DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This is in response to the correspondence filed on 05/05/22.  Claims 1-20 are still pending and have been considered below.

Claim Objections
The amendments and/or arguments submitted by Applicant have been considered and are persuasive; thus, the previous claim objection(s) have been withdrawn.

Claim Rejections - 35 USC § 112
The amendments and/or arguments submitted by Applicant have been considered and are persuasive; thus, the previous claim rejection(s) have been withdrawn.

Claim Rejections - 35 USC § 103
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claim(s) 1, 4-8 and 11-15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lippmann et al. (2009/0293128) in view of Gaul, Jr. (2001/0034847).
Claim 1:  Lippmann et al. discloses a method for automated shell discovery and access, the method comprising:
gathering, by a control server, fingerprint data for a target device for which access to a root shell is required(determines if the potential node is already represented as a node) [page 5, paragraphs 0047 & 0050];
generating, by a decision tree controller, a decision tree from the gathered fingerprint data(generates new node and/or connects to the existing node in the attack graph/tree depending upon if the potential node is already represented) [page 5, paragraphs 0051-0052];
traversing, by the decision tree controller, the decision tree to determine a path to the root shell(evaluates attack graph/tree to determine accessible vulnerability instance node(s) by traversing through and analyzing all required prerequisite nodes) [page 4, paragraphs 0037-0038 | pages 5-6, paragraphs 0055-0057];
identifying, by the decision tree controller to the control server, a found access path(intrusion detection system identifies likely avenues of attack) [page 7, paragraphs 0074-0075 | figure 8];
but does not explicitly disclose reporting, by the decision tree controller to the control server, a found access path; connecting, by the control server to the root shell on the target device, using one or more commands associated with the found access path; and executing, by the control server at the connected root shell of the target device, privileged commands associated with a task.
However, Gaul, Jr. discloses a similar invention [page 3, paragraph 0031] and further discloses reporting, by the decision tree controller to the control server, a found access path [page 9, paragraph 0115]; connecting, by the control server to the root shell on the target device, using one or more commands associated with the found access path(perform scan(s) on destination/target device using vulnerability test suites) [page 3, paragraph 0034]; and executing, by the control server at the connected root shell of the target device, privileged commands associated with a task(create new shell process and run commands on the remote node) [page 5, paragraph 0049].
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to further modify the disclosure of Lippmann et al. with the additional features of Gaul, Jr., in order to provide a network security system that can be easily updated remotely, as suggested by Gaul, Jr. [pages 1-2, paragraph 0012]. 
Claim 4:  Lippmann et al. and Gaul, Jr. disclose the method of claim 1, and Lippmann et al. further discloses wherein the gathering further comprises: gathering network based fingerprint data(reachability/vulnerability of ports) [page 4, paragraphs 0038-0040 & 0044]; and gathering fingerprint data local to the target device(root access and/or credential requirements at host) [page 4, paragraphs 0037 & 0043].
Claim 5:  Lippmann et al. and Gaul, Jr. disclose the method of claim 1, and Gaul, Jr. further discloses wherein the decision tree includes a plurality of nodes and each node is a command based on the gathered fingerprint data [page 4, paragraph 0040].
Claim 6:  Lippmann et al. and Gaul, Jr. disclose the method of claim 1, and Gaul, Jr. further discloses wherein each found access path is a sequence of commands [page 4, paragraph 0040].
Claim 7:  Lippmann et al. and Gaul, Jr. disclose the method of claim 1, and Gaul, Jr. further discloses further comprising: configuring the target device based on an outcome of the task [page 9, paragraph 0116].
Claim 8:  Lippmann et al. discloses a method for automated shell discovery and access, the method comprising:
automatically obtaining, by a decision tree module, signature information for a network device when an underlying operating system shell level access is absent [page 5, paragraphs 0047 & 0050];
automatically generating, by the decision tree module, a decision tree from the obtained signature information [page 5, paragraphs 0051-0052];
automatically promulgating, by the decision tree module, through the decision tree to determine a path to the underlying operating system shell [page 4, paragraphs 0037-0038 | pages 5-6, paragraphs 0055-0057];
automatically identifying, by the decision tree module, each viable path [page 7, paragraphs 0074-0075 | figure 8];
but does not explicitly disclose automatically reporting, by the decision tree module to a testing platform, each viable path; automatically logging, by the testing platform, into the network device using a command sequence associated with a viable path; initiating, by a testing platform, a privileged instruction based task on the network device; and automatically executing, by the testing platform at the logged-in network device, privileged instructions associated with the privileged instruction based task.
However, Gaul, Jr. discloses a similar invention [page 3, paragraph 0031] and further discloses automatically reporting, by the decision tree module to a testing platform, each viable path [page 9, paragraph 0115]; automatically logging, by the testing platform, into the network device using a command sequence associated with a viable path [page 3, paragraph 0034]; initiating, by a testing platform, a privileged instruction based task on the network device [page 5, paragraph 0049]; and automatically executing, by the testing platform at the logged-in network device, privileged instructions associated with the privileged instruction based task [page 5, paragraph 0049].
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to further modify the disclosure of Lippmann et al. with the additional features of Gaul, Jr., in order to provide a network security system that can be easily updated remotely, as suggested by Gaul, Jr. [pages 1-2, paragraph 0012]. 
Claim 11:  Lippmann et al. and Gaul, Jr. disclose the method of claim 8, and Lippmann et al. further discloses wherein the automatically obtaining further comprises: automatically obtaining network based signature information [page 4, paragraphs 0038-0040 & 0044]; and automatically obtaining signature information local to the network device [page 4, paragraphs 0037 & 0043].
Claim 12:  Lippmann et al. and Gaul, Jr. disclose the method of claim 8, and Gaul, Jr. further discloses wherein the decision tree includes a plurality of nodes and each node is a command based on the obtained signature information [page 4, paragraph 0040].
Claim 13:  Lippmann et al. and Gaul, Jr. disclose the method of claim 8, and Gaul, Jr. further discloses wherein each viable path is a command sequence [page 4, paragraph 0040].
Claim 14:  Lippmann et al. and Gaul, Jr. disclose the method of claim 8, and Gaul, Jr. further discloses further comprising: configuring the network device based on an outcome of the task [page 9, paragraph 0116].
Claim 15:  Lippmann et al. discloses a system comprising:
a testing controller [page 7, paragraph 0079]; and
a discovery module in connection with the testing controller, the discovery module configured to:
collect fingerprint information for a network device for which access to a root shell is required [page 5, paragraphs 0047 & 0050];
generate a decision tree from the collected fingerprint information [page 5, paragraphs 0051-0052];
traverse the decision tree to determine a path to the root shell [page 4, paragraphs 0037-0038 | pages 5-6, paragraphs 0055-0057]; and
identify a found access path to the testing controller [page 7, paragraphs 0074-0075 | figure 8];
but does not explicitly disclose report a found access path to the testing controller; and the testing controller configured to: connect to the root shell on the target device using one or more commands associated with the found access path; and execute, at the connected root shell of the target device, privileged commands associated with a task.
However, Gaul, Jr. discloses a similar invention [page 3, paragraph 0031] and further discloses report a found access path to the testing controller [page 9, paragraph 0115]; and the testing controller configured to: connect to the root shell on the target device using one or more commands associated with the found access path [page 3, paragraph 0034]; and execute, at the connected root shell of the target device, privileged commands associated with a task [page 5, paragraph 0049].
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to further modify the disclosure of Lippmann et al. with the additional features of Gaul, Jr., in order to provide a network security system that can be easily updated remotely, as suggested by Gaul, Jr. [pages 1-2, paragraph 0012]. 

