However, Klein discloses:
wherein the terminal device parameter comprises at least one software fingerprint ([0022] communication devices includes software security),
querying a preset reputation score corresponding to each software fingerprint of the at least one software fingerprint ([0023] e.g. WEBEX, screen capture disabled to obtain a higher level of security than if the screen capture feature was on [0032] 3/4/5G vs BT, different security levels (i.e. preset scores)), and determining the terminal reputation value of the first terminal based on the preset reputation score corresponding to each software fingerprint ([0023] disabled screen capture for higher level of security [0030] e.g. move from a lower level, e.g. 4, to a higher level, e.g. 1 [0032] 3/4/5G vs BT), wherein 
the at least one software fingerprint includes one or more of the following: an international mobile equipment identity (IMEI), a universally unique identifier (UUID), a network type ([0032] 3/4/5G vs BT), a terminal type, an operating system type, a network mode, a battery temperature, a power feature, a SIM card serial number, and a mobile phone number.
It would have been obvious to one of ordinary skill in the pertinent art before the effective filing date of the claimed invention to modify the invention of Radlein-Diac-Takahashi in view of Klein to have a parameter comprise a fingerprint as to query preset scores to determine a reputation value, including a network type. One of ordinary skill in the art would have been motivated to do so to determine security levels for a communication device (Klein, [0032]).
Regarding claim 11, Radlein-Diac-Takahashi disclose:
The service resource scheduling method according to claim 6, set forth above, wherein the determining the terminal reputation value of the first terminal based on the terminal device parameter further comprises: 
Radlein-Diac-Takahashi do not explicitly disclose:
wherein the terminal device parameter comprises transmission traffic and a quantity of connections,
updating the terminal reputation value of the first terminal when the quantity of connections and/or the transmission traffic are/is abnormal.  
However, Klein discloses:
wherein the terminal device parameter comprises transmission traffic and a quantity of connections ([0023] environment, e.g. location of communication device (i.e. transmission traffic, where it is located from),
updating the terminal reputation value of the first terminal when the quantity of connections and/or the transmission traffic are/is abnormal ([0023] U.S. vs China, riding on a train vs home, outside of the office, etc. where security level can be established based on the information, e.g. to not allow access to documents).
It would have been obvious to one of ordinary skill in the pertinent art before the effective filing date of the claimed invention to modify the invention of Radlein-Diac-Takahashi in view of Klein to have utilized abnormal transmission traffic to update reputation values. One of ordinary skill in the art would have been motivated to do so to establish security levels based on information such as location (Klein, [0023]).
Regarding claim 18, it does not further define nor teach over the limitations of claim 8, therefore, claim 18 is rejected for at least the same reasons set forth above as in claim 8.
Claim 10 is/are rejected under 35 U.S.C. 103 as being unpatentable over Radlein-Diac-Takahashi in view of Sharifi Mehr (US-10904277-B1) hereinafter Sharifi.
Regarding claim 10, Radlein-Diac-Takahashi disclose:
The service resource scheduling method according to claim 6, set forth above, wherein the determining the terminal reputation value of the first terminal based on the terminal device parameter further comprises: 
Radlein-Diac-Takahashi do not explicitly disclose:
wherein the terminal device parameter comprises at least one piece of malicious information,
querying a preset reputation score corresponding to each piece of malicious information of the at least one piece of malicious information, and determining the terminal reputation value of the first terminal based on the preset reputation score corresponding to each piece of malicious information, wherein 
the at least one piece of malicious information includes one or more of the following: CPU malicious information, malicious information corresponding to a file stored in a memory, API DEMOS malicious information, DevTools malicious information, application permission 35malicious information, abnormal port information, and abnormal process information.  
However, Sharifi discloses:
wherein the terminal device parameter comprises at least one piece of malicious information ([col. 39, ls. 19-47] identifies each of the plurality of activity profiles describing network activity between the corresponding activity source and the set of computing resources that is potential directed attack activity, and compares the potential directed attack activity to a plurality of threat factors to produce the threat level score),
querying a preset reputation score corresponding to each piece of malicious information of the at least one piece of malicious information ([col. 39, ls. 19-47] compares potential directed attack activity to a plurality of threat factors to produce the threat level score [col. 5, ls. 56-col. 6, ls. 11] multi-factor calculation may include a weight scalar for each factor according to the factor’s importance (i.e. preset)), and determining the terminal reputation value of the first terminal based on the preset reputation score corresponding to each piece of malicious information ([col. 39, ls. 19-47] e.g. to obtain the threat level score for the user account [col. 35, ls. 47-col. 36, ls. 21] e.g. threat of the first activity source to the one or more user-specific virtual computing resources associated with the first user account), wherein 
the at least one piece of malicious information includes one or more of the following: CPU malicious information, malicious information corresponding to a file stored in a memory, API DEMOS malicious information, DevTools malicious information, application permission 35malicious information, abnormal port information ([col. 4, ls. 28-44] properties of disallowed traffic such as ports accessed), and abnormal process information ([col. 4, ls. 28-44] properties of disallowed traffic such as protocols used).
	It would have been obvious to one of ordinary skill in the pertinent art before the effective filing date of the claimed invention to modify the invention of Radlein-Diac-Takahashi in view of Sharifi to have determined a terminal reputation value based on each piece of malicious information such as abnormal port and process information. One of ordinary skill in the art would have been motivated to do so to obtain the threat level score of the first activity source to the one or more user-specific virtual computing resources associated with the first user account (Sharifi, [col. 35, ls. 47-col. 36, ls. 21]).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Martini et al. (US-20060182103-A1) SYSTEM AND METHOD FOR ROUTING NETWORK MESSAGES;
Ikeda et al. (US-8631465-B2) TERMINAL OF AN ENVIRONMENT MANAGEMENT STATION AND A SERVICE USER PROVIDED A SERVICE, METHOD FOR PROCESSING AN EVALUATION VALUE OF A TERMINAL, A SERVICE REQUEST AND A SERVICE PROVIDING;
Holloway et al. (US-8613089-B1) IDENTIFYING A DENIAL-OF-SERVICE ATTACK IN A CLOUD-BASED PROXY SERVICE;
GREENBERG et al. (US-20170006053-A1) AUTOMATICALLY PREVENTING AND REMEDIATING NETWORK ABUSE;
Kaladgi et al. (US-9853975-B2) RESTRICTING ACCESS TO CONTENT BASED ON MEASUREMENTS OF USER TERMINAL OPERATIONAL PERFORMANCE.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Alex H. Tran whose telephone number is (571)272-8173. The examiner can normally be reached Monday-Friday 11AM-6PM ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Divecha B. Kamal can be reached on (571)272-5863. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/Alex H. Tran/Examiner, Art Unit 2453                                                                                                                                                                                                        
/Hitesh Patel/Primary Examiner, Art Unit 2419                                                                                                                                                                                                        
5/10/