DETAILED ACTION
This communication is in response to Applicant’s amendment filed on 05/26/2022. Claims 1-3, 5-18 and 20 are directed towards METHOD FOR ESTABLISHING A SECURE PRIVATE INTERCONNECTION OVER A MULTIPATH NETWORK. Claims 4 and 19 have been canceled, and claims 1-3, 5-18 and 20 have been amended. Claims 1-3, 5-18 and 20 are allowed.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Terminal Disclaimer
The terminal disclaimer filed on 07/04/2022 disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration date of Patent No. 10,356,054 has been reviewed and is accepted.  The terminal disclaimer has been recorded.

Drawings
The replacement sheets for drawings (Fig. 4A and Fig. 4B) and the amendment to the specification filed on 03/07/2022 were acknowledged and accepted by the examiner. Therefore, examiner withdraw the drawing objection.

Response to Arguments
Applicant’s amendments/arguments submitted on 05/26/2022 have been considered and are deemed to be persuasive, and therefore the examiner withdraws the previous office action rejection under 35 USC 103.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Brendan Mee (Reg. No. 43,391) on June 24, 2022 and June 28, 2022.

The application has been amended as follows:

Abstract (replace the previous abstract with the following one)
A method for establishing a fully private, information secure interconnection between a source and a destination over a data network with at least a portion of a public infrastructure. The method comprising at the source creating n shares of a source data according to a predetermined secret sharing scheme, and encrypting the n shares using (n, k) secret sharing. Further, defining for at least one node vi a directed edge (Vi1, Vi2) that has a k-1 capacity. All outgoing links of vi are connected to vi2. Additionally, using a maximum flow algorithm to define the maximum number of shares outgoing from vi2, and therefore from vi, on each outgoing link. The number of shares forwarded by node vi does not exceed the number of maximum shares that were defined by the maximum flow algorithm.

1. (Currently Amended) A method of establishing a secured interconnection between a source and a destination over a data network having at least a portion of a public infrastructure, comprising: 
a) at said source, creating n shares of a source data, wherein reconstructing the source data requires at least k shares out of the created n shares, and associating each share with a flow;
b) defining, for at least one node vi, a directed edge (vi1, vi2), wherein all outgoing links of vi are connected to vi2; 
c) setting a capacity constraint of the directed edge (vi1, vi2) to be k -1 flows; and 
d) creating paths using a maximum flow algorithm under the capacity constraint, wherein a separation between tunnels belonging to fully and/or partially independent paths is made by encapsulation of packets of the shares according to a routing scheme that creates at least partially independent routing paths from said source to said destination, such that no node along a tunnel intercepts k or more shares.

2. (Currently Amended) [[A]] The method according to claim 1, wherein the data network includes a plurality of intermediating nodes creating a plurality of fully and/or partially independent paths in different directions on the path from said source to said destination, the method comprising:
forcing shares' carrying packets to pass through selected intermediate nodes, such that no router at any intermediating nodes intercepts k or more shares, wherein the intermediating nodes include one or more of the following: 
- Points of Presence (PoPs); 
- Computational clouds having a dedicated for forcing shares' carrying packets to pass through selected intermediate nodes, according to a desired routing scheme; 
- Backup channels and paths.

3. (Currently Amended) [[A]] The method according to claim 1, wherein the portion of the public infrastructure includes alternative paths supplied by one or more network service providers.

4. (Canceled)

5. (Currently Amended) [[A]] The method according to claim 1, wherein during said encapsulation, a header of each share-carrying packet is changed to a modified header, for forcing the shares' carrying packets to pass through selected nodes.

6. (Currently Amended) [[A]] The method according to claim 5, wherein each packet is forced to pass a 

7. (Currently Amended) [[A]] The method according to claim [[1]] 5, further comprising using public clouds deployed over the data network as nodes, by embedding a dedicated agent into a plurality of them, such that the modified header will determine the next intermediate destination which will be [[the]] a node that has been elected while creating each modified header.

8. (Currently Amended) [[A]] The method according to claim 7, wherein the modified header is a part of [[the]] a payload.

9. (Currently Amended) [[A]] The method according to claim 1, wherein when the data network has a known topology, the flow is tested offline, to obtain a distribution of data through different nodes and deploy dedicated agents accordingly, to create optimal routing paths.

