DETAILED ACTION
Examiner's Note:  The Examiner has pointed out particular references contained in the prior art of record within the body of this action for the convenience of the Applicant.  Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply.  Applicant, in preparing the response, should consider fully the entire reference[s] as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the Examiner.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 05/03/2022 has been entered.
 Response to Arguments
Applicant’s remarks filed on 04/01/2022 have been fully considered. 
Regarding claim[s] 1 – 18 under the various obviousness rejections, applicant’s remarks are not persuasive, therefore, the office will address applicant’s remarks in the office action below. 
Applicant’s remarks made on page[s] 8 of the remarks as filed: “Lee teaches a network may support a number of client devices. In such a network, a client device transmits a request to communicate with a network, establishes a security context, and receives one or more encrypted client device contexts from the network. An encrypted client device context enables reconstruction of a context at the network for communication with the client device, where the context includes network state information associated with the client device. The client device transmits a message (e.g., including an uplink data packet) to the network that includes at least one encrypted client device context. Since the network device can reconstruct the context for the client device based on an encrypted client device context, the network device can reduce an amount of the context maintained at the network device in order to support a greater number of client devices. [Lee, Abstract] However, Lee does not teach, for example, wherein the code is accessible based on identification proofing which includes a trust score based on user behavior analysis.”

In response the examiner isn’t persuaded, the examiner points out that In applicant's arguments against the references individually, one cannot show non-obviousness by attacking references individually where the rejections are based on combinations of references.  See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986).
Further in response, in final rejection dated 02/03/2022, the examiner clearly articulated that the prior art of Little of the prior art combination made obvious applicant’s argued claim limitation above. And not Lee as alleged by applicant in the above remarks. 
For example, the prior art of Little, at col. 2, lines 38 – 40, and responsive to evaluating the fraud score [i.e. applicant’s accessible], initiate enrollment and/or further authentication of the subject. Where of Little, at col. 3, lines 49 – 54, Certain implementations may be utilized to detect suspicious and/or fraudulent activities associated with the process of establishing a new account [i.e. applicant’s the code is accessible]. For example, a subject seeking to establish a new account (such as a credit account, banking account, utility account, etc.) or apply for a benefit or service (such as a tax refund, etc.)]. Then further of Little, at col. 2, lines 19 – 38, receive a set of identity information associated with a subject; query one or more public or private databases with at least a portion of the set of identity information; receive, in response to the querying, independent information; determine, with the at least one processor, and based at least in part on a comparison of the independent information with at least a portion of the set of identity information, zero or more first indicators of fraud risk [i.e. applicant’s user behavior analysis]; responsive to the determining of the zero or more first indicators of fraud risk, produce, with the at least one processor, one or more identity proofing queries, wherein at least a portion of the one or more identity proofing queries is based on identity information derived from the independent information [i.e. applicant’s identification proofing]; receive, in response to sending the one or more identity proofing queries, at least one query response; determine, with the at least one processor, and based at least in part on a comparison of the one or more proofing queries and the at least one query response, zero or more second indicators of fraud risk; evaluate a fraud score [i.e. applicant’s trust score], based at least in part on zero or more of the first and second indicators of fraud risk. 
This teaching of Little meets applicant’s remarks of: “…However, Lee does not teach, for example, wherein the code is accessible based on identification proofing which includes a trust score based on user behavior analysis.”
***The examiner’s response above applies to applicant’s same or similar remarks made on page[s] 9, 10 regarding claim[s] 1, 10 of the remarks as filed. 

Applicant’s remarks made on page[s] 8 of the remarks as filed: “Bogushefsky teaches systems and methods that augment an entity's building and deployment of multiple applications using a metadata library component and a metadata orchestrator that controls details of the configurations of data stores, metadata which may include
linkage rules of the metadata structures and that leverages the metadata across individual application development and completed application silos are discussed. [Bogushefsky, Abstract] However, Bogushefsky does not teach, for example, wherein the code is accessible based on identification proofing which includes a trust score based on user behavior analysis.”

