DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is the responsive to the communication filed on 12/03/2020.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 9-16 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because:
 As per claim 9, this claim is rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. As to claim 9, although the preamble of the claim call for a system, it appears that the body of the claim only recites software (to monitoring engine, a bandwidth limiter, and a throttle manager) to implement the functions.  As such, the claim does not fall within one of the four statutory classes.
	Dependent claims 10-16 are rejected under the same analysis as set forth above. 


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over  Tamura et al US 2006/0056300 in view of Anderson US 2019/0349403.

 	As per claim 1, Tamura discloses a method for implementing bandwidth limitations on specific application traffic at a proxy element, the method comprising:  
 	receiving, by a proxy element (fig.1, numeral 100a Bandwidth control apparatus ), a packet flow from at least one source client (par 0096 a received from the user terminal 200_1); 
 	utilizing a bandwidth limiter ( par 0095 he bandwidth measuring portion 10a) in the proxy element to apply a bandwidth limitation operation to the packet flow from the at least one source client ( 0096 the maximum bandwidth value/bandwidth restriction release value setting portion 40 provides to the maximum bandwidth excess determining portion 30 a maximum bandwidth value 50a_1 and a bandwidth restriction release value 50a_2 preset in the management table 50 or externally set by an operator ); and  
 	executing a window size ( fig.2,numeral 20a, window size changing portion  )manipulation operation if a detected amount of packet flow exceeds a predefined bandwidth overflow threshold of the bandwidth limitation operation ( par 0037 a window size changing, i.e. manipulation, portion reducing a window size of a TCP session ACK packet of a user whose total bandwidth exceeds the maximum bandwidth value. And 0058 the bandwidth restricting portion may comprise a window size changing portion which reduces a window size of a TCP session ACK packet when the sum total bandwidth exceeds the maximum bandwidth restriction value).  
 	Tamura does not disclose receiving, by a proxy element, an encrypted packet from at least one source client, and apply an operation to the encrypted packet.
 	 However, Anderson discloses receiving, by a proxy element, an encrypted packet from at least one source client (fig.4A 0051 elemetry exporter 404 may be a switch, router, firewall, server, network controller, or other networking equipment via which encrypted traffic 416 sent between endpoint device 402 end endpoint 406 flows. During operation, traffic telemetry exporter 404 may capture data regarding encrypted traffic 416, generate traffic telemetry data 418 based on the captured data, and send traffic telemetry data 418 to traffic analysis service 408 for assessment. For example, traffic telemetry data 418 may include Internet Protocol Flow Information Export (IPFIX) records and/or Netflow records regarding encrypted traffic 416.  ), and apply an operation to the encrypted packet (par 0055 traffic analysis service 408 may correlate the file data 420 from monitoring agent 412 on endpoint 402 with the traffic telemetry data 418 captured by telemetry exporter 404 regarding encrypted traffic 416, to identify a specific one of file(s) 414 within encrypted traffic 416. As would be appreciated, the techniques herein can be performed on encrypted traffic 416 without actually decrypting encrypted traffic 416 ).

Therefore, it would have been obvious before the effective filing date of the claimed invention to implement the claimed invention by modifying a method of window size changing, i.e. manipulation, portion reducing a window size of a TCP session ACK packet of a user whose total bandwidth exceeds the maximum bandwidth value of Tamura, based on the teaching of receiving the encrypted traffic and analysis by the service of Anderson , because doing so would provide secure content during the sharing the content between endpoint devices. 


As per claim 2, Tamura in view of Anderson discloses the method of claim 1 , Tamura disclose wherein the window size manipulation operation includes sending, by a throttle manager in the proxy element, a reduce window size message that specifies an updated window size value to the at least one source client (par 0037 a window size changing, i.e. manipulation, portion, i.e. a throttle manager, reducing a window size of a TCP session ACK packet of a user whose total bandwidth exceeds the maximum bandwidth value. And 0058 the bandwidth restricting portion may comprise a window size changing portion which reduces a window size of a TCP session ACK packet when the sum total bandwidth exceeds the maximum bandwidth restriction value).  