10. (Currently Amended) [[A]] The method according to claim 1, wherein whenever the data network has unknown topology a path/topology recovery tools are used to obtain [[the]] an expected distribution of data through different nodes and verify, before sending [[the]] share carrying packets.

11. (Currently Amended) [[A]] The method according to claim 10, wherein the path/topology recovery tools are selected from the group of: 
HP-OpenView; 
Freenats; 
Traceroute; 
TraceMAC; 
Batctl.

12. (Currently Amended) [[A]] The method according to claim 1, wherein sufficient data separation is obtained by dynamically allocating nodes, through which [[the]] share carrying packets will pass.

13. (Currently Amended) [[A]] The method according to claim 1, wherein an inherent additional header of [[Ipv6]] Internet Protocol Version 6 (IPv6) is used for creating tunnels between [[Ipv6]] IPv6 nodes, where data between nodes is sent over Internet Protocol Version 4 (IPv4) links.

14. (Currently Amended) [[A]] The method according to claim 1, further comprising encrypting [[the]] a destination Internet Protocol (IP) [[IP]] address, along with [[the]] a payload data, by: 
creating n shares from the IP address of the destination; and 
sending said shares via several different paths between pairs of neighboring intermediate nodes, such that [[the]] a header data is decrypted at each intermediate [[nodes]] node only by having at least k shares, and any subset of less than k shares cannot be used to decrypt the header data.  

15. (Currently Amended) [[A]] The method according to claim 1, further comprising creating secret shared packets of different length by padding the after secret shared packets with random string of varying lengths, to avoid correlation of packets by a coalition of eavesdroppers.

16. (Currently Amended) [[A]] The method according to claim [[1]] 15, further comprising delaying some of the secret shared packets to avoid time correlation.  

17. (Currently Amended) [[A]] The method according to claim 1, further comprising:
 encrypting data packets with long payloads by creating a one-time-pad in the background at the [[sender]] source side; 
sending the created [[a]] one-time-pad to the destination over several paths; 
performing a bitwise XOR operation between the payload data and the bit string of said [[common]] created one-time-pad; and 
sending the resulting bits of encrypted payload data over [[possibly]] a single channel.  

18. (Currently Amended) A method for establishing a secured interconnection between a source and a destination over a managed data network having at least a portion of a public infrastructure, comprising: 
a) at said source, creating n shares of a source data, wherein reconstructing the source data requires at least k shares out of the created n shares, sending said at least k shares to said data network, and associating each share with a flow; and 
b) using at least one of: a known topology of the data network, a centralized network controller and a network management tool at the source, to: 
according to a result of applying a maximum flow algorithm over a graph with at least one directed edge having a capacity constraint to intercept k-1 flows defined for at least one node, dynamically forward each share from said source to said destination, such that the number of shares that pass [[the]] a router at each node does not exceed a threshold of k-1 shares, 
creating paths using [[a]] the maximum flow algorithm under the capacity constraint, wherein an optimal routing of the shares is dynamically determined by said centralized network controller, according to said threshold and according to a load or current- eavesdropping-coalition-risks on each router in said data network, 
wherein a separation between tunnels belonging to fully and/or partially independent paths is made by encapsulation of packets of the shares according to a routing scheme that creates at least partially independent routing paths from said source to said destination, such that no node along a tunnel intercepts k or more shares.  

	19. (Canceled)

20. (Currently Amended) A system comprising:
a memory; and 
a controller configured to establish a secure interconnection between a source and a destination over a data network having at least a portion of a public infrastructure, by: 
a) at said source, creating n shares of a source data, wherein reconstructing the source data requires at least k shares out of the created n shares, and associating each share with a flow; 
b) defining, for at least one node vi, a directed edge (vi1, vi2) wherein all outgoing links of vi are connected to vi2; 
c) setting a capacity constraint of the directed edge (vi1, vi2) to be k -1 flows; 
d) creating paths using a maximum flow algorithm under the capacity constraint, wherein a separation between tunnels belonging to fully and/or partially independent paths is made by encapsulation of packets of the shares according to a routing scheme that creates at least partially independent routing paths from said source to said destination, such that no node along a tunnel intercepts k or more shares.

