DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-27 are pending in this application.
Claims 1-15 are currently amended.
Claims 21-27 are newly added.
No new IDS was submitted.

Claim Rejections - 35 USC § 112
The amendments filed on 02/15/2022 have been considered and are persuasive; thus, the previous claim rejection(s) have been withdrawn.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1, 8, 15 and 24 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1 and 13 of U.S. Patent No. US 10,523,702 B2.  Although the conflicting claims are not identical, they are not patentably distinct from each other because claims 1 and 13 and 18 of U.S. Patent No. US 10,523,702 B2 contains every element of claims 1, 8, 15 and 24 of the instant application and thus anticipate the claims of the instant application (see Claim Comparison Table below).

Instant Application 16/671,009
US 10,523,702 B2
1. At least one storage device or storage disk comprising instructions which, when executed, cause one or more processors of a first device to at least: 


in response to a request from a second  device to access a third  device, delay the second  device from connecting to the third  device; cause the first device to attempt to connect to the third  device; 

determine a level of trustworthiness of the third device based on connection characteristics of a communication session including the first device and the third device, 





the first device different from the second device, the first device different from the third device and the second device different from the third device; 



and in response to determining that the third device meets a threshold of trustworthiness, permit the second device to connect to the third device.
13. A system for detecting connection anomalies, the system comprising: one or more processors; a memory including instructions that, when executed, cause at least some of the one or more processors to: 
in response to a first device attempting to connect to a second device: attempt to connect to the second device; 




determine a level of trustworthiness of the second device based on first connection characteristics, second connection characteristics, and third connection characteristics, the first connection characteristics corresponding to a first communication including the first device and the second device, the second connection characteristics corresponding to a second communication between the second device and a third device currently connected to the second device, the third connection characteristics corresponding to a third communication including the system and the second device; and 

take an action regarding the attempt by the first device to connect to the second device based on the level of trustworthiness of the second device.
8. A first device comprising: memory including instructions; and at least one processor to execute the instructions to: 



in response to a request from a second  device to access a third  device, delay the second  device from connecting to the third  device; cause the first device to attempt to connect to the third  device; 

determine a level of trustworthiness of the third  device based on connection characteristics of a communication session including the first device  and the third  device, the first device different from the second device, the first device different from the third device, the second device different from the third device; and HANLEY, FLIGHT & ZIMMERMAN, LLCPage 4 of 12 Attorney Docket No. 20344/P85393CApplication No. 16/671,009 Response to the Office action dated November 15, 2021 









in response to determining that the third  device meets a threshold of trustworthiness, permit the second  device to connect to the third  device.
13. A system for detecting connection anomalies, the system comprising: one or more processors; a memory including instructions that, when executed, cause at least some of the one or more processors to: 
in response to a first device attempting to connect to a second device: attempt to connect to the second device; 




determine a level of trustworthiness of the second device based on first connection characteristics, second connection characteristics, and third connection characteristics, the first connection characteristics corresponding to a first communication including the first device and the second device, the second connection characteristics corresponding to a second communication between the second device and a third device currently connected to the second device, the third connection characteristics corresponding to a third communication including the system and the second device; and 

take an action regarding the attempt by the first device to connect to the second device based on the level of trustworthiness of the second device.
15. A method comprising: 





in response to a request from a first device to access a second device, delaying, by executing an instruction with at least one processor of a third device, the first device from connecting to the second device; attempting, by executing an instruction with the at least one processor of the third device, to connect the third device to the second device; 

determining, by executing an instruction with the at least one processor of the third device, a level of trustworthiness of the second device based on connection characteristics of a communication session including the third device  and the second device, the third device different from the first device, the first device different from the second device and the third device different from the second device; and 







in response to determining that the second device meets a threshold of trustworthiness, permitting, by executing an instruction with the at least one processor of the third device, the first device to connect to the second device.
13. A system for detecting connection anomalies, the system comprising: one or more processors; a memory including instructions that, when executed, cause at least some of the one or more processors to: 
in response to a first device attempting to connect to a second device: attempt to connect to the second device; 








determine a level of trustworthiness of the second device based on first connection characteristics, second connection characteristics, and third connection characteristics, the first connection characteristics corresponding to a first communication including the first device and the second device, the second connection characteristics corresponding to a second communication between the second device and a third device currently connected to the second device, the third connection characteristics corresponding to a third communication including the system and the second device; and 

take an action regarding the attempt by the first device to connect to the second device based on the level of trustworthiness of the second device.
24. A compute device comprising: communication circuitry; instructions; and one or more processor cores to execute the instructions to: 
in response to a request from a first device to communicate with a second device, delay the first device from establishing communication with the second device;HANLEY, FLIGHT & ZIMMERMAN, LLCPage 7 of 12 Attorney Docket No. 20344/P85393CApplication No. 16/671,009 Response to the Office action dated November 15, 2021cause the communication circuitry to attempt to communicate with the second device; 


