DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

 This Final Office Action is in response to amendment filed on 05/06/2022.
	Claims 1, 3-4, 8, 10-11, 14 and 16-17 have been amended. Claims 1-20 remain pending in the application. 

Response to Amendment

The amendment filed 05/06/2022 has been entered. Claims 1, 3-4, 8, 10-11, 14 and 16-17 have been amended. Claims 1-20 remain pending in the application.
Applicant’s amendments to the claims have overcome the objections previously set forth in the Non-Final Office Action mailed on 02/08/2022. The objection has been withdrawn in view of the amended Claims.






Response to Arguments


Regarding Applicant’s arguments, on page 9-14 of the remark filed on 04/25/2022, on limitations of independent Claims 1: processing device configured to execute;”, arguments are not persuasive.
Applicant argues on page 9 paragraph 3, page 10 and page 11 paragraphs 1-3 18 paragraphs 4-5 of the remarks filed on 05/06/2022 that the cited 112f claim interpretation is traversed on the basis that the limitation processing device has sufficient definite meaning and does not fail the three prong analysis. Applicant’s interpretation of the reference has been noted; however, examiner respectfully disagrees. Applicant argues on page 11 that the limitation is modified by sufficient structure however the recited claim limitation processing device does not present or indicate in the claim that the processing device includes any type of structure ort hardware to avoid failing the 3rd prong of the 112f three-prong analysis. Examiner asserts that this is not a rejection rather than an indicator and suggestion that the phraseology of the limitation processing device should present in the claims some indication of structure. The specification includes sufficient structure for interpreting the limitation under 112f and therefore the claim interpretation is maintained. 



Regarding Applicant’s arguments, on page 9-14 of the remark filed on 04/25/2022, on limitations of independent Claim 1: wherein the key exchange process generates a symmetric cryptographic key for use in secure networked communications;
 “determine that the second series of ports are seed values for key generation”, arguments are not persuasive.
Applicant argues on pages 12-13 of the remarks filed on 05/06/2022 that the cited references fail to expressly or inherently disclose or make obvious the amended features incorporate the key exchange process generates a symmetric cryptographic key for use in secure networked communications and determine that the second series of ports are seed values for key generation. Applicant’s interpretation of the reference has been noted; however, examiner respectfully disagrees. Maddock does not teach the claimed limitation but Clark teaches in Par. (0259) the generation of symmetric or one time/single-use keys for secure protection in transmission of network packets. Clark discloses on Par. (0059) and (0263) the use of these single-use keys that are obtained, derived and created for network communication. Barnes also teaches the claimed limitation of a second series of ports that are seed values used in key generation, this is shown in Claim 2 as well as Col. 2 lines 15-35 and 45-67 describing a unique key based on random numbers being generated corresponding to the ports, Barnes also teaches the inventive concept with port tapping and the use of this key or login password that is created representing the second series or sequence of ports. Barnes also ties in the based on determining the termination of the key exchange by disclosing on Col. 45-67 the matching of the key/password and being unable to connect before a retry is performed with new login password/keys. Therefore the rejection is maintained. 

However Regarding Applicant’s arguments, on page 9-14 of the remark filed on 05/06/2022, on limitations of independent Claims 1, 8 and 14: “based on determining that the transmitting computing device is terminating the key exchange process,”, arguments are persuasive.
Therefore, the 35 U.S.C. 103 rejection over  Maddock et al. ("Port Knocking: An Overview of Concepts, Issues and Implementations") and Barnes et al. (U.S  No. 8495710) in further view of Clark et al. (U.S Pub. No. 20190109821), has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made under 35 U.S.C. § 103 in view of the following prior art: Lee et al. (U.S Pub. No. 20200366479) in conjunction with Maddock et al. ("Port Knocking: An Overview of Concepts, Issues and Implementations"), Barnes et al. (U.S  No. 8495710) and Clark et al. (U.S Pub. No. 20190109821). Please refer to the 35 U.S.C. 103 section below for a detailed explanation.
	For the reasons stated above and the new ground(s) of rejection under 35 U.S.C. 103 below, Examiner respectfully disagrees with Applicant’s argument, see Applicant’s Remarks Page 9-14, regarding allowance of the application. Examiner asserts that claims 1-20 are rejected for the reasons stated above in conjunction with the new ground(s) of rejection under 35 U.S.C. 103 below.
	Conclusion: Maddock –Barnes- Clark- Lee teaches the aforementioned limitations of independent claims 1, 8 and 14 rendering the claim limitations obvious before the effective date of the claimed invention.



Claim Interpretation

The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.

This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) is/are:
“processing device is configured to execute”, in Claim 1 line 6  (see MPEP 2181 I A)

Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof. 
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

The following is the examiner’s interpretation and suggestions for portions of the claims:
It should be noted that independent claim 1 refers to “processing device is configured to execute”. It becomes difficult as an Examiner to clearly understand the definition and meaning of these limitations as the phrase “processing device” is a generic placeholder and term. The Specification state on Par. (0032) “The computing system may include a processor, a non-transitory storage medium, a communications device, and a display. The computing system may be configured to support user logins and inputs from any combination of similar or disparate devices. Accordingly, the computing system may be a portable electronic device such as a smartphone, tablet, single board computer, smart device, or laptop. In other embodiments, the computing system may be a stationary unit such as a personal desktop computer, networked terminal, IoT device, or the like,”. Therefore, the specification includes sufficient structure for the "processing device”. 



Claim Rejections - 35 USC § 103


In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.