Reasons for Allowance
The following is an examiner’s statement of reasons for allowance: 
The closest prior arts of record are Shimokuni et al. US 2006/0280203 A1 and Lou et al. NPL “A multipath routing approach for secure data delivery” published by IEEE in 2001.
Shimokuni discloses a secure communication against interception and interruption using an SSS (Secret Sharing Scheme) coding method, where a one packet or a plurality of packets (communication information) is or are coded in a way that divides the packet(s) into n-pieces of information blocks. In the case, a packet binding count "S", a dividing count "n" of dividing into the information blocks and a decoding threshold value "m" (<n) are set as coding parameters used for coding. Then, if there are an arbitrary number of information blocks equal to or larger than the threshold value "m", the information blocks can be decoded into the communication information. Further, whereas if there are not the arbitrary number of information blocks equal to or larger than the threshold value "m", the information blocks cannot be decoded into the communication information. Moreover, even if up to (n-m) pieces of information blocks disappear, remaining m-pieces of information blocks can be decoded into the communication information. 
Lou discloses an approach to enhance data confidentiality when transmitting across the insecure networks. A (T, N) secret sharing scheme is integrated with multipath routing algorithm, where the secure message is divided into N shares such that from any T or more shares, the message can be recovered, while from any T-1 or less shares, it is computationally impossible to recover the message. Then using multipath routing algorithm, the shares are delivered across the network via N different paths, where no T or more paths can share a single node. The destination node reconstructs the original message upon receiving T or more shares. However, any intermediate node does not intercept T shares necessary for the message recovery.
Even though, the prior art of record teaches systems and methods performing the above-mentioned steps, the prior art of record fails to disclose, individually or in combination, all the limitations in the manner recited in independent claims 1 and 20. Specifically, none of the above prior art discloses a method of establishing a secured interconnection between a source and a destination over a data network having at least a portion of a public infrastructure, comprising the steps of setting a capacity constraint of the directed edge (vi1, vi2) to be k -1 flows; and creating paths using a maximum flow algorithm under the capacity constraint, wherein a separation between tunnels belonging to fully and/or partially independent paths is made by encapsulation of packets of the shares according to a routing scheme that creates at least partially independent routing paths from said source to said destination, such that no node along a tunnel intercepts k or more shares. Therefore, the above limitations in conjunction with the remaining limitations of the independent claims render claims 1 and 20 allowable.
Even though, the prior art of record teaches systems and methods performing the above-mentioned steps, the prior art of record fails to disclose, individually or in combination, all the limitations in the manner recited in independent claim 18. Specifically, none of the above prior art discloses a method for establishing a secured interconnection between a source and a destination over a managed data network having at least a portion of a public infrastructure, comprising the steps of according to a result of applying a maximum flow algorithm over a graph with at least one directed edge having a capacity constraint to intercept k-1 flows defined for at least one node, dynamically forward each share from said source to said destination, such that the number of shares that pass a router at each node does not exceed a threshold of k-1 shares, creating paths using the maximum flow algorithm under the capacity constraint, wherein an optimal routing of the shares is dynamically determined by said centralized network controller, according to said threshold and according to a load or current- eavesdropping-coalition-risks on each router in said data network, wherein a separation between tunnels belonging to fully and/or partially independent paths is made by encapsulation of packets of the shares according to a routing scheme that creates at least partially independent routing paths from said source to said destination, such that no node along a tunnel intercepts k or more shares. Therefore, the above limitations in conjunction with the remaining limitations of the independent claim render claim 18 allowable.
Furthermore, the above additional elements in the claim provide meaningful limitations that transforms an abstract idea into patent eligible. The claim as a whole amounts to significantly more than the abstract idea itself. This is because the claim as a whole effects an improvement to another technology or technical field. The pending claims when taken as an ordered combination, result in the claims amounting to significantly more than the abstract idea and provide meaningful limitations beyond generally linking the use of the abstract idea to a particular technological environment.
None of the references of record alone, or in combination, anticipate or reasonably render the independent claims (1, 18, and 20) obvious. For these reasons claims 1, 18, and 20 are deemed to be allowable over the prior art of record, and claims 2-3 and 5-17 are allowed by dependency.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KHALID M ALMAGHAYREH whose telephone number is (571)272-0179. The examiner can normally be reached Monday - Thursday 8AM-5PM EST & Friday variable.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, SALEH NAJJAR can be reached on (571)272-4006. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



Respectfully Submitted

/KHALID M ALMAGHAYREH/Examiner, Art Unit 2492