determine a level of trustworthiness of the second device based on one or more characteristics of a communication session including the compute device and the second device, the compute device different from the first device, the first device different from the second device and the compute device different from the second device; and 








in response to determining that the second device meets a threshold of trustworthiness, cause the communication circuitry to transmit a message to cause the first device to communicate with the second device.
1. At least one storage device or storage disk comprising instructions that, when executed, cause a machine to at least: 


responsive to a first device attempting to connect to a second device, attempt to connect to the second device; 





determine a level of trustworthiness of the second device based on first connection characteristics, second connection characteristics, and third connection characteristics, the first connection characteristics corresponding to a first communication session including the first device and the second device, the second connection characteristics corresponding to a second communication session including a third device currently connected to the second device and the second device, the third connection characteristics corresponding to a third communication session including the machine and the second device; and 
prevent the first device from connecting to the second device based on the level of trustworthiness.



Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-27 are rejected under 35 U.S.C. 103 as being unpatentable over Dulkin et al. (US 2015/0304292 A1) (hereinafter, “Dulkin”) in view of Krishnaswamy et al. (US 2013/0024577 A1) (hereinafter, “Krishnaswamy”).

As to claim 1, Dulkin discloses at least one storage device or storage disk comprising instructions which, when executed (Fig. 2, [0098]), cause one or more processors of a first device to at least: 
in response to a request from a second device to access a third device, delay the second device from connecting to the third device (“When client 100 wants to access target 104, client 100 sends a first access request 206 via a native protocol to proxy 202. First access request 206 includes client credentials 130 and sufficient information for proxy 202 to be able to identify target 104.” -. e.g. see, Dulkin: [0098]; herein, a request is received from a second device (i.e. client 100) to access a third device (i.e. target 104); request has been received by a first device (i.e. proxy 202) which first attempts to connects to the third device which causes a delay -e.g. see, also, Fig. 2, [0099]); 
cause the first device to attempt to connect to the third device (“Proxy 202 sends a second access request 208 via a native protocol to target 104. Second access request 208 includes target access credentials 232. Target 104 receives second access request 208 and performs authentication using target access credentials 232. If target 104 successfully verifies target access credentials 232 and authentication is successful, target 104 authorizes second access request 208 and communications between client 100 and target 104 are established via proxy 202.” -e.g. see, [0099]; herein, the first device (i.e. proxy 202) attempts to connect to the third device (i.e. target 104) which is caused by the connection request from the second device); 
determine … connection characteristics of a communication session including the first device and the third device (“Proxy 202 sends a second access request 208 via a native protocol to target 104. Second access request 208 includes target access credentials 232. Target 104 receives second access request 208 and performs authentication using target access credentials 232. If target 104 successfully verifies target access credentials 232 and authentication is successful, target 104 authorizes second access request 208 and communications between client 100 and target 104 are established via proxy 202.” -e.g. see, [0099]; herein, a connection characteristics of a communication session (i.e. credentials 232) is determined; wherein, the connection characteristics (i.e. credentials) is required for first device to connect to the third device), the first device different from the second device, the first device different from the third device and the second device different from the third device (Fig. 2, [0098], [0099], [0100]; herein, first device is a proxy, second device is client and the third device is a target device; all three devices are separate devices); and 
in response to determining … [connection credentials] … permit the second device to connect to the third device (“Second access request 208 includes target access credentials 232. Target 104 receives second access request 208 and performs authentication using target access credentials 232. If target 104 successfully verifies target access credentials 232 and authentication is successful, target 104 authorizes second access request 208 and communications between client 100 and target 104 are established via proxy 202.” -e.g. see, [0099]; herein, in response to determining the connection characteristics (i.e. credentials), permit the second device (i.e. client) to connect to the third device (i.e. target device)).  
Dulkin may not explicitly disclose determine a level of trustworthiness of the third device based on connection characteristics of a communication session; in response to determining that the third device meets a threshold of trustworthiness, permit … [the connection].
However, in an analogous art, Krishnaswamy discloses determine a level of trustworthiness of the [third] device based on connection characteristics of a communication session (Krishnaswamy: “The system 100 then receives, from the second server, a response to the challenge query (408) and establishes, for the first user, the trusted relationship with the second user via the second server if the response matches an expected response based on the communication history (410). The response to the challenge question can be encrypted based on at least one of the challenge query and an answer to the challenge query. … In certain instances, establish the trusted relationship further includes elevating a level of trust for an existing trusted relationship. In other instances, an analysis of the communication history can occur, and based on this analysis a specific trust level can be established for the trusted relationship.” –e.g. see, Krishnaswamy: [0039], see also, Fig. 3, Fig. 4, [0026], [0033], [0040]); in response to determining that the third device meets a threshold of trustworthiness, permit … [the connection] (Krishnaswamy: “Based on this trusted relationship, the first server and the second server can establish communications between the first user and the second user.” –e.g. see, Krishnaswamy: [0040]; see also, [0026]; herein, The security or level of trust of the subsequently established trusted relationship can be based, at least in part, on the difficulty or unguessability of the challenge. In another aspect, the first server can generate and send a series of challenges, possibly increasing in difficulty, until the first server is satisfied, based on an identity verification threshold, that the responses from the second server are authentic.).
Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Dulkin with the teaching of Krishnaswamy to include “determine a level of trustworthiness of the third device based on connection characteristics of a communication session; in response to determining that the third device meets a threshold of trustworthiness, permit …” in order to authorize connections between two authentic parties based on trust relationship of connection parameters.