Claims 1, 6, 8, 13-14 and 19, is/are rejected under 35 U.S.C. 103 as being unpatentable over  Maddock et al. ("Port Knocking: An Overview of Concepts, Issues and Implementations", hereinafter referred to as “Maddock"), Barnes et al. (U.S  No. 8495710, hereinafter referred to as "Barnes"), and Clark et al. (U.S Pub. No. 20190109821, hereinafter referred to as “Clark”) in further view of Lee et al. (U.S Pub. No. 20200366479, hereinafter referred to as “Lee”)


Regarding Independent Claim 1 (Currently Amended), Maddock teaches receive, from a transmitting computing device, a first sequence of network packets on a first series of network ports; (Page 3 Par. 1 “Client A simply sends packets to Host B ports 500, 506, 515, 515, 502, 501, 518 and 500 respectively. For the purpose of this example (and most simple port knocking implementations) Host B must be logging every attempt to access any port in the port range 500-526 through its firewall rules. A simple script which is monitoring the firewall log on Host B notes a packet arriving aimed at port 500 from Client A and then watches for further attempted connections from Client A in the relevant port range. After port 500 it should detect 506, 515, 515, 502, 501, 518 and 500. T”; transmitting computing device (Client A) a first sequence of network packets (sends packets) on a first series of network ports (ports 500, 506, 515, 502, 501, 518))
receive, from the transmitting computing device, a second sequence of network packets on a second series of network ports; (Page 3 last two paragraphs and Page 4 Par. 1-2 “Suppose a user has a server at home which is essentially used ‘standalone’ and is normally only accessed via the console. In this scenario there may be little need for services to be run allowing remote access. If a user wishes to have the ability to login occasionally from a remote location (say their place of work), it is possible to configure the server to respond to a port-knocking sequence [..] For example ports 500, 498, 500, 502 and 560 must be pinged (with ICMP packets) in sequence to activate the listening script on the host. Again, a script runs in the background monitoring the logs for attempts to access these closed ports. Once it detects a particular IP address attempting to access these ports in sequence (within say 10 seconds) it is configured to enable ssh on port 22 for 3 minutes. So the user at work can ping their remote host with this combination of pings/knocks 500, 498,500,502,560 and then has 3 minutes to connect to ssh:22 on the remote host. After 3 minutes the ssh service is disabled again,”; receive from the transmitting computing device (user/client to host) a second sequence of network packets (ICMP packets in sequence) on a second series of ports (ports 500, 498, 500, 502 and 560 corresponding to user attempting remote access))
receive, from the transmitting computing device, a third sequence of network packets on a third series of ports; (Page 9 Par. 2-3 “for SYN packets to be sent to particular ports in order. The sequence resets if a port outside the sequence receives a packet or if a packet arrives from a different client. [..] it allows different kinds of packets to be sent, it its default configuration the third packet contains an encrypted command in the payload to execute such as a change to the firewall”; third sequence of network packets on a third series of ports (SYN packets to be sent to ports in order [..] different kinds of packets to be sent [..] third packet))
by inputting the second sequence of network packets ((Page 3 last two paragraphs and Page 4 Par. 1-2 “Suppose a user has a server at home which is essentially used ‘standalone’ and is normally only accessed via the console. In this scenario there may be little need for services to be run allowing remote access. If a user wishes to have the ability to login occasionally from a remote location (say their place of work), it is possible to configure the server to respond to a port-knocking sequence [..] For example ports 500, 498, 500, 502 and 560 must be pinged (with ICMP packets) in sequence to activate the listening script on the host. Again, a script runs in the background monitoring the logs for attempts to access these closed ports. Once it detects a particular IP address attempting to access these ports in sequence (within say 10 seconds) it is configured to enable ssh on port 22 for 3 minutes. So the user at work can ping their remote host with this combination of pings/knocks 500, 498,500,502,560 and then has 3 minutes to connect to ssh:22 on the remote host. After 3 minutes the ssh service is disabled again,”; receive from the transmitting computing device (user/client to host) a second sequence of network packets (ICMP packets in sequence) on a second series of ports (ports 500, 498, 500, 502 and 560 corresponding to user attempting remote access))
However Maddock does not explicitly teach a system for exchanging symmetric cryptographic keys using network port knocking, the system comprising: a memory device with computer-readable program code stored thereon; a communication device; and a processing device operatively coupled to the memory device and the communication device, wherein the processing device is configured to execute the computer-readable program code to: determine, from the first sequence of network packets, that the transmitting computing device is initiating a key exchange process, wherein the key exchange process generates a symmetric cryptographic key for use in secure networked communications;  determine, based on the third sequence of network packets, that the transmitting computing device is terminating the key exchange process, based on determining that the transmitting computing device is terminating the key exchange process, determine that the second series of ports are seed values for key generation;; and generate a symmetric cryptographic key …….. as seed values into a key generation algorithm.
Wherein Barnes teaches a system for exchanging symmetric cryptographic keys using network port knocking, the system comprising: (Col. 2 lines 15-60 “personal identification number (PIN), and generates a unique pseudo-random number key that changes periodically and is time-synched to an available server such as a perimeter device 14. The unique key comprises a onetime login password 12A. The password 12A is entered into a client application 13 and a predefined Client ID 12B is also entered into the client application 13. [..] the combination of password 12A and Client ID 12B to a set of port numbers 14. The client application 13 then "taps" the port numbers into each port of the server 14. A matching function of the server 14 determines if the port numbers match a known sequence based on a predefined algorithm and time that is known to both the client and the server [..] The client password sequence is entered into the client application. Block 23: The client application connects to a known port (e.g., port 12345) of a server port as a mechanism to prevent multiple client applications connecting at once (other methods may be utilized to enable multiple use). If unable to connect, then a retry is attempted in, e.g., x milliseconds. Block 24: Upon connection to the port, the client application identifies itself to the server by tapping the server ports,”; exchanging symmetric cryptographic keys (keys with one-time password) using network port knocking (tapping the port numbers))
a memory device with computer-readable program code stored thereon; (Figure 4 label 106; memory 106)
 	a communication device; and (Figure 4 labels 130, 118; communication device 130 with communication interface)
a processing device operatively coupled to the memory device and the communication device, wherein the processing device is configured to execute the computer-readable program code to: (Col. 4 lines 21-50 and Col. 5 lines 8-15“or other communication mechanism for communicating information, [..] a processor (CPU) 104 coupled with the bus 102 for processing information. The server 130 also includes a main memory 106, such as a random access memory (RAM) or other dynamic storage device, coupled to the bus 102 for storing information and instructions to be executed by the processor 104. The main memory 106 also may be used for storing temporary variables or other intermediate information during execution or instructions to be executed by the processor 104 [..] "computer program medium," "computer usable medium," "computer readable medium", and "computer program product," are used to generally refer to media such as main memory, secondary memory, removable storage drive, a hard disk installed in hard disk drive, and signals. These computer program products are means for providing computer usable program code such as software to the computer system”; processor associated with memory and communication device configured to execute code))