In response the examiner isn’t persuaded, the examiner points out that In applicant's arguments against the references individually, one cannot show non-obviousness by attacking references individually where the rejections are based on combinations of references.  See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986).
Further in response, in final rejection dated 02/03/2022, the examiner clearly articulated that the prior art of Little of the prior art combination made obvious applicant’s argued claim limitation above. And not Bogushefsky as alleged by applicant in the above remarks. 
For example, the prior art of Little, at col. 2, lines 38 – 40, and responsive to evaluating the fraud score [i.e. applicant’s accessible], initiate enrollment and/or further authentication of the subject. Where of Little, at col. 3, lines 49 – 54, Certain implementations may be utilized to detect suspicious and/or fraudulent activities associated with the process of establishing a new account [i.e. applicant’s the code is accessible]. For example, a subject seeking to establish a new account (such as a credit account, banking account, utility account, etc.) or apply for a benefit or service (such as a tax refund, etc.)]. Then further of Little, at col. 2, lines 19 – 38, receive a set of identity information associated with a subject; query one or more public or private databases with at least a portion of the set of identity information; receive, in response to the querying, independent information; determine, with the at least one processor, and based at least in part on a comparison of the independent information with at least a portion of the set of identity information, zero or more first indicators of fraud risk [i.e. applicant’s user behavior analysis]; responsive to the determining of the zero or more first indicators of fraud risk, produce, with the at least one processor, one or more identity proofing queries, wherein at least a portion of the one or more identity proofing queries is based on identity information derived from the independent information [i.e. applicant’s identification proofing]; receive, in response to sending the one or more identity proofing queries, at least one query response; determine, with the at least one processor, and based at least in part on a comparison of the one or more proofing queries and the at least one query response, zero or more second indicators of fraud risk; evaluate a fraud score [i.e. applicant’s trust score], based at least in part on zero or more of the first and second indicators of fraud risk. 
This teaching of Little meets applicant’s remarks of: “.…However, Bogushefsky does not teach, for example, wherein the code is accessible based on identification proofing which includes a trust score based on user behavior analysis.”
***The examiner’s response above applies to applicant’s same or similar remarks made on page[s] 9, 10 regarding claim[s] 1, 10 of the remarks as filed. 

Applicant’s remarks made on page[s] 8 of the remarks as filed: “Little teaches systems and methods for multi-stage identity authentication. A method is provided that includes receiving a set of identity information associated with a subject and querying one or more public or private databases with at least a portion of the set of identity information. The method includes receiving independent information responsive to the querying. The method includes determining zero or more first indicators of fraud risk and producing one or more identity proofing queries derived from the independent information. Based at least in part on a comparison of the one or more proofing queries and a query response, the method includes determining zero or more second indicators of fraud risk and evaluating a fraud score. Responsive to evaluating the fraud score, the method includes initiating one or more of authentication enrollment and multi-factor authentication of the subject. [Little, Abstract] Little also teaches, “all or part of the set of identity information may be utilized to query one or more public and/or private databases to obtain independent information.” [Little, col. 3, lines 47-67] However, data in databases is not the same as wherein the code is accessible based on identification proofing which includes a trust score based on user behavior analysis.”

In response the examiner isn’t persuaded, the examiner points out that applicant's arguments against the references individually, one cannot show non-obviousness by attacking references individually where the rejections are based on combinations of references.  See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986).
Further in response, in final rejection dated 02/03/2022, the examiner clearly articulated that the prior art of Lee in view of Little of the prior art combination made obvious applicant’s argued claim limitation above.
The prior art of Lee discloses code stored in a secure data vault, see Figure # 21, component # 2104 and paragraph: 0218, lines 1 – 3. Then combining this teaching of Lee with the above identified teachings of Little or see col. 2, lines 38 – 40, at col. 3, lines 49 – 54 and col. 2, lines 19 – 38. Thus, we arrive at applicant’s argued claimed invention of: “….However, data in databases is not the same as wherein the code is accessible based on identification proofing which includes a trust score based on user behavior analysis.”
***The examiner’s response above applies to applicant’s same or similar remarks made on page[s] 9, 10 regarding claim[s] 1, 10 of the remarks as filed. 

***The examiner notes that applicant made NO specific remarks regarding dependent claim[s] 2 – 9, 11 – 18 in applicant’s response as filed. 

