DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1, 4, 11-12  and 16-17 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1, 11 and 15 of U.S. Patent No. 10972407 B1 in view of Masputra et al., US 20190306282 A1 (hereafter referred to as Masputra). Please see the table below for mapping of claim limitations.

Present application
USPN 10972407 B1
1. A method comprising: 
starting a network-coordination service, a network-interface component, and an application as separate processes within a user space of an operating system of a device; 

receiving, by the network-coordination service, a request from the application to connect with a host; 
verifying, by the network-coordination service and in response to the request, that the application has permission to connect with the host;  (secondary reference)
selecting, by the network-coordination service and in response to the request, the network-interface component to service the request to connect with the host, wherein the network-interface component is associated with a network interface of the device; 

allocating, by the network-coordination service, a shared memory region for the application and the network-interface component, wherein the shared memory region is associated with a reference; and sending, by the network-coordination service, the reference to the application, wherein the reference is configured to be used by the application to access the shared memory region; 
wherein the shared memory region is configured to be used by the application and the network-interface component to communicate packet data. 
4. The method of Claim 1, wherein the application has permission to open inter-process communication (IPC) channels directly with the network-coordination service and lacks permission to open IPC channels directly with the network-interface component; and wherein the network-coordination service has permission to open IPC channels directly with the network-interface component.

1. A method comprising: 
starting a network-coordination service, a network-interface component, and an application as separate processes within a user space of an operating system of a device, 
(feature 1 is moved below).
receiving, by the network-coordination service, a request from the application to connect with a host; 
Masputra teaches verification through an agent on paragraphs 171, 174. It would have obvious to improve system security by continuing to determine privileges with respect to user space applications.
selecting, by the network-coordination service and in response to the request, the network-interface component to service the request to connect with the host, wherein the network-interface component is associated with a network interface of the device; 
allocating, by the network-coordination service, a shared memory region for the application and the network-interface component, wherein the shared memory region is associated with a reference; and sending, by the network-coordination service, the reference to the application, wherein the reference is configured to be used by the application to access the shared memory region; 
wherein the shared memory region is configured to be used by the application and the network-interface component to communicate packet data.
Feature 1 from above.
wherein the application has permission to open inter-process communication (IPC) channels directly with the network-coordination service and lacks permission to open IPC channels directly with the network-interface component, and the network-coordination service has permission to open IPC channels directly with the network-interface component;
11. A system comprising: 
one or more processors; and 
one or more computer-readable non-transitory storage media coupled to one or more of the processors and comprising instructions operable when executed by one or more of the processors to cause the system to: 
start a network-coordination service, a network-interface component, and an application as separate processes within a user space of an operating system of a device; 

receive, by the network-coordination service, a request from the application to connect with a host; 
verify, by the network-coordination service and in response to the request, that the application has permission to connect with the host; 
select, by the network-coordination service and in response to the request, the network-interface component to service the request to connect with the host, wherein the network-interface component is associated with a network interface of the device; allocate, by the network-coordination service, a shared memory region for the application and the network-interface component, wherein the shared memory region is associated with a reference; and send, by the network-coordination service, the reference to the application, wherein the reference is configured to be used by the application to access the shared memory region; wherein the shared memory region is configured to be used by the application and the network-interface component to communicate packet data.
12. The system of Claim 11, wherein the application has permission to open inter-process communication (IPC) channels directly with the network-coordination service and lacks permission to open IPC channels directly with the network-interface component; and wherein the network-coordination service has permission to open IPC channels directly with the network-interface component
11. A system comprising: 
one or more processors; and 
one or more computer-readable non-transitory storage media coupled to one or more of the processors and comprising instructions operable when executed by one or more of the processors to cause the system to: 
start a network-coordination service, a network-interface component, and an application as separate processes within a user space of an operating system of a device, 
(Rearrangement of feature 2)
receive, by the network-coordination service, a request from the application to connect with a host; 
Masputra teaches verification through an agent on paragraphs 171, 174. It would have obvious to improve system security by continuing to determine privileges with respect to user space applications.