As to claims 8, 15 and 24, these are rejected using the similar rationale as for the rejection of claim 1.

As to claim 2, the combination of Dulkin and Krishnaswamy disclose wherein the instructions cause the one or more processors of the first device to, in response to determining that the third device does not meet the threshold of trustworthiness, prevent the second device from connecting to the third device (Krishnaswamy: “… a system configured to automatically establish relationships can continue to correspond with another server by: searching the communication history, building a new query, sending that query, receiving a response, and determining a trust level based on that response. Each iteration of this process can initiate a fresh determination of the response's effectiveness. Based on the response the system may conclusively determine that there is, in fact, no relationship and terminate the exchange. In other instances, the response may match the expected response, in which case a trusted relationship is created.” –e.g. see, Krishnaswamy: [0031], see also, [0026]; herein, Krishnaswamy teaches the concept of determining trustworthiness of the third device and Dulkin teaches the structure of first, second and third devices).  

As to claims 9, 16 and 25, these are rejected using the similar rationale as for the rejection of claim 2.

As to claim 3, the combination of Dulkin and Krishnaswamy disclose wherein the instructions cause the one or more processors of the first device to, in response to determining that the third device does not meet the threshold of trustworthiness, cause the first device to transmit an alert message to the second device, the alert message to indicate that the third device is insufficiently trustworthy (Krishnaswamy: “The confirmation 318 sent to the other server 308 can be a secret key or token, granting access to first user's 302 information, server, or data. The confirmation can be a text or binary based message indicating that establishment of the relationship or the rejection of the request to establish a relationship.” –e.g. see, Krishnaswamy: [0037]).  

As to claims 10, 17 and 26, these are rejected using the similar rationale as for the rejection of claim 3.

As to claim 4, the combination of Dulkin and Krishnaswamy disclose wherein the instructions cause the one or more processors of the first device to (a) delay the second device from connecting to the third device or (b) prevent the second device from connecting to the third device by blocking a communication from the second device to the third device (Krishnaswamy: “Upon receiving a response 316 meeting expectations, the server 306 creates a trusted relationship between the first user 302 and the second user 304. Creating a trusted relationship can include recording the relationship in a trusted relationship database 320 as well as sending confirmation 318 to the other server 308 that a trusted relationship has been approved. The confirmation 318 sent to the other server 308 can be a secret key or token, granting access to first user's 302 information, server, or data. The confirmation can be a text or binary based message indicating that establishment of the relationship or the rejection of the request to establish a relationship.” –e.g. see, Krishnaswamy: [0037]; herein, when the response from the second server doesn’t meet the expectation, connection is denied, subsequently prevents the first device from connecting to the second device).  

As to claims 11 and 18, these are rejected using the similar rationale as for the rejection of claim 4.

As to claims 5, 12 and 19, the combination of Dulkin and Krishnaswamy disclose wherein the instructions cause the one or more processors of the first device to at least (a) delay the second device from connecting to the third device or (b) prevent the second device from connecting to the third device by preventing a transmission of data from the second device to the third device (Krishnaswamy: “Upon receiving a response 316 meeting expectations, the server 306 creates a trusted relationship between the first user 302 and the second user 304. Creating a trusted relationship can include recording the relationship in a trusted relationship database 320 as well as sending confirmation 318 to the other server 308 that a trusted relationship has been approved. The confirmation 318 sent to the other server 308 can be a secret key or token, granting access to first user's 302 information, server, or data. The confirmation can be a text or binary based message indicating that establishment of the relationship or the rejection of the request to establish a relationship.” –e.g. see, Krishnaswamy: [0037]; herein, when the response from the second server doesn’t meet the expectation, connection is denied, subsequently prevents the first device from connecting to the second device).  