determine, from the first sequence of network packets, that the transmitting computing device is initiating a key exchange process;  (Figure 4 labels 1101, 1102, 1103, 7777,; first sequence of packets 1101 corresponding with port 7777)), (Col. 1 lines 19-35 “a client generating a sequence for tapping server ports. The client identifies itself to the server by tapping the server ports based on the sequence. [..] verifies if the tapping sequence is correct, and allows access from the client to the server if the tapping sequence is correct.”; first sequence of network packets (sequence for tapping server ports)), (Col. 5 lines 10-25 “to read data, instructions, messages or message packets,”; sequence of network packets (packets/messages that are read))
(Col. 2 lines 15-40 “The password 12A is entered into a client application 13 and a predefined Client ID 12B is also entered into the client application 13 [..] the server 14 determines if the port numbers match a known sequence based on a predefined algorithm and time that is known to both the client and the server. If matches are found, then a port access control function of the server 14 allows the client application 13 access”; determine (server 14 determines) initiating a key exchange process (password is entered and if match is found)), (Col. 2 lines 45-67 and Col. 3 lines1-10 “The client password sequence is entered into the client application. Block 23: The client application connects to a known port (e.g., port 12345) of a server port as a mechanism to prevent multiple client applications connecting at once (other methods may be utilized to enable multiple use). If unable to connect, then a retry is attempted in, e.g., x milliseconds. Block 24: Upon connection to the port, the client application identifies itself to the server by tapping the server ports, first using a representation of the Client ID. Block 25: The client application then "taps" the server ports, using a representation of the client password (e.g., a combination unlock sequence). [..]  a valid Client ID and client password. Block 27: The server application then verifies if a correct tapping sequence has been entered (e.g., verifies if the tapping sequence matched an expected tapping sequence). In one example, the server application detects if the client application "taps" match the client password sequence. If a correct combination of Client ID and password has been entered,”; computing device is initiating a key exchange (password is entered [..] identifies itself to server [..] verifies if a correct tapping sequence has been entered))
determine that the second series of ports are seed values for key generation (Claim 2: “generating a second sequence of port numbers to tap each port in a specific order based on a generated unique key comprising a second combination of port numbers based on the client password.”; second series of ports are seed values for key generation ( generating key corresponding to second sequence of ports)), (Col. 2 lines 15-35 “A port tapping sequence is randomly generated using an identification generator 11. The identification generator 11 takes as input user identification or personal identification number (PIN), and generates a unique pseudo-random number key that changes periodically and is time-synched to an available server such as a perimeter device 14. The unique key comprises a onetime login password 12A.”; ports are seed values for key generation (generation unique key as a random number value corresponding to ports)), (Col. 2 lines 45-67 “The client password sequence is entered into the client application. Block 23: The client application connects to a known port (e.g., port 12345) of a server port as a mechanism to prevent multiple client applications connecting at once (other methods may be utilized to enable multiple use). If unable to connect, then a retry is attempted in, e.g., x milliseconds. Block 24: Upon connection to the port, the client application identifies itself to the server by tapping the server ports, first using a representation of the Client ID. Block 25: The client application then "taps" the server ports, using a representation of the client password (e.g., a combination unlock sequence)”; second series of ports are seed values (password with unique key corresponding to known ports); terminating the key exchange process (if unable to connect)))
generate a ……. cryptographic key …….. as seed values into a key generation algorithm. (Col. 2 lines 15-40 “is randomly generated using an identification generator 11. The identification generator 11 takes as input user identification or personal identification number (PIN), and generates a unique pseudo-random number key that changes periodically and is time-synched to an available server such as a perimeter device 14. The unique key comprises a onetime login password [..] based on a predefined algorithm and time that is known to both the client and the server”; generate a cryptographic key (generates a unique pseudo random key [..] unique key comprises a onetime login password) as a seed values (random number key) into a key generation algorithm (generator inputs user identification or personal identification to generate key [..] based on an algorithm))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Barnes within the teachings of Maddock to include exchanging symmetric cryptographic keys using network port knocking, with a memory device, computer readable code, communication device, processing device, determining the initiating of a key exchange, generating a symmetric cryptographic key as a seed into the key generation algorithm and determine that the second series of ports are seed values for key generation because of the analogous concept of port knocking or port tapping and the exchange of one-time use keys and/or passwords for secure network connection. Barnes includes a process of determining based on the sequence of packets that the initiation or start of a key exchange process has begun. This is important because it allows the user to first listen to network packets and specific ports and in response identifying the rightful entity that is initiating the exchange process. This proves important in government, medical or financial institutions that are exchanging confidential information through a network and want to make certain that the entity in the key exchange is trusted and is through the right network. This proves useful in the exchange of passwords, token and keys and being able to detect the start of a key exchange. Barnes further describe the creation or generation of the symmetric cryptographic key as a seed value or random value when generated. This is significant because it allows the password, key or token to be created in a way that is unpredictable and to discourage attackers attempting to gain access to the network channel. By creating a one-time use key that is a seed or random value it provides to the user a key exchange and transmission of personal/classified information through a secure communication channel of a network without concerns of compromise or unauthorized listening/alteration. 
However Maddock and Barnes do not explicitly teach wherein the key exchange process generates a symmetric cryptographic key for use in secure networked communications, a symmetric cryptographic key, determine, based on the third sequence of network packets, that the transmitting computing device is terminating the key exchange process; and based on determining that the transmitting computing device is terminating the key exchange process
Wherein Clark teaches a symmetric cryptographic key (Par. (0763) “the first network security software and the second network security software may each execute a key exchange algorithm to generate a symmetric encryption key for encryption of metadata and optionally for encryption of payload data present in network packets transmitted through the negotiated encrypted communication pathway. In certain embodiments, for example, rather than negotiating an encrypted communication pathway”; symmetric key)