 	As per claim 3, Tamura in view of Anderson discloses the method of claim 2 Anderson discloses wherein the at least one source client is compelled to send, to the proxy element, a reduced amount of encrypted packet flow based on the updated window size value in response to receiving the reduce window size message (0064, traffic analysis service 408 may correlate the document type, user(s), and endpoint information to effect a given policy (e.g., an engineer with access to sensitive code repositories may have a reduced alarm threshold when transferring those repositories to external servers  and par 0056 once the specific file 414 has been identified within encrypted traffic 416, traffic analysis service 408 may make a policy determination regarding the sending of the file to endpoint 406. Such a determination may be based on any or all of the following factors: [0057] A manually set protected/sensitive flag associated with the file 414. [0058] The name of the file 414 (e.g., “Account Information.docx,” etc.). [0059] The location of the file 414 on endpoint device 402 (e.g., in a folder flagged, i.e. reducing… as protected/sensitive). [0060] A user associated with endpoint device 402. [0061] A user associated with endpoint device 406. [0062] A device type associated with endpoint device 402. [0063] A device type associated with endpoint device 406).  

 	As per claim 4, Tamura in view of Anderson discloses the method of claim 2 Tamura discloses wherein the updated window size value is dynamically determined by the throttle manager or predefined by a network operator (par 0059 a window size of a TCP session ACK packet may be reduced by using a window size changing portion as the bandwidth restricting portion when the sum total bandwidth exceeds the maximum bandwidth restriction value).  

 	As per claim 5, Tamura in view of Anderson discloses the method of claim 2 Tamura discloses wherein the updated window size value is a transmission control protocol (TCP) window size value (par 0058 the bandwidth restricting portion may comprise a window size changing portion which reduces a window size of a TCP session ACK packet when the sum total bandwidth exceeds the maximum bandwidth restriction value).  
	
 	As per claim 6, Tamura in view of Anderson discloses the method of claim 1 Tamura discloses wherein the window size manipulation operation includes sending, by a throttle manager in the proxy element, a reduce window -18-Attorney Docket No. 20180078-03 size message that specifies an updated window size value to a destination server associated with the encrypted packet flow (par 0037 a window size changing, i.e. manipulation, portion, i.e. a throttle manager, reducing a window size of a TCP session ACK packet of a user whose total bandwidth exceeds the maximum bandwidth value. And 0058 the bandwidth restricting portion may comprise a window size changing portion which reduces a window size of a TCP session ACK packet when the sum total bandwidth exceeds the maximum bandwidth restriction value ).  

As per claim 7, Tamura in view of Anderson discloses the method of claim 6 Anderson discloses wherein the destination server is compelled to send, to the proxy element, a reduced amount of encrypted packet flow based on the updated window size value in response to receiving the reduce window size message ( par 0064 sensitive code repositories may have a reduced alarm threshold when transferring those repositories to external servers  and par 0056 once the specific file 414 has been identified within encrypted traffic 416, traffic analysis service 408 may make a policy determination regarding the sending of the file to endpoint 406. Such a determination may be based on any or all of the following factors: [0057] A manually set protected/sensitive flag associated with the file 414. [0058] The name of the file 414 (e.g., “Account Information.docx,” etc.). [0059] The location of the file 414 on endpoint device 402 (e.g., in a folder flagged, i.e. reducing… as protected/sensitive).  ).  

As per claim 8, Tamura in view of Anderson discloses the method of claim 1 Anderson discloses wherein the encrypted packet flow includes either encrypted secure session layer (SSL) packets or encrypted transport layer security (TLS) packets (par 0066 the TLS record lengths, times, types, etc. and/or the TCP flags, lengths, times, etc. of the window of packets or records surrounding the observed encrypted traffic. For HTTP/2, the classification label set may include the HTTP/2 frame types of the TLS encrypted frames, e.g., HEADERS, DATA, SETTINGS, ).  