Response to Amendment
Status of the instant application:
Claim[s] 1 – 27 are pending in the instant application. 
Regarding the abstract, applicant’s amendments to the specification have been considered, therefore, the objection of the abstract is withdrawn. 
Regarding claim[s] 1 – 9 that were rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite, applicant’s claim amendments have been considered, therefore, the rejections are withdrawn. 
Regarding claim[s] 1 – 18 under the various obviousness rejections, applicant’s claim amendments have been considered, therefore, are not persuasive. Therefore, see the office has address such claim amendments in the office action below. 
Regarding claim[s] 19 – 27 that were under the various obviousness rejections, applicant’s claim amendments have been considered, therefore, the rejections are withdrawn. 
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 05/31/2022 was filed after the mailing date of the request for continued examination [RCE] on 05/03/2022.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or non-obviousness.
Claim[s] 1, 6, 9, 10, 15, 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. [US PGPUB # 2017/0013453] in view of Bogushefsky, III et al. [US PAT # 10521223], further in view of Little et al. [US PAT # 9210156]
As per claim 1. Lee does teach a method [paragraph: 0008, lines 1 – 10, In an aspect, a method for a network access node is provided. The network access node obtains a key for an encrypted client device context associated with a client device, receives a first data packet and the encrypted client device context from the client device, obtains a security context for the client device from the encrypted client device context using the key, decrypts and/or verifies the first data packet based on the security context, and forwards the first data packet to a service network when the decryption and verification are successful] comprising:
	storing code within a secure vault [Figure # 21, component # 2104 and paragraph: 0218, lines 1 – 3, The encrypted client device context generating circuit/module 2126 may include circuitry and/or instructions (e.g., encrypted client device context generating instructions 2146 stored on the storage medium 2104)];
	forming one or more building blocks using the code stored in the secure vault [Figure # 21, component # 2126, and paragraph: 0218, lines 1 – 9, The encrypted client device context generating circuit/module 2126 may include circuitry and/or instructions (e.g., encrypted client device context generating instructions 2146 stored on the storage medium 2104) adapted to perform several functions [i.e. applicant’s one or more building blocks] relating to, for example, generating one or more encrypted client device contexts, wherein the one or more encrypted client device contexts enable reconstruction of the at least one context at the network for communication with the client device];
	accessing the one or more building block modules [Figure # 21, component # 2128 – context reconstructing/removing circuit/module, and paragraph: 0219, The context reconstructing/removing circuit/module 2128 may include circuitry and/or instructions (e.g., context reconstructing/removing instructions 2148 stored on the storage medium 2104) adapted to perform several functions relating to, for example, obtaining a key (e.g., the key K.sub.CDC-IoTF-U) for an encrypted client device context associated with a client device, obtaining a security context for the client device from the encrypted client device context based on the key, reconstructing the at least one context from the encrypted client device context, reconstructing at least a portion of a context based on the at least one of the one or more encrypted client device contexts and the usage information, removing at least one context, and/or maintaining the at least a portion of a context for a first threshold period of time when the usage information indicates a reduced data transmission, or a second threshold period of time when the usage information indicates a burst data transmission, the second threshold period of time being greater than the first threshold period of time.]. 
	Lee does not clearly teach and controlling access to the one or more building block modules with an orchestrator.
	However, Bogushefsky III does teach and controlling access to the one or more building block modules with an orchestrator [Figure # 1, component # 104 and col. 5, lines 35 – 44, It is to be appreciated that with centralized metadata orchestrator 104, the metadata related to various objects used in application development will coalesce around common design patterns. Having a common way to access data, as well as, having the metadata-driven features centrally controlled by metadata orchestrator 104 allows, based on metadata, users to re-use modules that interface with the various adaptors and other application components more easily.].
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Lee and Bogushefsky in order for the network node that receives one or more encrypted client device contexts in network access requests, that are used for determination of network access/communication of Lee to include a centralized meta data orchestrator of Bogushefsky. This would allow for a determination operation to be more reliable, direct, and reacts to changes in the one or more encrypted client device contexts. See col. 7, lines 12 – 18 of Bogushefsky. 
	Lee and Bogushefsky do not teach clearly the claim limitation of: “wherein the code is accessible based on identification proofing which includes a trust score based on user behavior analysis.”
	However, Little does teach wherein the code is accessible [col. 2, lines 38 – 40, and responsive to evaluating the fraud score [i.e. applicant’s accessible], initiate enrollment and/or further authentication of the subject. Where at col. 3, lines 49 – 54, Certain implementations may be utilized to detect suspicious and/or fraudulent activities associated with the process of establishing a new account [i.e. applicant’s the code is accessible]. For example, a subject seeking to establish a new account (such as a credit account, banking account, utility account, etc.) or apply for a benefit or service (such as a tax refund, etc.)] based on identification proofing which includes a trust score based on user behavior analysis [col. 2, lines 19 – 38, receive a set of identity information associated with a subject; query one or more public or private databases with at least a portion of the set of identity information; receive, in response to the querying, independent information; determine, with the at least one processor, and based at least in part on a comparison of the independent information with at least a portion of the set of identity information, zero or more first indicators of fraud risk [i.e. applicant’s user behavior analysis]; responsive to the determining of the zero or more first indicators of fraud risk, produce, with the at least one processor, one or more identity proofing queries, wherein at least a portion of the one or more identity proofing queries is based on identity information derived from the independent information [i.e. applicant’s identification proofing]; receive, in response to sending the one or more identity proofing queries, at least one query response; determine, with the at least one processor, and based at least in part on a comparison of the one or more proofing queries and the at least one query response, zero or more second indicators of fraud risk; evaluate a fraud score [i.e. applicant’s trust score], based at least in part on zero or more of the first and second indicators of fraud risk].
	It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Lee as modified and Little in order for the network node that receives one or more encrypted client device contexts in network access requests, that are used for determination of network access/communication of Lee as modified to include authenticating the node of the network access requests through multi-stage authentication of Little. This would allow for the monitoring network node to authenticate the requesting node in stages, and can prevent the requesting node from accessing/communication with the network if the node fails authentication at any stage. See col. 4, lines 20 – 40 of Little.
***The examiner points out that applicant’s recited “non – transitory memory,” “processor,” are taught by the prior art of Bogushefsky at col. 18, lines 6 – 33. 