wherein the key exchange process generates a symmetric cryptographic key for use in secure networked communications; (Par. (0259) “at least a portion of the network packet (for example the payload, a portion of the payload, or a metadata portion of the payload) may be encrypted using a symmetric key algorithm (for example a symmetric key algorithm such as an Advanced Encryption Standard (AES) algorithm (for example 256-bit AES). In certain further embodiments, for example, the symmetric key may be obtained by executing a key exchange algorithm (for example Elliptic-Curve Diffie-Hellman (ECDH) key exchange). In certain further embodiments, for example, the symmetric key may be a single-use key”; symmetric cryptographic key for secure networked communication (network packet corresponding to symmetric key or single-use key)), (Par. (0059) “In certain embodiments, for example, the single-use cryptographic key may be rotated to obtain a further cryptographic key for use I”; generates a symmetric cryptographic key (obtain a further cryptographic key)), (Par. (0263) “a second cryptographic key that is different from the first cryptographic key) derived from the executing the key exchange algorithm.”; generates a symmetric cryptographic key (deriving a second cryptographic key))
determine, based on the third sequence of network packets, that the transmitting computing device is terminating the key exchange process; and (Par. (0508-0509 “a first network packet from a first user-application, the first network packet comprising a destination port number and a payload. In certain embodiments, for example, the method may comprise forming a second network packet comprising the payload, the second network packet not comprising the destination port number. In certain embodiments, for example, the method may comprise transmitting the second network packet via a machine-to-machine network. In certain embodiments, for example, the method may comprise processing the transmitted second network packet to form a third packet comprising the destination port number and the payload. In certain embodiments, for example, the method may comprise transmitting the payload to a second user-application, the second user-application having a destination port assigned thereto, the destination port number assigned to the destination port [..] a first network packet from a first user-application, the first network packet comprising a destination port number and a payload; ii) forming a second network packet comprising the payload, the second network packet not comprising the destination port number; iii) transmitting the second network packet via a machine-to-machine network; and iv) processing the transmitted second network packet to form a third packet comprising the destination port number and the payload”; based on a third sequence of network packets (first second and third packet transmitted)), (Par. (0009) “each of a series of network packet communications of application data between the first port and the second port may comprise: transmission of a network packet to a third port, the third port assigned to network security software resident on the second computing device [..] the each of the series of network packet communications may be encrypted by one of a series of rotating single-use encryption keys. In certain embodiments, for example, all communications of application data between the first port and the second port may comprise the series of network packet communications.”; based on a third sequence of network packets (each of a series of network packet communications corresponding to a third port is associated with single-use encryption keys)), (Par. (0762-0763) “the first network security software may terminate all connections (for example inclusive of network tunnels) with the blacklisted node, processor, or computing device. [..] he first network security software and the second network security software may negotiate an encrypted communication pathway (for example an encrypted network tunnel) according to an agreed-to cipher suite, the negotiating based at least on a first private key present in the first preconfigured list [..] the first network security software and the second network security software may each execute a key exchange algorithm to generate a symmetric encryption key for encryption of metadata and optionally for encryption of payload data present in network packets transmitted through the negotiated encrypted communication pathway.”; terminating the key exchange (termination associated with the key exchange of network packets transmitted)/encryption communication pathway))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Clark within the teachings of Maddock and Barnes to include a symmetric key terminating the key exchange process once determining based on the third sequence of network packets because of the analogous concept of network packets being transmitted in a secure channel based on the exchange of cryptographic keys. Clark includes a process in which the terminating of the key exchange is done based on a determination of the third sequence of network packets. This is significant because it further enhances the network communication process by detecting possible vulnerability, forgery or susceptibility of the channel based on a third iteration of network packets being transmitted. This allows the user to be alert even after the first and second sequence of packets are transmitted and provides a failsafe to protect future network packets from being easily modified to unauthorized parties. By terminating the key exchange it prevents attackers from confiscating or intercepting keys, passwords and token that could lead to exposure of confidential documents in government agencies, financial brokerages and more. This in return maintains the integrity of the system as a whole to assure the user that at the slightest detection of possible harm the keys in the change would be removed and wouldn’t allow the likelihood or chance or keys being re-used.
However Maddock, Barnes and Clark do not explicitly teach based on determining that the transmitting computing device is terminating the key exchange process
Wherein Lee teaches based on determining that the transmitting computing device is terminating the key exchange process ((Par. (0089) “the critical cluster performs the termination step. In the termination step, [..] the current key stored in the register are each transferred to the EEPROM and used in the next cycle. [..] all nodes in the critical cluster generate a new key by the method of Equation 4, send to the bus and stand by for a preset time t. An arbitrary node e.sub.n in the critical cluster receives n−1 newly generated keys received from a different node via the bus within the preset time t, and checks if the keys match the key newly generated by the node e.sub.n”; terminating the key exchange (termination step corresponding to transferring of key)), (Par. (0075) “a key and k encrypted messages stored in the EEPROM are transferred to the register. The data stored in the EEPROM is a value in which a key and k encrypted messages stored in the register in Cycle.sub.(n−1) are transferred to the EEPROM”; ketexhcnage process (keys transferred), (Par. (0034) “messages sent by unauthenticated nodes, and these studies focus on authentication based on a symmetric key to reduce overheads in message authentication. The symmetric key based studies may be classified into studies using a fixed symmetric key and studies involving dynamic generation of a symmetric key”; symmetric keys), (Par. (0037) “dynamically generating a key in the network within system, and there is an introduction to Symmetric Session Encryption Key Exchange using a session key among symmetric key”; symmetric keys)), (Par. (0035) “The fixed symmetric key based [..] to replay attacks in which a message is intercepted in a network and re-transmitted. To overcome these limitations, there are improvements to allow nodes to generate a dynamically generated key and share the key or a seed value for key generation via a network. However, these approaches are vulnerable to spoofing attacks in which information is stolen through network surveillance due to the exposure of the key or the seed value for key generation to the network.”; symmetric key corresponding to network communication))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Lee within the teachings of Maddock, Barnes and Clark to include based on determining that the transmitting computing device is terminating the key exchange process because of the analogous concept of secure communication through key exchanges associated with network ports and packet transmissions. Lee includes a process of determining that the transmitting computing device is terminating the key exchange process. This is important because it adds an additional layer of secure protections as the difficulty to predict or forge access would become discouraging to attackers because of the single use keys and the ability to terminate the key exchange and generated new keys. This adds a layer of unpredictability as well as a way for the system to accurately determine the starts and end times of the sequence of packets associated with the network communication because of the new keys generated. 