As per claim 9, Tamura discloses A system for implementing bandwidth limitations on specific application traffic at a proxy element, the system comprising:
  a monitoring engine (fig.1, numeral 100a Bandwidth control apparatus) in the proxy element for receiving a packet flow from at least one source client (par 0096 a received from the user terminal 200_1 );  
a bandwidth limiter( par 0095 the bandwidth measuring portion 10a)in the proxy element for applying a bandwidth limitation operation to the packet flow from the at least one source client (0096 the maximum bandwidth value/bandwidth restriction release value setting portion 40 provides to the maximum bandwidth excess determining portion 30 a maximum bandwidth value 50a_1 and a bandwidth restriction release value 50a_2 preset in the management table 50 or externally set by an operator ); and 
a throttle manager ( par 0037 a window size changing, i.e. manipulation, portion, i.e. a throttle manager) in the proxy element for executing a window size manipulation operation if a detected amount of packet flow exceeds a predefined bandwidth overflow threshold of the bandwidth limitation operation (par 0037 a window size changing, i.e. manipulation, portion, i.e. a throttle manager, reducing a window size of a TCP session ACK packet of a user whose total bandwidth exceeds the maximum bandwidth value. And 0058 the bandwidth restricting portion may comprise a window size changing portion which reduces a window size of a TCP session ACK packet when the sum total bandwidth exceeds the maximum bandwidth restriction value ).  

Therefore, it would have been obvious before the effective filing date of the claimed invention to implement the claimed invention by modifying a method of window size changing, i.e. manipulation, portion reducing a window size of a TCP session ACK packet of a user whose total bandwidth exceeds the maximum bandwidth value of Tamura, based on the teaching of receiving the encrypted traffic and analysis by the service of Anderson , because doing so would provide secure content during the sharing the content between endpoint devices. 


As per claim 10, Tamura in view of Anderson discloses the system of claim 9, Tamura discloses wherein the window size manipulation operation includes sending, by the throttle manager in the proxy element, a reduce window size message that specifies an updated window size value to the at least one source client( par 0037 a window size changing, i.e. manipulation, portion, i.e. a throttle manager, reducing a window size of a TCP session ACK packet of a user whose total bandwidth exceeds the maximum bandwidth value. And 0058 the bandwidth restricting portion may comprise a window size changing portion which reduces a window size of a TCP session ACK packet when the sum total bandwidth exceeds the maximum bandwidth restriction value).  



 	As per claim 11, Tamura in view of Anderson discloses the system of claim 10  Anderson disclose wherein the at least one source client is compelled to send, to the proxy element, a reduced amount of encrypted packet flow based on the updated window size value in response to receiving the reduce window size message (0064, traffic analysis service 408 may correlate the document type, user(s), and endpoint information to effect a given policy (e.g., an engineer with access to sensitive code repositories may have a reduced alarm threshold when transferring those repositories to external servers  and par 0056 once the specific file 414 has been identified within encrypted traffic 416, traffic analysis service 408 may make a policy determination regarding the sending of the file to endpoint 406. Such a determination may be based on any or all of the following factors: [0057] A manually set protected/sensitive flag associated with the file 414. [0058] The name of the file 414 (e.g., “Account Information.docx,” etc.). [0059] The location of the file 414 on endpoint device 402 (e.g., in a folder flagged, i.e. reducing… as protected/sensitive). [0060] A user associated with endpoint device 402. [0061] A user associated with endpoint device 406. [0062] A device type associated with endpoint device 402. [0063] A device type associated with endpoint device 406).  
  
 	As per claim 12, Tamura in view of Anderson discloses the system of claim 10, Tamura discloses wherein the updated window size value is dynamically determined by the throttle manager or predefined by a network operator (par 0059 a window size of a TCP session ACK packet may be reduced by using a window size changing portion as the bandwidth restricting portion when the sum total bandwidth exceeds the maximum bandwidth restriction value).  
 
