DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

2.	Applicant's arguments and amendments, filed on 05/16/2022 has been entered and carefully considered. Claims 1, 7 and 14 are amended. Claims 4, 10 and 17 are cancelled. Claims 1-3, 5-9, 11-16 and 21-32 have been examined and rejected.
 			
Response to Amendment and Arguments
3.	Applicant’s amendments and arguments filed on 02/28/2022 with respect to rejections of claims 1-8 and 21-32 have been considered but are moot in view of the new ground of rejection necessitated by applicant’s amendment.

Claim Rejections - 35 USC § 103
4.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


5.	Claims 1-3, 5-9, 11-16 and 18-20 are rejected under AIA  35 U.S.C. 103 as being unpatentable over Pignataro et al. (U.S. PGPub 2016/0105305) in view of Lissack (U.S. PGPub 2020/0218556) in view of Maida-Smith et al.(PGPub 2011/0131275 hereafter Maida).
As per claims 1, 7 and 14,
Pignataro teaches method comprising: identifying one or more communities of devices in an enterprise network (Pignataro see para 0045, as shown in fig. 8 method 300 for automatically creating communities of IoT devices, performed by the server 20, at 310, information is stored that represents identities and attributes of network-connected devices that are connected to a plurality of devices operating on the network edge, at step 320, the information representing identities and attributes of the plurality of network-connected devices is analyzed to identify and create one or more communities of network-connected devices based on functional, physical or relational attributes);
defining, from the one or more communities of devices, policy scopes in the enterprise network, the policy scopes defining how network traffic is managed within the network (Pignataro see para 0035-0037, 0045, policy-set contains a tree of policy elements as policy scope, the policy elements also contain policy triggers, each network-connected device being discovered contains an identity, this identity <THING IDENTIFIER> can be an XMPP or Jabber) identifier ID uniquely created, or other ID, as shown in table 1 the community is related to a ID, type and contains others aggregated communities inside its definition, at 340, one or more policies are formed based on the information describing the one or more communities and 350, data representing the one or more policies are sent to each of the plurality of devices operating on the network edge); 
Pignataro fail to exclusively teach 
generating a hierarchical representation of the policy scopes; identifying, based on the hierarchical representation of the policy scopes, one or more policies governing traffic flow between devices associated with each of the policy scopes, comprising: selecting a node in the hierarchical representation corresponding to a policy scope; identifying the one or more policies as policies governing traffic flow involving descendent nodes of the selected node; and managing application of the one or more policies at the devices corresponding to a sub-tree of the selected node and descendent nodes of the selected node.
In a similar field of endeavor Lissack teaches 
generating a hierarchical representation of the policy scopes (Lissack see para 0052, 0056, as shown in fig. 5 and 6 the classification tree 501 and tree hierarchy 601 representing the hierarchical representation of the policy scope, as shown in the fig. 6 respective classification trees, C-trees, is  generated for numerous instance hosts at the data center, such as C-trees 601A, 601B, 601M and 601N, where data center may comprise a plurality of server racks arranged in a number of different rooms , an NCS will  aggregate the C-trees of the instance hosts incorporated in a given rack, forming rack-level C-trees such as 603A and 603B, at the next level of aggregation, the rack-level C-trees 603 for all the racks in a given room or subset of the data center may be combined, in the form of room-level C-trees 605A or 605B, a single composite tree 607 may be created for the data center as a whole, by combining the room-level trees. Higher-level tree hierarchies, such as at the level of availability containers, geographical regions, or a provider network as a whole may be constructed); 
identifying, based on the hierarchical representation of the policy scopes, one or more policies governing traffic flow between devices associated with each of the policy scopes (Lissack see para 0058, 0059, as shown in fig. 7 a traffic procedure graph 750, with a plurality of decision nodes in each of which a respective set of classification criteria for network traffic are indicated is be used together with a classification tree to determine the category of a unit of network traffic a subset of the decision nodes may be arranged in a sequence such as sequence of nodes 701, 702 and 703, a subset of traffic that matches criteria indicated in node 701 may match the criteria indicated in node 702, if a given traffic unit matches all the criteria of a given sequence of nodes, its category may be determined—, it may be classified as a category C1 is representing a community of packet if the criteria of nodes 701, 702 and 703 are met, as a category C6 packet if the criteria of nodes 707 and 708 are met, as a category C5 packet if the criteria of node 706 are met, or as a category C7 packet if the criteria of node 709 are met, where criteria indicated in a given node may be expressed in terms of various properties of the network traffic unit in different embodiments, the contents of one or more headers of a packet, such as the source or destination IP address, port numbers, or the networking protocol being used may be used to determine its category, or contents of the body may be used, each of the categories into which a given traffic unit may be classified using the procedure may correspond to a corresponding node of a classification tree generated by the NCS);								It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the teaching Pignataro with the teaching of  Lissack, as doing so would provide an efficient method for creating set of rules to be used to apply a network configuration option to a particular category of traffic associated with a node of a distributed system by collected metrics and on networking management policies where the set of rules are part of a determined set or hierarchy of traffic categories implemented as a multi-level hierarchies with parent-child relationships between nodes of different levels (Lissack see para 0024).
Pignataro in view of Lissack fails to exclusively teach comprising: selecting a node in the hierarchical representation corresponding to a policy scope; identifying the one or more policies as policies governing traffic flow involving descendent nodes of the selected node; and managing application of the one or more policies at the devices corresponding to a sub-tree of the selected node and descendent nodes of the selected node.
In a similar field of endeavor Maida teaches comprising: selecting a node in the hierarchical representation corresponding to a policy scope( Maida, see para 0052, 0058, 0060, 0064 as shown in fig 5a, hierarchy of the total class tree beginning at the absolute "root" node from which all hierarchical class tree branches represents the system-based security policy level or scope containing system-based security policy object classes and the client-based security policy level or scope containing client-based security policy object classes,each participating client within the cloud then orchestrates or pushes their respective security policy onto the cloud by submitting their client-level security policy sub-tree representing client policy scope, where it is attached to the hosting service provider's system-based security policy level tree, as shown in fig. 5b a shallow system security policy hierarchy exporting the client security policy hierarchy segments to the system security policy site as a parent to child class relationship);
identifying the one or more policies as policies governing traffic flow involving descendent nodes of the selected node( Maida, see para 0044, 0045, as shown in fig. 4, the data dictionary engine 107 of each intermediary 106 node establishes a platform for the definition and collection of business models and security profiles where security domain is represented class tree by configurations, data dictionary engine of the intermediary processes object and class information, providing the ability to identify, collect and manage specific security information throughout an "end-to-end" security model where the security profile embedded by the intermediary 106 is a managed object instance, belonging to a parent class that is in the business security class tree consistent with enterprise level security profiles);
and managing application of the one or more policies at the devices corresponding to a sub-tree of the selected node and descendent nodes of the selected node (Maida, see para 0052, the aggregation of multiple multi-domain classes creates super classes, classes that contain security policy classes, business classes, and security profiles, as shown in fig. 5a. hierarchy of the total class tree represents a total architecture with a coarseness gradient beginning at the top and traversing towards the bottom, each tree branch manifests an increasing fidelity until one or more terminal nodes are found where the security data is held, and in the case of a super class, where enterprise data is also held, security profile data is held with the business data at the terminal nodes and reflects a security evaluation of the business data based on associated security policy application);
It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the teaching Pignataro in view of Lissack with the teaching of Maida as doing so would provide an efficient method for using a security profile embedded by  network devices as a managed object instance, belonging to a parent class that is in the business security class tree consistent with enterprise level security profiles throughout the life cycle of process and data defined by the articulation of a security policy which is a class tree elaboration, bringing the existence of policy profiles into relationship with IT infrastructure artifacts and data resource artifacts (Maida see para 0048).