As to claims 6, 13 and 20, the combination of Dulkin and Krishnaswamy disclose wherein the data includes data related to a password associated with a user of the second device (Krishnaswamy: “The confirmation 318 sent to the other server 308 can be a secret key or token, granting access to first user's 302 information, server, or data. The confirmation can be a text or binary based message indicating that establishment of the relationship or the rejection of the request to establish a relationship.” –e.g. see, Krishnaswamy: [0037]; herein, a token may be equivalent to a password which is passed to second server of the second user when connection is granted and subsequently not sending the token when the connection is denied).  

As to claim 7, the combination of Dulkin and Krishnaswamy disclose wherein the connection characteristics of the communication session including the first device and the third device include at least one of (a) real time connection characteristics or (b) historic connection characteristics (Krishnaswamy: “… a system configured to automatically establish relationships can continue to correspond with another server by: searching the communication history, building a new query, sending that query, receiving a response, and determining a trust level based on that response. Each iteration of this process can initiate a fresh determination of the response's effectiveness. Based on the response the system may conclusively determine that there is, in fact, no relationship and terminate the exchange. In other instances, the response may match the expected response, in which case a trusted relationship is created.” –e.g. see, Krishnaswamy: [0031], see also, [0026]).

As to claims 14 and 27, these are rejected using the similar rationale as for the rejection of claim 7.

As to claim 21, the combination of Dulkin and Krishnaswamy disclose wherein the instructions cause the one or more processors of the first device to, in response to determining that the third device does not meet the threshold of trustworthiness, instruct the second device not to connect to the third device (Krishnaswamy: “Upon receiving a response 316 meeting expectations, the server 306 creates a trusted relationship between the first user 302 and the second user 304. Creating a trusted relationship can include recording the relationship in a trusted relationship database 320 as well as sending confirmation 318 to the other server 308 that a trusted relationship has been approved. The confirmation 318 sent to the other server 308 can be a secret key or token, granting access to first user's 302 information, server, or data. The confirmation can be a text or binary based message indicating that establishment of the relationship or the rejection of the request to establish a relationship.” –e.g. see, Krishnaswamy: [0037]; herein, when the response from the second server doesn’t meet the expectation, connection is denied, subsequently prevents the first device from connecting to the second device; moreover, Krishnaswamy teaches the concept of determining trustworthiness of the third device and Dulkin teaches the structure of first, second and third devices).
	
As to claims 22 and 23, these are rejected using the similar rationale as for the rejection of claim 21.

Response to Arguments
Applicant has amended the independent claims 1, 8 and 15 which necessitated a new ground of rejection, see rejection above.

Applicant argued in page 10 of the remark that: “However, using previous communications and events between and/or including two users to send challenges to determine whether to establish a trusted relationship between the two users, as described by Krishnaswamy does not anticipate in response to a request from a second device to access a third device, delaying the second device from connecting to the third device and determining a level of trustworthiness of the third device based on connection characteristics of a communication session including a first device and the third device, as set forth in claim 1.”
In response to the Applicant’s argument Examiner would like to point out that newly cited prior art teaches a request from a second device to access a third device (Dulkin: [0098]; herein, a request is received from a second device (i.e. client 100) to access a third device (i.e. target 104); request has been received by a first device (i.e. proxy 202) which first attempts to connects to the third device which causes a delay -e.g. see, also, Fig. 2, [0099]); Dulkin further discloses determining … connection characteristics of a communication session including a first device and the third device ([0099]; herein, a connection characteristics of a communication session (i.e. credentials 232) is determined; wherein, the connection characteristics (i.e. credentials) is required for first device to connect to the third device). Krishnaswamy discloses determine a level of trustworthiness of the [third] device based on connection characteristics of a communication session (Krishnaswamy: “The system 100 then receives, from the second server, a response to the challenge query (408) and establishes, for the first user, the trusted relationship with the second user via the second server if the response matches an expected response based on the communication history (410). The response to the challenge question can be encrypted based on at least one of the challenge query and an answer to the challenge query. … In certain instances, establish the trusted relationship further includes elevating a level of trust for an existing trusted relationship. In other instances, an analysis of the communication history can occur, and based on this analysis a specific trust level can be established for the trusted relationship.” –e.g. see, Krishnaswamy: [0039], see also, Fig. 3, Fig. 4, [0026], [0033], [0040]).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 

US 2017/0126705 A1 (MIrashrafi)-Fig. 2, [0067], [0070]-teaches the concept of determining a trust score of a AP device which provides hotspot to other devices.

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 


Any inquiry concerning this communication or earlier communications from the examiner should be directed to SUMAN DEBNATH whose telephone number is (571)270-1256. The examiner can normally be reached Mon-Fri; 9:00am-5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

SUMAN DEBNATH
Patent Examiner
Art Unit 2495



/S.D/           Examiner, Art Unit 2495    

/FARID HOMAYOUNMEHR/           Supervisory Patent Examiner, Art Unit 2495