As per claim 6. Lee does teach the method of claim 1 further comprising forming an application with one or more building block modules [Lee, Figure # 17, modules: 1720, 1722, 1724, 1726, 1728, 1730, 1732, 1733, and paragraph: 0179, According to at least one example of the apparatus 1700, the processing circuit 1710 [i.e. applicant’s form an application] may include one or more of a transmitting circuit/module 1720 [i.e. applicant’s one or more building block modules], a receiving circuit/module 1722 [i.e. applicant’s one or more building block modules], an encrypted client device context storing circuit/module 1724 [i.e. applicant’s one or more building block modules], an encrypted client device context determining circuit/module 1726 [i.e. applicant’s one or more building block modules], an idle mode entering circuit/module 1728 [i.e. applicant’s one or more building block modules], a security context establishing circuit/module 1730 [i.e. applicant’s one or more building block modules], a message obtaining circuit/module 1732 [i.e. applicant’s one or more building block modules], and a usage information obtaining circuit/module 1733 [i.e. applicant’s one or more building block modules] that are adapted to perform any or all of the features, processes, functions, operations and/or routines described herein (e.g., features, processes, functions, operations and/or routines described with respect to FIGS. 18-20).].

As per claim 9. Lee as modified does teach the method of claim 1 further comprising:
	deploying services [Bogushefsky, col. 5, lines 63 – 67 and col. 6, line 1,  Metadata orchestrator 104 employs optimistic locking across applications; in contrast to the usual application of optimistic locking that occurs within siloes of individual application developments. Metadata orchestrator 104 elevates the level of optimistic locking to a service layer above most any of the individual application development projects, thereby saving hundreds of hours of development time, and ensuring common design patterns across individual application development projects. Users, instead of focusing on items such as (prior required) mundane and expensive mapping, can now spend their time and energy on more substantive creativity.],
	utilizing one or more keys to access the code,
	controlling one or more policies, and
	organizing the one or more building block modules.