Regarding Dependent Claim 6 (Original), the combination of Maddock, Barnes, Clark and Lee teach the system of claim 1, Maddock further teaches The system according to claim 1, wherein the first sequence of network packets comprises Transmission Control Protocol ("TCP") synchronize ("SYN") packets. (Page 9: “for SYN packets to be sent to particular ports in order. The sequence resets if a port outside the sequence receives a packet or if a packet arrives from a different client.”; packets corresponding to SYN packets in sequence))


Regarding Independent Claims 8 and 14 (Currently Amended), independent claims 8 is a computer program product claim and independent claim 14 is a computer-implemented method claim that recite similar limitations to the system of claim 1 and the teachings of Maddock, Barnes, Clark and Lee address all the limitations discussed in independent claim 1 and are thereby rejected under the same grounds. 

Regarding Dependent Claims 13 and 19 (Original), claims 13 and 19 recite similar limitations to dependent claim 6 and the teachings of Maddock, Barnes, Clark and Lee address all the limitations discussed in dependent claim 6 and are thereby rejected under the same grounds. 


Claims 2-3, 9-10 and 15-16, is/are rejected under 35 U.S.C. 103 as being unpatentable over  Maddock et al. ("Port Knocking: An Overview of Concepts, Issues and Implementations", hereinafter referred to as “Maddock"), Barnes et al. (U.S  No. 8495710, hereinafter referred to as "Barnes"), Clark et al. (U.S Pub. No. 20190109821, hereinafter referred to as “Clark”) and Lee et al. (U.S Pub. No. 20200366479, hereinafter referred to as “Lee”)  in further view of Mohassel et al. (U.S Pub. No. 20210243026, hereinafter referred to as “Mohassel”)


Regarding Dependent Claim 2 (Original), Maddock does not teach the system according to claim 1, wherein the computer-readable program code further causes the processing device to initiate an error checking process for the symmetric cryptographic key, the error checking process comprising: inputting the symmetric cryptographic key into a hash algorithm to generate a system key hash output; receiving a portion of a transmitting key hash output from the transmitting computing device; and comparing the portion of the transmitting key hash output with a portion of the system key hash output.
Wherein Barnes teaches the system according to claim 1, wherein the computer-readable program code further causes the processing device to initiate an error checking process for the symmetric cryptographic key, the error checking process comprising: (Figure 2 labels 26, 27; initiate an error checking process for the symmetric cryptographic key (verifies if the taps match the client password)), (Col. 3 lines 5-20 “verifies if a correct tapping sequence has been entered (e.g., verifies if the tapping sequence matched an expected tapping sequence). In one example, the server application detects if the client application "taps" match the client password sequence. If a correct combination of Client ID and password has been entered, then a protocol is established to allow the client to access the server. Block 28: If a match is achieved”; initiate an error checking process (verifies [..] password has been entered [..] if a match))
 	inputting the symmetric cryptographic key into a hash algorithm to generate a system key hash output; (Figure 1 labels 12A “Hashed”, “Hashing Function”;, unique key with password 12A inputted into hash algorithm (hashing function) to generate key hash output (hashed password 987654))), (Col. 2 lines 31-40 “A hashing function of the client application 13 converts the combination of password 12A”; inputting the symmetric “; inputting the symmetric key into a hash algorithm (hashing function converts password))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Barnes within the teachings of Maddock to include to initiate an error checking process for the symmetric cryptographic key, the error checking process and inputting the symmetric cryptographic key into a hash algorithm to generate a system key hash output because of the analogous concept of port knocking or port tapping and the exchange of one-time use keys and/or passwords for secure network connection. Barnes includes a process of initiating an error checking process for the symmetric cryptographic key and inputting the symmetric cryptographic key into a hash algorithm to generate a system key hash output. This is important because it allows the user to first listen to network packets and specific ports and in response identifying the rightful entity that is initiating the exchange process. This proves important in government, medical or financial institutions that are exchanging confidential information through a network and want to make certain that the entity in the key exchange is trusted and is through the right network. This proves useful in the exchange of passwords, token and keys and being able to detect the start of a key exchange. Barnes further describe the creation or generation of the symmetric cryptographic key as a seed value or random value when generated. This is significant because it allows the password, key or token to be created in a way that is unpredictable and to discourage attackers attempting to gain access to the network channel. By creating a one-time use key that is a seed or random value it provides to the user a key exchange and transmission of personal/classified information through a secure communication channel of a network without concerns of compromise or unauthorized listening/alteration. 
However Maddock, Barnes, Clark and Lee do not explicitly teach receiving a portion of a transmitting key hash output from the transmitting computing device; and comparing the portion of the transmitting key hash output with a portion of the system key hash output.
Wherein Mohassel teaches receiving a portion of a transmitting key hash output from the transmitting computing device; and (Par. (0127-0130) “sending this unique hashed password (h) to each of the available servers, the client 301 may create a blinded hash of the password with randomness that only the client knows. The blinded hash may be sent each of the servers [..] the hashed password (h), which acts as the master secret key. [..] he client 301 may also generate a hash portion for each server by applying the server's corresponding secret share to the blinded hash. The client 301 may send that hash portion within the message or in a separate communication. Each hash portion may be referred to as h.sub.i, where h.sub.i=H′(h, i) to server i, and H′ is assumed to be a random oracle. In the figure, three servers are shown, so client 301 provides three hash portions, h.sub.1, h.sub.2, and h.sub.3 to the respective servers.”; receiving a portion of a transmitting key hash output (client sends hash portion associated with key/password to server)), (Par. (0131) “each ID server may store the record or information it receives, such as [..] the corresponding hash portion (e.g., from client 301) which is also saved based on the user identifier.”; receives a portion of a transmitting key hash from the transmitting computing device ( server receives the hash portion from client))
comparing the portion of the transmitting key hash output with a portion of the system key hash output. (Par. (0010) “A token share encrypted with hash portion can be decrypted by the client using a newly generated hash portion when it matches the hash portions saved at the servers, which would be the case when the initial user credential matches the newly received user credential.”; comparing the portions of transmitting key hash with a portion of the system key hash (hash portion when it matches the hash portion saved))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Mohassel within the teachings of Maddock, Barnes, Clark and Lee to include receiving a portion of a transmitting key hash output and comparing the portion of the transmitting key hash output with a portion of the system key hash output because of the analogous concept of key exchanges to establish a secure channel of communication. Mohassel includes a process in which a portion of a key hash output is received and compared with another portion of a key hash output. This is important because it provides an extra layer of secure protection without exposing the keys in exchange. By only receiving a portion of the hash output attackers attempting to forge identities or compromise access based on the keys, passwords, tokens etc. are discouraged because of only the portion used in transmission making it hard to recreate the key itself. By then comparing the hash output portions users can identify and detect early on the valid and authorized user from those with illegitimate access based on the comparison of a previous portion. This maintains the integrity of the system as whole by being able to match entities and establish trust in the network communication process. This serves important for verifying users in federal, medical or financial institution from issues of building access to the exchange of confidential documents and wanting verify authorized entities because information is transferred. 