 	As per claim 13, Tamura in view of Anderson discloses the system of claim 10 wherein the updated window size value is a transmission control protocol (TCP) window size value(par 0058 the bandwidth restricting portion may comprise a window size changing portion which reduces a window size of a TCP session ACK packet when the sum total bandwidth exceeds the maximum bandwidth restriction value).  

 	As per claim 14, Tamura in view of Anderson discloses the system of claim 9 Tamura discloses wherein the window size manipulation operation includes sending, by the throttle manager in the proxy element, a reduce window size message that specifies an updated window size value to a destination server associated with the encrypted packet flow ( (par 0037 a window size changing, i.e. manipulation, portion, i.e. a throttle manager, reducing a window size of a TCP session ACK packet of a user whose total bandwidth exceeds the maximum bandwidth value. And 0058 the bandwidth restricting portion may comprise a window size changing portion which reduces a window size of a TCP session ACK packet when the sum total bandwidth exceeds the maximum bandwidth restriction value ).  


As per claim 15, Tamura in view of Anderson discloses the system of claim 14 Anderson discloses wherein the destination server is compelled to send, to the proxy element, a reduced amount of encrypted packet flow based on the updated window size value in response to receiving the reduce window size message (par 0064 sensitive code repositories may have a reduced alarm threshold when transferring those repositories to external servers  and par 0056 once the specific file 414 has been identified within encrypted traffic 416, traffic analysis service 408 may make a policy determination regarding the sending of the file to endpoint 406. Such a determination may be based on any or all of the following factors: [0057] A manually set protected/sensitive flag associated with the file 414. [0058] The name of the file 414 (e.g., “Account Information.docx,” etc.). [0059] The location of the file 414 on endpoint device 402 (e.g., in a folder flagged, i.e. reducing… as protected/sensitive). 

As per claim 16, Tamura in view of Anderson discloses the system of claim 9 wherein the encrypted packet flow includes either encrypted secure session layer (SSL) packets or encrypted transport layer security (TLS) packets (par 0066 the TLS record lengths, times, types, etc. and/or the TCP flags, lengths, times, etc. of the window of packets or records surrounding the observed encrypted traffic. For HTTP/2, the classification label set may include the HTTP/2 frame types of the TLS encrypted frames).  


 	As per claim 17, Tamura discloses a non-transitory computer readable medium having stored thereon executable instructions that when executed by a processor of a computer control the computer to perform steps comprising:
receiving, by a proxy element (fig.1, numeral 100a Bandwidth control apparatus ), a packet flow from at least one source client (par 0096 a received from the user terminal 200_1); 
 	utilizing a bandwidth limiter ( par 0095 he bandwidth measuring portion 10a) in the proxy element to apply a bandwidth limitation operation to the packet flow from the at least one source client ( 0096 the maximum bandwidth value/bandwidth restriction release value setting portion 40 provides to the maximum bandwidth excess determining portion 30 a maximum bandwidth value 50a_1 and a bandwidth restriction release value 50a_2 preset in the management table 50 or externally set by an operator ); and  
 	executing a window size ( fig.2,numeral 20a, window size changing portion  )manipulation operation if a detected amount of packet flow exceeds a predefined bandwidth overflow threshold of the bandwidth limitation operation ( par 0037 a window size changing, i.e. manipulation, portion reducing a window size of a TCP session ACK packet of a user whose total bandwidth exceeds the maximum bandwidth value. And 0058 the bandwidth restricting portion may comprise a window size changing portion which reduces a window size of a TCP session ACK packet when the sum total bandwidth exceeds the maximum bandwidth restriction value).  
 	Tamura does not disclose receiving, by a proxy element, an encrypted packet from at least one source client, and apply an operation to the encrypted packet.
 	 However, Anderson discloses receiving, by a proxy element, an encrypted packet from at least one source client (fig.4A 0051 elemetry exporter 404 may be a switch, router, firewall, server, network controller, or other networking equipment via which encrypted traffic 416 sent between endpoint device 402 end endpoint 406 flows. During operation, traffic telemetry exporter 404 may capture data regarding encrypted traffic 416, generate traffic telemetry data 418 based on the captured data, and send traffic telemetry data 418 to traffic analysis service 408 for assessment. For example, traffic telemetry data 418 may include Internet Protocol Flow Information Export (IPFIX) records and/or Netflow records regarding encrypted traffic 416.  ), and apply an operation to the encrypted packet (par 0055 traffic analysis service 408 may correlate the file data 420 from monitoring agent 412 on endpoint 402 with the traffic telemetry data 418 captured by telemetry exporter 404 regarding encrypted traffic 416, to identify a specific one of file(s) 414 within encrypted traffic 416. As would be appreciated, the techniques herein can be performed on encrypted traffic 416 without actually decrypting encrypted traffic 416 ).