As per claims 2, 8 and 15,
Pignataro in view of  Lissack in view of Maida teaches the method of claim 1, wherein identifying the one or more communities of devices comprises: receiving traffic flow data between devices of the enterprise network; generating a weighted graph based on the traffic flow data (Pignataro see para 0032, 0034, 0035 the server 20 utilizes data, IoT sensor data collected by the fog devices 30(1)-30(N) and Artificial Intelligence AI through the execution of the AI community creation software 78 that  analyzes information representing identities and attributes of the plurality of network-connected devices to create the one or more communities, a community is defined by way of the policy in fig. 3, this policy is then pushed down to fog devices, and the fog devices are thereby instructed to identify community members and then inform the server 20, policy contains policy elements, which are functional abstractions which  represented in a policy language that is pushed down to fog devices via XML, JSON, or other structured syntax where he policy-set contains a tree of policy elements representing a weighted graph);
and performing a hierarchical community detection on the weighted graph to identify the one or more communities of devices (Pignataro see para 0056, 0057, IoT sensors in blood supply packages provide information about the blood supply type, quantity, this information can be used to automatically form a first community C1, the community of blood supply and  C2 is another community in which the members are patients that need blood, further that a third community C3 is the community of blood donors, as communities are hierarchical in structure, with levels organized per county, state, region, federating communities C1 and C2 can be used to cost effectively match blood supplies to the patients and federating communities C1 and C3 can be used to start local blood supply campaigns when supply levels fall below thresholds).