Regarding Dependent Claim 3 (Currently Amended), Maddock does not teach the system according to claim 2, wherein the comparing the portion of the transmitting key hash output with a portion of the system key hash output comprises: detecting a match between the portion of the transmitting key hash output and the portion of the system key hash output; and based on detecting the match, determining that the symmetric cryptographic key has been successfully generated.
Wherein Barnes teaches based on detecting the match, determining that the symmetric cryptographic key has been successfully generated. (Col. 3 lines 44-67 and Col. 4 lines 1-7 “he client application 31 and a password combination sequence is also entered into the client application 31. The client application 31 connects to a predefined well known server port to "lock" out other client applications, wherein only one client application at a time may provide the Client ID and combination sequence to the server 32 via tapping [..] then verifies if the "taps" match an expected client combination lock sequence. If a match is achieved, the server 32 creates a firewall rule 34 and opens a predefined port for the client application 31. The predefined port is then used by the client application 31 to create a communication pipe between the client application 31 and the server 32 [..] If a password is authenticated, then the server creates a firewall rule and opens a predefined port. The function of the firewall rule is to only expose the open port to the client (source Address) which was successfully authenticated.”; based on detecting matching (verifies if the taps match the password combination lock sequence) determining that the symmetric cryptography key has been successfully generated (password corresponding to successfully authentication))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Barnes within the teachings of Maddock for the reasons discussed in dependent claim 2 stated above.
However Maddock, Barnes, Clark and Lee do not explicitly teach the system according to claim 2, wherein the comparing the portion of the transmitting key hash output with a portion of the system key hash output comprises: detecting a match between the portion of the transmitting key hash output and the portion of the system key hash output; and
Wherein Mohassel teaches the system according to claim 2, wherein the comparing the portion of the transmitting key hash output with a portion of the system key hash output comprises: (Par. (0010) “A token share encrypted with hash portion can be decrypted by the client using a newly generated hash portion when it matches the hash portions saved at the servers, which would be the case when the initial user credential matches the newly received user credential.”; comparing the portions of transmitting key hash with a portion of the system key hash (hash portion when it matches the hash portion saved))
detecting a match between the portion of the transmitting key hash output and the portion of the system key hash output; and (Par. (0010) “A token share encrypted with hash portion can be decrypted by the client using a newly generated hash portion when it matches the hash portions saved at the servers, which would be the case when the initial user credential matches the newly received user credential.”; comparing the portions of transmitting key hash with a portion of the system key hash (hash portion when it matches the hash portion saved))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Mohassel within the teachings of Maddock, Barnes, Clark and Lee for the reasons discussed in dependent claim 2 stated above.

Regarding Dependent Claims 9-10 and 15-16, claims 9-10 and 15-16 recite similar limitations to dependent claims 2-3 and the teachings of Maddock, Barnes, Clark, Lee and Mohassel address all the limitations discussed in dependent claims 2-3 and are thereby rejected under the same grounds. 



Claims 4, 11 and 17, is/are rejected under 35 U.S.C. 103 as being unpatentable over  Maddock et al. ("Port Knocking: An Overview of Concepts, Issues and Implementations", hereinafter referred to as “Maddock"), Barnes et al. (U.S  No. 8495710, hereinafter referred to as "Barnes"),  Clark et al. (U.S Pub. No. 20190109821, hereinafter referred to as “Clark”), Lee et al. (U.S Pub. No. 20200366479, hereinafter referred to as “Lee”) and Mohassel et al. (U.S Pub. No. 20210243026, hereinafter referred to as “Mohassel”) in further view of Cheung et al. (U.S Pub. No. 20170286710, hereinafter referred to as “Cheung”)  