Therefore, it would have been obvious before the effective filing date of the claimed invention to implement the claimed invention by modifying a method of window size changing, i.e. manipulation, portion reducing a window size of a TCP session ACK packet of a user whose total bandwidth exceeds the maximum bandwidth value of Tamura, based on the teaching of receiving the encrypted traffic and analysis by the service of Anderson , because doing so would provide secure content during the sharing the content between endpoint devices. 

As per claim 18, Tamura in view of Anderson discloses the non-transitory computer readable medium of claim 17, Tamura discloses wherein the window size manipulation operation includes sending, by a throttle manager in the proxy element, a reduce window size message that specifies an updated window size value to the at least one source client (par 0037 a window size changing, i.e. manipulation, portion, i.e. a throttle manager, reducing a window size of a TCP session ACK packet of a user whose total bandwidth exceeds the maximum bandwidth value. And 0058 the bandwidth restricting portion may comprise a window size changing portion which reduces a window size of a TCP session ACK packet when the sum total bandwidth exceeds the maximum bandwidth restriction value).  
 

 	As per claim 19, Tamura in view of Anderson discloses the non-transitory computer readable medium of claim 18, Anderson discloses  wherein the at least one source client is compelled to send, to the proxy element, a reduced amount of encrypted packet flow based on the updated window size value in response to receiving the reduce window size message (0064, traffic analysis service 408 may correlate the document type, user(s), and endpoint information to effect a given policy (e.g., an engineer with access to sensitive code repositories may have a reduced alarm threshold when transferring those repositories to external servers  and par 0056 once the specific file 414 has been identified within encrypted traffic 416, traffic analysis service 408 may make a policy determination regarding the sending of the file to endpoint 406. Such a determination may be based on any or all of the following factors: [0057] A manually set protected/sensitive flag associated with the file 414. [0058] The name of the file 414 (e.g., “Account Information.docx,” etc.). [0059] The location of the file 414 on endpoint device 402 (e.g., in a folder flagged, i.e. reducing… as protected/sensitive). [0060] A user associated with endpoint device 402. [0061] A user associated with endpoint device 406. [0062] A device type associated with endpoint device 402. [0063] A device type associated with endpoint device 406).  


 	As per claim 20, Tamura in view of Anderson discloses the non-transitory computer readable medium of claim 18, Tamura discloses wherein the updated window size value is dynamically determined by the throttle manager or predefined by a network operator (par 0059 a window size of a TCP session ACK packet may be reduced by using a window size changing portion as the bandwidth restricting portion when the sum total bandwidth exceeds the maximum bandwidth restriction value).  



Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to ABU S SHOLEMAN whose telephone number is (571)270-7314. The examiner can normally be reached EST: 9am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JORGE ORTIZ CRIADO can be reached on 571-272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ABU S SHOLEMAN/Primary Examiner, Art Unit 2496