Allowable Subject Matter
Claims 2, 3, 9, 10 and 16-20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Response to Arguments
Applicant's arguments filed 05/05/22 have been fully considered but they are not persuasive.
Applicant argues that the prior art of record does not disclose “executing, by the control server at the connected root shell of the target device, privileged commands associated with a task”, as claimed; in particular, Applicant appears to contend that Gaul, Jr. does not reasonably teach this limitation because it states that the security tests do not execute the damaging exploit if found, whereas the claimed invention does perform an execution based on the found access path.
Initially, Examiner notes that the section of Gaul, Jr. mentioned by Applicant appears to be in reference to specific security tests such as breaking security locks involving firewall and/or other hosts; and not necessarily that any and all security tests performed by the invention do not execute damaging exploit(s) if found.
Examiner further notes that Gaul, Jr. appears to reasonably disclose an execution of a command because it explicitly teaches that upon successfully gaining root access to a root shell, the shell is then used to run/execute commands and monitored for any responses to determine if administrative access can be obtained [page 5, paragraph 0049].
Therefore, Examiner respectfully disagrees and submits that the prior art of record, in combination, does in fact disclose the allegedly deficient features because Gaul, Jr. appears to explicitly disclose executing privileged commands at the connected root shell(using shell to run commands on the remote node and recording any responses from the remote node, when able to connect to the remote node as root).
In response to applicant's argument that the references fail to show certain features of applicant’s invention, it is noted that the features upon which applicant relies (i.e., execution that is explicitly based on the found access path) are not recited in the rejected claim(s).  Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims.  See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993).

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to EDWARD ZEE whose telephone number is (571)270-1686. The examiner can normally be reached Monday-Friday 9AM-5PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached on (571)272-3685. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/EDWARD ZEE/Primary Examiner, Art Unit 2435