As per claims 3, 9 and 16,
Pignataro in view of  Lissack in view of Maida teaches the method of claim 2, wherein each identified community of devices is associated with one policy scope from among the policy scopes (Pignataro see para 0035-0037, 0045, policy-set contains a tree of policy elements as policy scope, the policy elements also contain policy triggers, each network-connected device being discovered contains an identity, this identity <THING IDENTIFIER> can be an XMPP or Jabber) identifier ID uniquely created, or other ID, as shown in table 1 the community is related to a ID, type and contains others aggregated communities inside its definition, at 340, one or more policies are formed based on the information describing the one or more communities and 350, data representing the one or more policies are sent to each of the plurality of devices operating on the network edge).  

As per claims 5, 11 and 18,
Pignataro in view of  Lissack in view of Maida teaches the method of claim 1, wherein managing application of the one or more policies includes one or more of: generating a minimal policy set for one or more of the policy scopes (Lissack see para 0062, a selection of one of the elements of the lookup table 770A leads to the category A in FIG. 8. , , criteria indicated by decision nodes 851, 852 itself a node comprising a lookup table 770B, and/or 853 may need to be evaluated if the hash function 850 leads to one entry of 770A, while criteria indicated by decision nodes 854, 855 and/or 856 may have to be evaluated if the hash function 850 results in a selection of a different entry of lookup table 770A, if  procedure graph 880B is reached, and the criteria indicated in elements 854 and 855 are met as choosing the minimal policy set); 
deleting a redundant policy of the one or more policies; and generating a new policy for at least one of the policy scopes (Lissack see para 0074, 0075, as shown in fig. 12 element 1201, an event that may result in a modification to traffic classification metadata, the attack may be identified element 1204 by such a security service, by the NCS, or by a combination of the security service and the NCS , a modified set of traffic classification metadata may be generated at the NCS to mitigate the effects of the attack element 1207, the modifications may include, new categories of traffic being defined, based on the addresses of the specific nodes involved in sending and/or receiving the suspect traffic, and/or new bandwidth limits or other networking configuration options to be applied).								It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the teaching of Pignataro with the teaching of Lissack, and the motivation to combine the teachings will be the same a stated above for the motivation with relation to claims 1, 7 and 14;
As per claims 6, 12 and 14,
Pignataro in view of  Lissack in view of Maida teaches the method of claim 5, wherein generating the minimal policy set comprises: identifying, from among the one or more policies, at least one policy implemented in a policy scope with an ancestor policy scope in the hierarchical representation of policy scopes (Lissack see para 0053, traffic summation policies or rules of various kinds may apply to the classification tree, governing the relationships between the bandwidth limits of child nodes relative to parent nodes. In the illustrated example, the following rules may apply: (a) no child node in the tree may have a bandwidth limit exceeding the bandwidth limit of its parent, and (b) although the sum of the bandwidth limits of the children nodes of a parent node may exceed the bandwidth limit of the parent, during any given time period the sum of the actual traffic rates for the categories represented by the children nodes may not exceed the bandwidth limit of the parent); 
and generating an updated policy for the ancestor policy scope, the minimal policy set including the updated policy (Lissack see para 0056, data center may comprise a plurality of server racks arranged in a number of different rooms in the depicted embodiment, an NCS may aggregate the C-trees of the instance hosts incorporated in a given rack, forming rack-level C-trees such as 603A and 603B, at the next level of aggregation, the rack-level C-trees 603 for all the racks in a given room or subset of the data center may be combined, in the form of room-level C-trees 605A or 605B, a single composite tree 607 may be created for the data center as a whole by combining the room-level trees as the minimal policy set including the updated policy).
It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the teaching of Pignataro with the teaching of Lissack, and the motivation to combine the teachings will be the same a stated above for the motivation with relation to claims 1, 7 and 14;

As per claims 13 and 20,
Pignataro in view of  Lissack in view of Maida teaches the device of claim 7, wherein the device is an analytics engine of the enterprise network (Pignataro  see para 0032, the server 20 utilizes data, IoT sensor data collected by the fog devices 30(1)-30(N) and Artificial Intelligence (AI) through the execution of the AI community creation software 78 as analytics engine,  AI community creation software 78 analyzes information representing identities and attributes of the plurality of network-connected devices to create the one or more communities, and then groups results into categories that can be utilized by communities).
     

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SANJOY K ROY whose telephone number is (571)270-0675.  The examiner can normally be reached on Mon-Fri 8:30am-5:00pm, EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Nicholas R. Taylor can be reached on 571-272-3889.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov.  Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272- 1000.

/SANJOY ROY/
Examiner, Art Unit 2443


/NICHOLAS R TAYLOR/Supervisory Patent Examiner, Art Unit 2443