	Regarding Dependent Claim 4 (Currently Amended), the combination of Maddock, Barnes, Clark and Lee do not explicitly teach the system according to claim 2, wherein the comparing the portion of the transmitting key hash output with a portion of the system key hash output comprises: detecting a mismatch between the portion of the transmitting key hash output and the portion of the system key hash output; and based on detecting the mismatch, automatically sending to the transmitting computing device a request to restart the key exchange process.
	Wherein Mohassel teaches the system according to claim 2, wherein the comparing the portion of the transmitting key hash output with a portion of the system key hash output comprises: (Par. (0010) “A token share encrypted with hash portion can be decrypted by the client using a newly generated hash portion when it matches the hash portions saved at the servers, which would be the case when the initial user credential matches the newly received user credential.”; comparing the portions of transmitting key hash with a portion of the system key hash (hash portion when it matches the hash portion saved))
detecting a mismatch between the portion of the transmitting key hash output and the portion of the system key hash output; and (Par. (0308) “The crucial step where Hyb.sub.0 and Hyb.sub.1 differ is when the two outputs of PubCombine do not match. While Hyb.sub.0 does not do any test of this kind, Hyb.sub.1 simply outputs ⊥. For these hybrids to be indistinguishable, we need to argue that had the outputs of PubCombine not matched in Hyb.sub.0”; detecting a mismatch (two outputs of portion of key has output Hyb.sub do not match)), (Par. (0054) “it can be seen that [..] the hashed password h are compromised if the ID server 105 is breached. Despite being hashed, client passwords could be recovered using offline dictionary attacks. In a dictionary attack, the attacker can try different passwords and hash them to see whether they match an entry for a particular username”; detect a mismatch between the portion of the transmitting key hash output (hashed password h are compromised)), (Par. (0209) “If for instance, [..] servers 1114 and 1116 have been compromised [..] associated with hash portions h.sub.2 and h.sub.3)”; detecting a mismatch between the portion of transmitting key hash output (compromise corresponding to hash portions h.sub.2 and h.sub.3))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Mohassel within the teachings of Maddock, Barnes, Clark and Lee to include comparing the portion of the transmitting key hash output with a portion of the system key hash output and detecting a mismatch between the portion of the transmitting key hash output and the portion of the system key hash output because of the analogous concept of key exchanges to establish a secure channel of communication. Mohassel includes a process in which a portion of a key hash output is compared with another portion of a key hash output and the determination of a mismatch is identified. This is important because it provides an extra layer of secure protection without exposing the keys in exchange. By only receiving a portion of the hash output attackers attempting to forge identities or compromise access based on the keys, passwords, tokens etc. are discouraged because of only the portion used in transmission making it hard to recreate the key itself. By then comparing the hash output portions users can identify and detect early on the valid and authorized user from those with illegitimate access based on the comparison of a previous portion. This maintains the integrity of the system as whole by being able to match entities and establish trust in the network communication process. This serves important for verifying users in federal, medical or financial institution from issues of building access to the exchange of confidential documents and wanting verify authorized entities because information is transferred. 
However Maddock, Barnes, Clark, Lee and Mohassel do not explicitly teach based on detecting the mismatch, automatically sending to the transmitting computing device a request to restart the key exchange process.
Wherein Cheung teaches based on detecting the mismatch, automatically sending to the transmitting computing device a request to restart the key exchange process. (Par. (0072-0073) “If the client instance detects a mismatch between the second hash [..] the client instance determines a password reset request (operation 472) and removes the PCP credentials from the encrypted data structure of the operating system (operation 474). “; based on detecting the mismatch (detects mismatch between second hash) sending to the transmitting device a request to restart the key exchange process (client associated with request to reset password) 
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Cheung within the teachings of Maddock, Barnes, Clark, Lee and Mohassel to include based on detecting the mismatch, automatically sending to the transmitting computing device a request to restart the key exchange process because of the analogous concept of key exchange to verify the integrity of a communication within a channel. Cheung includes a process in which when a determination that a mismatch of a hash occurs the computing device sends a request to restart the key exchange process. This is important because it provides credibility and confidence to users in the key exchange that once an irregularity, possible harm or compromise occurs the device would automatically sends out a request to reboot, reset and/or restart the key exchange process before further damage is done. This proves vital in login attempts with illegitimate users with wrongful passwords, token and keys. This mechanism of restarting the process not only prevents further damage and harm but discourages attackers or possible malware attacks from continuing to re-use keys, passwords and tokens to gain access because as soon as the mismatch is detected the previous session or exchange is restarted. This in return promotes free flowing exchange on network channels without concerns of compromise.



Regarding Dependent Claims 11 and 17, claims 11 and 17 recite similar limitations to dependent claim 4 and the teachings of Maddock, Barnes, Clark, Lee Mohassel and Cheung address all the limitations discussed in dependent claim 4 and are thereby rejected under the same grounds. 

Claims 5, 12 and 18, is/are rejected under 35 U.S.C. 103 as being unpatentable over  Maddock et al. ("Port Knocking: An Overview of Concepts, Issues and Implementations", hereinafter referred to as “Maddock"), Barnes et al. (U.S  No. 8495710, hereinafter referred to as "Barnes"), Clark et al. (U.S Pub. No. 20190109821, hereinafter referred to as “Clark”) and Lee et al. (U.S Pub. No. 20200366479, hereinafter referred to as “Lee”)  in further view of Lopez et al. (U.S Pub. No. 20140143854, hereinafter referred to as “Lopez”)

	Regarding Dependent Claim 5 (Original), the combination of Maddock does not explicitly teach the system according to claim 1, wherein the computer-readable program code further causes the processing device to automatically change at least one of a network packet type or network ports for initiating the key exchange process.
Wherein Barnes teaches for initiating the key exchange process. ((Col. 2 lines 45-67 and Col. 3 lines1-10 “The client password sequence is entered into the client application. Block 23: The client application connects to a known port (e.g., port 12345) of a server port as a mechanism to prevent multiple client applications connecting at once (other methods may be utilized to enable multiple use). If unable to connect, then a retry is attempted in, e.g., x milliseconds. Block 24: Upon connection to the port, the client application identifies itself to the server by tapping the server ports, first using a representation of the Client ID. Block 25: The client application then "taps" the server ports, using a representation of the client password (e.g., a combination unlock sequence). [..]  a valid Client ID and client password. Block 27: The server application then verifies if a correct tapping sequence has been entered (e.g., verifies if the tapping sequence matched an expected tapping sequence). In one example, the server application detects if the client application "taps" match the client password sequence. If a correct combination of Client ID and password has been entered,”; computing device is initiating a key exchange (password is entered [..] identifies itself to server [..] verifies if a correct tapping sequence has been entered))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Barnes within the teachings of Maddock to include initiating the key exchange process because of the analogous concept of port knocking or port tapping and the exchange of one-time use keys and/or passwords for secure network connection. Barnes includes a process of initiating the key exchange process. This is important because it allows the user to first listen to network packets and specific ports and in response identifying the rightful entity that is initiating the exchange process. This proves important in government, medical or financial institutions that are exchanging confidential information through a network and want to make certain that the entity in the key exchange is trusted and is through the right network. This proves useful in the exchange of passwords, token and keys and being able to detect the start of a key exchange. Barnes further describe the creation or generation of the symmetric cryptographic key as a seed value or random value when generated. This is significant because it allows the password, key or token to be created in a way that is unpredictable and to discourage attackers attempting to gain access to the network channel. By creating a one-time use key that is a seed or random value it provides to the user a key exchange and transmission of personal/classified information through a secure communication channel of a network without concerns of compromise or unauthorized listening/alteration. 
However Maddock, Barnes, Clark and Lee does not clearly teach the system according to claim 1, wherein the computer-readable program code further causes the processing device to automatically change at least one of a network packet type or network ports ……..
Wherein Lopez teaches the system according to claim 1, wherein the computer-readable program code further causes the processing device to automatically change at least one of a network packet type or network ports …….. (Par. (0056) “information associated with the packet and/or packet header, including, [..]  one or more of the packet type, the source or destination port (e.g., TCP port), the source or destination address (e.g., IP address), or arbitrary bits associated with or in the packet and/or the packet header”; header includes packet type or network port (TCP port etc.)), (Par. (0135-0136) “the type of transport packet being carried (e.g. 1=ICMP; 2=IGMP; 6=TCP; 17=UDP). [..] the packet header is modified by a router--Used to detect processing errors introduced into the packet inside a router or bridge where the packet is not protected by a link layer cyclic redundancy check.”; packet header with type of transport packet is modified)), (Par. (0039) “containing the computer programming code may be used by executing the code directly from the machine-readable storage medium or by copying the code from the machine-readable storage medium into another machine-readable storage medium (e.g., a hard disk, RAM, etc.) or by transmitting the code on a network for remote execution [..] or one or more processors within a single computer) and storage systems containing or having network access to computer program(s) coded”; computer readable code causes the processor device (one or more processors))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Lopez within the teachings of Maddock, Barnes, Clark and Lee to include changing at least one of a network packet type or network ports because of the analogous concept of validating network packet transmission to multiple network ports of a system. Lopez includes a process of changing the type of network packet or network port. This is important because by changing the features/ type of a TCP port or UDP type of packet is creates a more flexible and adaptable network that could discourage possible infiltration or harm to the network because of the nature of the changing packet and ports. This makes the packets being transmitted less predictable and more diverse as well as allows the user satisfaction of service from when a TCP type of packet isn’t preferred and the user wants a faster form of packet transmission by using UDP. This in return allows for a more efficient and effective transmission and a more potent and secure communication through channels in the network.

