DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1, 3, 5, 7 and 9-10 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Cooper et al. (Pub. No. US2021/0111870) 
As per claim 1, Cooper discloses a system for secure data transfer using air gapping (fig.1, air-gap 128), the system comprising: 
a first module (fig.1, 102) comprising: 
a first module communication interface (fig.1, 116) configured to communicate with a public network; (paragraph 70, a public network (e.g., the Internet))
a first module controller (fig.1, 136) and a first module data interface (fig.1, 106) configured to send and/or receive data from the public network; 
a second module (fig.1, 104) comprising: 
a first read-only memory storing an operating system; (paragraphs 40-41, stored on authorization system 114)
a second read-only memory storing sets of private keys of the second module and at least one public key of another remote entity; (paragraphs 40-41, The public key(s) obtained by the authorization manager 132 may be stored locally on the authorization system 114, stored on a remote system)
a cryptographic unit (fig.1, 132) configured to encrypt and/or decrypt data using the keys stored in the second read-only memory; (paragraphs 15-16 & 36, use various hashing functions/algorithms to generate the hash 602 such as, but not limited to, keyed or un-keyed cryptographic hash functions.)
a second module communication interface (fig.1, 118) configured to communicate with a secured machine or a secured network (fig.1, 128) to transmit data from and to the second module; 
a microcontroller (fig.1, within 118) and a second module data interface (fig.1, 118) for communicating with a bridge module (fig.1, 114); wherein the bridge module comprises: 
a bridge module controller; (fig.1, 132)
a bridge module data interface for communicating with the bridge module controller; (paragraph 28, the first network 102 as being physically and/or logically isolated from the second network 104 and the Internet 126.)
a memory for storing data; (paragraphs 40-41, stored on authorization system 114)
a switch (fig.1, 128 communication between networks 102 and 104 and internet 126 isolation via “air-gap” 128 as further cited in paragraph 28) configured to selectively connect the bridge module data interface to either the first module data interface or to the second module data interface such that the first module data interface is never connected with the second module data interface; (paragraph 28, the first network 102 as being physically and/or logically isolated from the second network 104 and the Internet 126.)
wherein the bridge module controller is configured to receive data from the second module, store the data in the memory, and send the data to the first module and/or to receive data from the first module, store the data in the memory, and send the data to the second module. (paragraphs 32-34, information processing systems 114 disposed within the first network 102 and/or second network 104 comprise an authorization manager 132, the authorization system 114 may be located at a security counter at which the user carrying the removable storage device 130 is required to check in at before accessing the air-gapped network 102) 

As per claim 3, Cooper discloses wherein the first module and the second module are integrated with the bridge module in a common housing. (fig.1, 114)

As per claim 5, Cooper discloses wherein the second module data interface comprises an input data buffer and an output data buffer. (fig.1, 114)

As per claim 7, Cooper discloses wherein the second module data interface comprises an input data buffer and an output data buffer. (paragraph 32, The security manager utilizes the validation data/token 134 stored on the removable storage device 130 to validate that device 130 is authorized for use within the air-gapped network 102)

As per claim 9, Cooper discloses the method comprising the steps of: 
receiving secure data at the second module; (paragraph 28, the air-gap 128)
encrypting and signing the secure data at the second module; (paragraphs 15-16 & 36, use various hashing functions/algorithms to generate the hash 602 such as, but not limited to, keyed or un-keyed cryptographic hash functions.)
switching the switch of the bridge module to the second module and sending the secure data from the second module to the bridge module; (paragraph 28, the first network 102 as being physically and/or logically isolated from the second network 104 and the Internet 126.)
switching the switch of the bridge module to the first module and sending data from the bridge module to the first module; (paragraph 28, the air-gap 128)
sending data from the first module to a designated recipient via the public network. (paragraph 28, the air-gap 128 may be physically created by removing network interface cards; ensuring none of the systems, devices, and components of the network 102 are coupled to another system, device, or component having access to an outside network.)

As per claim 10, Cooper discloses the method comprising the steps of: 
receiving secure data at the first module; (paragraph 28, the air-gap 128)
switching the switch of the bridge module to the first module and sending the secure data from the first module to the bridge module; (paragraph 28, the first network 102 as being physically and/or logically isolated from the second network 104 and the Internet 126.)
switching the switch of the bridge module to the second module and verifying if a data packet is signed by an authorized party and sending data from the bridge module to the second module; (paragraph 28, the first network 102 as being physically and/or logically isolated from the second network 104 and the Internet 126.)
checking and decrypting data at the second module; (paragraphs 15-16 & 36, use various hashing functions/algorithms to generate the hash 602 such as, but not limited to, keyed or un-keyed cryptographic hash functions.)
sending data from the second module to the secured machine or to the secured network. (paragraph 28, the air-gap 128 ensuring none of the systems, devices, and components of the network 102 are coupled to another system, device, or component having access to an outside network.)


	Claim Rejections - 35 USC § 103
3.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 2, 4, 6, and 8 are rejected under 35 U.S.C. 103 as being unpatentable over Cooper et al. (Pub. No. US2021/0111870) in view of Scardelletti (US Patent US7,583,169)
As per claim 2, Cooper discloses all the limitations as the above but does not explicitly discloses wherein the switch is a single pole, double throw (SPDT) switch. However, Scardelletti discloses this. (col.10, lines 34-40, The MEMS switching device(s) can be assembled into various types of switch configuration such as single-pole single-throw (SPST), single-pole double-throw (SPDT), and up to nth-throw as long as the layout of the circuit does not interfere with device performance.
It would have been obvious to one with ordinary skill in the art before the effective filling date of the claimed invention was made to consider the teachings of Scardelletti with the teaching of Cooper so as to provide Metal-to-metal contact switches consist of a metal transmission line and a metal bridge/cantilever that are separated by an air gap to enhance the system performance.
 
As per claim 4, Cooper discloses wherein the first module and the second module are integrated with the bridge module in a common housing. (fig.1, 114)

As per claim 6, Cooper discloses wherein the second module data interface comprises an input data buffer and an output data buffer. (paragraph 32, The security manager utilizes the validation data/token 134 stored on the removable storage device 130 to validate that device 130 is authorized for use within the air-gapped network 102)

As per claim 8, Cooper discloses wherein the second module data interface comprises an input data buffer and an output data buffer. (paragraph 32, The security manager utilizes the validation data/token 134 stored on the removable storage device 130 to validate that device 130 is authorized for use within the air-gapped network 102)

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant' s disclosure.
	Ozgit [USPN 8,984,275] discloses a virtual air gap-VAG system developed in order to provide Internet and computer security.

5.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to KIM T HUYNH whose telephone number is (571)272-3635 or via e-mail addressed to [kim.huynh3@uspto.gov].  The examiner can normally be reached on M-F 7.00AM- 4:00PM. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Tsai Henry can be reached at (571)272-4176 or via e-mail addressed to [Henry.Tsai@USPTO.GOV].
The fax phone numbers for the organization where this application or proceeding is assigned are (571)273-8300 for regular communications and After Final communications. Any inquiry of a general nature or relating to the status of this application or proceeding should be directed to the receptionist whose telephone number is (571)272-2100.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/K. T. H./
Examiner, Art Unit 2184

 
/HENRY TSAI/Supervisory Patent Examiner, Art Unit 2184