DETAILED ACTION


Currently pending claims are 1 – 15.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  



Claim Rejections - 35 USC § 102

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:

A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


Claims 1 – 6 and 8 – 15 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Li et al. (U.S. Patent 10,278,073). 

As per claim 1, 9 & 13 (PART I / 2), Li teaches a method, comprising: 
storing, by a device, a set of security rules for the device (Li: Abstract & Col. 1 Line 65 – Col. 2 Line 14 and Col. 16 Line 59 – 61: storing network access security policies by the terminal so as to monitor, validate and stop a network access when a security status of the corresponding terminal is in noncompliance state); 
monitoring, by the device, compliance for the set of security rules (Li: see above & Col. 1 Line 65 – Col. 2 Line 14 and Col. 3 Line 5 – 16: monitoring and checking the respective network access security policies by the terminal so as to validate and stop a network access when a security status of the corresponding terminal is in noncompliance state); and 
upon detecting noncompliance of an identified security rule (Li: see above & Col. 3 Line 5 – 16: determining a noncompliance of an identified security rule (i.e. in an unsecured state) when matching a list of preset conditions such as a SIM card of the terminal is change (a new SIM card installed), terminal restarts, and etc.): 
disabling network access for the device (Li: see above & Col. 3 Line 5 – 15: disabling (stopping) network access for the device accordingly upon determining a noncompliance of an identified security rule (i.e. in an unsecured state) when matching a list of preset conditions such as a SIM card of the terminal is change (a new SIM card installed), terminal restarts, and etc.); and
establishing a trigger to disable network access for the device when network access for the device is restored prior to returning the device to compliance with the identified security rule (Li: see above & Col. 3 Line 5 – 16: (a) initiating a trigger to disable (stop) network access for the device on a restart event after the device is restored but before fully satisfying the network access security policies again, which is a noncompliance of a security rule (i.e. in an unsecured state)).  

As per claim 2 and 12, Li teaches where the trigger is based on one of a Windows WMI event and a platform invocation call (Li: see above & Col. 3 Line 12 – 16: (e.g.) a call initiated by a SIM card of a smart phone device under 3GPP network (i.e. a platform invocation call)).  

As per claim 3 – 4, Li teaches where disabling network access for the device includes disabling a hardware component associated with network access (Li: see above & Col. 3 Line 12 – 16: when stopping the network access, at least, a respective T/R (hardware tranceiver device) must be disabled on a particular communications port of a network card (adaptor)).  

As per claim(s) 5 – 6, the claims contain(s) similar limitations to claim(s) 1 and thus is/are rejected with the same rationale.

As per claim 8, 10 and 15, Li teaches attempting to return the device to compliance with the identified security rule prior to disabling network access for the device (Li: Li: see above & Col. 1 Line 65 – Col. 2 Line 14: upon a successful authentication of the terminal after a previous terminal authentication failure, attempting to grant an access permit to the terminal (i.e. return the device to a compliance with the identified security rule) – however, a certain preset conditions must be checked and satisfied beforehand – (e.g.) the following situations are not acceptable such as a SIM card of the terminal is change (a new SIM card installed), terminal restarts, and etc.).  

As per claim 11 and 14, Li teaches where the network access control module also establishes a trigger to disable an installed network device upon detection of installation of the installed network device (Li: Li: see above & Col. 1 Line 65 – Col. 2 Line 14: disabling (stopping) network access for the device accordingly upon determining a noncompliance of an identified security rule (i.e. in an unsecured state) when matching a list of preset conditions such as a new SIM card (i.e. a new network component) of the terminal is installed (i.e. changed) and thus suspicious).

Claims 1, 3 – 10, 13 & 15 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Durham et al. (U.S. Patent 2005/0213768). 

As per claim 1, 9 & 13 (PART II / 2), Durham teaches a method, comprising: 
storing, by a device, a set of security rules for the device (Durham: Abstract & Figure 5 / E-504 – 512 and Para [0052] / [0054]: storing various network access security policies by an embedded security agent at a device to verify the device platform security as needed); 
monitoring, by the device, compliance for the set of security rules (Durham: see above); and 
upon detecting noncompliance of an identified security rule (Durham: see above & Para [0052]: when a network manager (i.e. administrator) causing a client device to reboot (restart) when the client device has been compromised, network accessing from a communication device would be prevented (disabled) from transmission to the network on its network access port(s)); 
disabling network access for the device (Durham: see above); and
establishing a trigger to disable network access for the device when network access for the device is restored prior to returning the device to compliance with the identified security rule (Durham: see above & Para [0052] / [0054]).  

As per claim 3 – 4, Durham teaches where disabling network access for the device includes disabling a hardware component associated with network access (Durham:see above: when stopping the network access, at least, a respective T/R (hardware tranceiver device) must be disabled on a particular communications port of a network card (adaptor)).  

As per claim(s) 5 – 6, the claims contain(s) similar limitations to claim(s) 1 and thus is/are rejected with the same rationale.


As per claim 7, Durham teaches restoring network access to the device based on an administrator override (Durham: see above: (a) storing various network access security policies by an embedded security agent at a device to verify the device platform security as needed, wherein (b) when a network manager (i.e. administrator) causing a client device to reboot (restart) when the client device has been compromised, network accessing from a communication device would be prevented (disabled) from transmission to the network on its network access port(s)).  

As per claim 8, 10 and 15, Durham teaches attempting to return the device to compliance with the identified security rule prior to disabling network access for the device (Durham: see above).  

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:

A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claim 7 is rejected under 35 U.S.C.103 as being unpatentable over Li et al. (U.S. Patent 10,278,073), in view of Durham et al. (U.S. Patent 2005/0213768).  

As per claim 7, Durham teaches restoring network access to the device based on an administrator override (Durham: Abstract & Figure 5 / E-504 – 512 and Para [0052] / [0054]: (a) storing various network access security policies by an embedded security agent at a device to verify the device platform security as needed, wherein (b) when a network manager (i.e. administrator) causing a client device to reboot (restart) when the client device has been compromised, network accessing from a communication device would be prevented (disabled) from transmission to the network on its network access port(s)).  
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention was made to propose the modification of restoring network access to the device based on an administrator override because Durham teaches to alternatively, effectively and securely store various network access security policies by an embedded security agent at a device to verify the device platform security as needed, wherein when a network manager (i.e. administrator) causing a client device to reboot (restart) when the client device has been compromised, network accessing from a communication device would be prevented (disabled) from transmission to the network on its network access port(s) (see above) within the Li’s system of storing network access security policies by the terminal so as to monitor, validate and stop a network access when a security status of the corresponding 
terminal is in noncompliance state (see above). 


Any inquiry concerning this communication or earlier communications from the examiner should be directed to LONGBIT CHAI whose telephone number is (571)272-3788. The examiner can normally be reached Monday - Friday 9:00am-5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn D. Feild can be reached on 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



---------------------------------------------------
                  /Longbit Chai/
           Longbit Chai E.E. Ph.D.
    Primary Examiner, Art Unit 2431
                   No. #2338 – 2022
---------------------------------------------------