Regarding Dependent Claims 12 and 18, claims 12 and 18 recite similar limitations to dependent claim 5 and the teachings of Maddock, Barnes, Clark, Lee and Lopez address all the limitations discussed in dependent claim 5 and are thereby rejected under the same grounds. 



Claims 7 and 20, is/are rejected under 35 U.S.C. 103 as being unpatentable over  Maddock et al. ("Port Knocking: An Overview of Concepts, Issues and Implementations", hereinafter referred to as “Maddock"), Barnes et al. (U.S  No. 8495710, hereinafter referred to as "Barnes"), Clark et al. (U.S Pub. No. 20190109821, hereinafter referred to as “Clark”), and  Lee et al. (U.S Pub. No. 20200366479, hereinafter referred to as “Lee”)  in further view of Harrer et al. (U.S Pub. No. 20190182231, hereinafter referred to as “Harrer”)


Regarding Dependent Claim 7 (Original), the combination of Maddock, Barnes, Clark and Lee do not explicitly teach the system according to claim 1, wherein the third series of network ports are the first series of network ports.
Wherein Harrer teaches the system according to claim 1, wherein the third series of network ports are the first series of network ports. (Figure 3 labels 162, 176, 178;, first series of network ports (176) and third series of network ports (178)), (Par. (0009) “a series of open ports through the firewalls that separate each zone.”; series of network ports (series of open ports)), (Par. (0049) “The firewall 162 contains a plurality of controllable ports 176, 178. The open ports 176 are indicated by blank squares in the figure and the closed ports 178 are crosshatched.”; first, second and third series of network ports (Two blank square and 1 crosshatched square signifying ports))), (Par. (0052) “access ports of the firewall, number of concurrent access ports which can be used, and number of times an access token T can be used by the service provider.”; third series of network ports are the first series of network ports (number of concurrent access ports))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Harrer within the teachings of Maddock, Barnes, Clark and Lee to include the third series of network ports are the first series of network ports because of the analogous concept of validating network packet transmission on multiple ports for open secure communication. Harrer includes a process in which the third series of network ports is the first series of network ports. This is important because by making the network ports concurrent, identical or equal it creates parity in the network transmission process and allows user to identify the rightful and authorized connections from illegitimate entities attempting to gain access. This creates a strong detection system and provides confidence and credibility to users transmitting confidential or personal information in packets that only the identical or corresponding ports. 



Regarding Dependent Claim 20 (Original), claim 20 recite similar limitations to dependent claim 7 and the teachings of Maddock, Barnes, Clark, Lee and Harrer address all the limitations discussed in dependent claim 7 and are thereby rejected under the same grounds. 



Relevant Prior Art

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.

JAN; Mathieu (U.S Pub. No. 20220029903) “METHOD FOR MEASURING A TRANSMISSION DELAY WITH CONTROL OF DEGREES OF CONTENTION APPLIED TO A DATA FRAME”. Considered this reference because it addressed the use of multiple port numbers in a sequence and the transmission of network packets as well as multiple ports such as the third and fourth series ports being equal or the same

Sloane; Brandon. (U.S Pub. No. 20210351999) “SYSTEM FOR GENERATING AND SIGNING CRYPTOGRAPHICALLY GENERATED ADDRESSES USING COMPUTING NETWORK TRAFFIC”. Considered this application because it relates to the same inventor and concept of network traffic and the transmission of multiple series of packets.

Takatsuka; Susumu (U.S Pub.  No. 20220028302) “SENSOR DEVICE AND ENCRYPTION METHOD”. Considered this application because it addressed the use of common or symmetric keys in correspondence with seed values to validate an authentic key exchange much like the instant application


Conclusion

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  

A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Applicants are encouraged to take advantage of the After Final Consideration Pilot 2.0 (AFCP 2.0) which authorizes non-production time for consideration of responses filed after a final rejection. The purpose of the pilot is to compact prosecution of the case. The request must include 1) A signed AFCP request form (PTO/SB/434 or equivalent) that includes a statement that applicant is requesting consideration under the AFCP; 2) An amendment to at least one independent claim that does not broaden the scope of the independent claim in any aspect; and 3) A statement that applicant is willing and available to participate in any interview initiated by the examiner concerning the present response.  In the limited amount of non-production time if the examiner’s consideration of a proper AFCP 2.0 request and response does not result in a determination that all pending claims are in condition for allowance, the examiner will request an interview with the applicant to discuss the response. For more info, please visit http://www.uspto.gov/patent/initiatives/after-final-consideration-pilot-20

Any inquiry concerning this communication or earlier communications from the examiner should be directed to HASSAN A HUSSEIN whose telephone number is (571)272-3554. The examiner can normally be reached on 7:30am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on (571)272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/H.A.H./Examiner, Art Unit 2497                                                                                                                                                                                                        
/Jeremy S Duffield/Primary Examiner, Art Unit 2498