As per system claim 10 that includes the same or similar claim limitations as method claim 1, and is similarly rejected. 

As per system claim 15 that includes the same or similar claim limitations as method claim 6, and is similarly rejected. 

As per system claim 18 that includes the same or similar claim limitations as method claim 9, and is similarly rejected. 



Claim[s] 2, 3, 11, 12 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. [US PGPUB # 2017/0013453] in view of Bogushefsky, III et al. [US PAT # 10521223] and Little et al. [US PAT # 9210156] as applied to claim[s] 1 above, and further in view of Odom et al. [US PGPUB # 2018/0025135]

As per claim 2. Lee and Bogushefsky and Little do teach what is taught in the rejection of claim 1 above. 
	Lee and Bogushefsky and Little do not teach clearly the method of claim 1 wherein the code comprises executables, dynamic link libraries, configuration information, data or a combination thereof.
	However, Odom does teach the method of claim 1 wherein the code comprises executables, dynamic link libraries, configuration information, data [paragraph: 0081, lines 1 – 5, More broadly, any data stored in the vault may be secured by the wrap and accessible only by the executable controller in cooperation with a sister of the executable controller and/or authentication driver, thereby securing the data from, for example, viruses or trojans which would be blocked from reading the wrapped data or writing malicious code into the wrapped data.] or a combination thereof. 
	It would have been obvious to one of ordinary skill in the art before the effective filing date of applicant’s claimed invention to combine the teachings of Lee as modified and Odom in order for the network node that receives one or more encrypted client device contexts in network access requests, that is used for determination of network access/communication of Lee as modified to include digital rights management functionality/management of Odom. This would allow for the network node to augment its determination of the access request, by defining specific/tailored access rights to the network, where the encrypted client device contexts of network access request must be registeredt before access is granted. See paragraph: 0004 of Odom. 

As per claim 3. Lee as modified does teach the method of claim 1 further comprising implementing a data at rest encryption scheme within the secure vault [Odom, paragraph: 0081, lines 25 – 28, Similarly, the data in the vault may be secured from unauthorized reading by encrypting the data using an encryption key that is generated by a combination of user input and authentication server input.].

As per system claim 11 that includes the same or similar claim limitations as method claim 2, and is similarly rejected. 

As per apparatus claim 12 that includes the same or similar claim limitations as method claim 3, and is similarly rejected. 



Claim[s] 4, 13 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. [US PGPUB # 2017/0013453] in view of Bogushefsky, III et al. [US PAT # 10521223] and Little et al. [US PAT # 9210156] as applied to claim[s] 1 above, and further in view of Xue et al. [US PAT # 10970607]
As per claim 4.  Lee and Bogushefsky and Little do teach what is taught in the rejection of claim 1 above. 
	Lee and Bogushefsky and Little do not teach clearly the method of claim 1 wherein the code is encrypted using white noise encryption.
	However, Xue does teach the method of claim 1 wherein the code is encrypted using white noise encryption [col. 3, lines 28 – 31].
	It would have been obvious to one of ordinary skill in the art before the effective filing date of applicant’s claimed invention to combine the teachings of Lee as modified and Xue in order for the network node that receives one or more encrypted client device contexts in network access request, that is used for determination of network access/communication of Lee as modified to include encrypting the client device contexts with Gaussian white noise of Xue. This would allow for the client device contexts to be encrypted according to the phase and frequency modulation attributes of the access network requested. See col. 4, lines 18 – 24 of Xue. 

As per system claim 13 that includes the same or similar claim limitations as method claim 4, and is similarly rejected. 


Claim[s] 5, 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. [US PGPUB # 2017/0013453] in view of Bogushefsky, III et al. [US PAT # 10521223] and Little et al. [US PAT # 9210156] as applied to claim[s] 1 above, and further in view of Kumar [US PGPUB # 20170272419]
As per claim 5. Lee and Bogushefsky and Little do teach what is taught in the rejection of claim 1 above. 
	Lee and Bogushefsky and Little do not teach clearly the method of claim 1 wherein the code is signed.
	However, Kumar does teach the method of claim 1 wherein the code is signed [paragraph: 0013, lines 11 – 14, The interface program code is at least secure because it has been digitally signed by the intermediary].
	It would have been obvious to one of ordinary skill in the art before the effective filing date of applicant’s claimed invention to combine the teachings of Lee as modified and Kumar in order for the network node that receives one or more encrypted client device contexts in network access requests, that is used for determination of network access/communication of Lee as modified to include dynamic encrypting schemes of Kumar. This would allow for the client device context to be encrypted with the appropriate encryption scheme in a dynamic manner that complies with the receiving client device encryption capabilities of the network. See paragraph: 0012 of Kumar. 

As per system claim 14 that includes the same or similar claim limitations as method claim 5, and is similarly rejected. 


Claim[s] 7, 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. [US PGPUB # 2017/0013453] in view of Bogushefsky, III et al. [US PAT # 10521223] and Little et al. [US PAT # 9210156] as applied to claim[s] 1 above, and further in view of Harriman et al. [US PGPUB # 2019/0281025]

As per claim 7. Lee and Bogushefsky and Little do teach what is taught in the rejection of claim 1 above. 
	Lee and Bogushefsky and Little do not teach clearly the method of claim 1 wherein the one or more building block modules communicate using encrypted communications.
	However, Harriman does teach the method of claim 1 wherein the one or more building block modules communicate using encrypted communications [paragraph: 0182, lines 1 – 8, Example 35 is at least one non-transitory machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to set up a protected link between a first computing device and a second computing device, wherein communication over the protected link is to comply with a communication protocol that allows packets to be reordered during transit].
	It would have been obvious to one of ordinary skill in the art before the effective filing date of applicant’s claimed invention to combine the teachings of Lee as modified and Harriman in order for the network node that receives one or more encrypted client device contexts in network access requests, that is used for determination of network access/communication of Lee as modified to include cryptographic protection schemes of Harriman. This would allow for the client device context to be protected with the appropriate cryptographic scheme in a dynamic manner that complies with the network. See paragraph: 0051, lines 1 – 4 of Harriman.

As per system claim 16 that includes the same or similar claim limitations as method claim 7, and is similarly rejected. 



Claim[s] 8, 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. [US PGPUB # 2017/0013453] in view of Bogushefsky, III et al. [US PAT # 10521223] and Little et al. [US PAT # 9210156] as applied to claim[s] 1 above, and further in view of Linga et al. [US PGPUB # 2016/0283406]
As per claim 8. Lee and Bogushefsky and Little do teach what is taught in the rejection of claim 1 above. 
	Lee and Bogushefsky and Little do not teach clearly the method of claim 1 further comprising wrapping the one or more building block modules are each wrapped in one or more application programming interfaces.
	However, Linga does teach the method of claim 1 further comprising wrapping the one or more building block modules are each wrapped in one or more application programming interfaces [paragraph: 0041, lines 5 – 7, A security application layer can be attached to an application programming interface [API] and the resultant data is automatically encrypted [i.e. applicants wrapped].].
	It would have been obvious to one of ordinary skill in the art before the effective filing date of applicant’s claimed invention to combine the teachings of Lee as modified and Linga in order for the network node that receives one or more encrypted client device contexts in network access requests, that is used for determination of network access/communication of Lee as modified to include defining encryption policies for data encryption methods of Linga. This would allow for the client device context to be protected with the appropriate encryption scheme based on a policy that complies with encrypting data for transit on a requested network to a client. See paragraph: 0010, of Linga.

As per system claim 17 that includes the same or similar claim limitations as method claim 8, and is similarly rejected. 

Allowable Subject Matter
Claim[s] 19 – 27 contains allowable subject matter, but as allowable subject matter has been indicated, applicant's reply must either comply with all formal requirements or specifically traverse each requirement not complied with.  See 37 CFR 1.111(b) and MPEP § 707.07(a).
***A reason’s for allowance in forth coming in the next subsequent office action. 
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DANT SHAIFER - HARRIMAN whose telephone number is (571)272-7910. The examiner can normally be reached M - F: 9am to 5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on 571- 272- 3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/DANT B SHAIFER HARRIMAN/          Primary Examiner, Art Unit 2434