select, by the network-coordination service and in response to the request, the network-interface component to service the request to connect with the host, wherein the network-interface component is associated with a network interface of the device; allocate, by the network-coordination service, a shared memory region for the application and the network-interface component, wherein the shared memory region is associated with a reference; and send, by the network-coordination service, the reference to the application, wherein the reference is configured to be used by the application to access the shared memory region; wherein the shared memory region is configured to be used by the application and the network-interface component to communicate packet data.
(Feature 2 from above)
wherein the application has permission to open inter-process communication (IPC) channels directly with the network-coordination service and lacks permission to open IPC channels directly with the network-interface component, and the network-coordination service has permission to open IPC channels directly with the network-interface component;
16. One or more computer-readable non-transitory storage media embodying software that is operable when executed to: start a network-coordination service, a network-interface component, and an application as separate processes within a user space of an operating system of a device; 
receive, by the network-coordination service, a request from the application to connect with a host; 
verify, by the network-coordination service and in response to the request, that the application has permission to connect with the host; (in combination)

select, by the network-coordination service and in response to the request, the network-interface component to service the request to connect with the host, 
wherein the network-interface component is associated with a network interface of the device; allocate, by the network-coordination service, a shared memory region for the application and the network-interface component, wherein the shared memory region is associated with a reference; and 
send, by the network-coordination service, the reference to the application, wherein the reference is configured to be used by the application to access the shared memory region; 
wherein the shared memory region is configured to be used by the application and the network-interface component to communicate packet data.
17. The media of Claim 16, wherein the application has permission to open inter-process communication (IPC) channels directly with the network-coordination service and lacks permission to open IPC channels directly with the network-interface component; and wherein the network-coordination service has permission to open IPC channels directly with the network-interface component.
15. One or more computer-readable non-transitory storage media embodying software that is operable when executed to: 
start a network-coordination service, a network-interface component, and an application as separate processes within a user space of an operating system of a device 
Feature 3 rearranged
receive, by the network-coordination service, a request from the application to connect with a host; 
Masputra teaches verification through an agent on paragraphs 171, 174. It would have obvious to improve system security by continuing to determine privileges with respect to user space applications.
select, by the network-coordination service and in response to the request, the network-interface component to service the request to connect with the host, wherein the network-interface component is associated with a network interface of the device; 
allocate, by the network-coordination service, a shared memory region for the application and the network-interface component, wherein the shared memory region is associated with a reference; and send, by the network-coordination service, the reference to the application, wherein the reference is configured to be used by the application to access the shared memory region; 
wherein the shared memory region is configured to be used by the application and the network-interface component to communicate packet data.
Feature 3 from above:
wherein the application has permission to open inter-process communication (IPC) channels directly with the network-coordination service and lacks permission to open IPC channels directly with the network-interface component, and the network-coordination service has permission to open IPC channels directly with the network-interface component;



Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 17 recites the limitation "the media" in line 1.  There is insufficient antecedent basis for this limitation in the claim. 
Claim 18 recites the limitation "the media" in line 1.  There is insufficient antecedent basis for this limitation in the claim.
Claim 19 recites the limitation "the media" in line 1.  There is insufficient antecedent basis for this limitation in the claim.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 17-19 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because “the media” of claims 17-19 would include transitory media


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 5-6, 10-11, 16 and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over  Pope et al., USPAP 2018/0329743 A1 (hereafter referred to as Pope) in view of Masputra et al., US 20190306282 A1 (hereafter referred to as Masputra).
Regarding claim 11, Pope teaches a system (computer system 1, p 102) comprising: 
one or more processors; and one or more computer-readable non-transitory storage media coupled to one or more of the processors and comprising instructions operable when executed by one or more of the processors (computer system 1, p. 102) to cause the system to: 
start a network-coordination service (helper application, p. 170-171), a network-interface component (components accessed thru the DPDK library, user level protocol stack and nic virtual interface (VI), p. 2, 149), and an application as separate processes within a user space of an operating system of a device (application 200, p. 143, 300);
receive, by the network-coordination service, a request from the application to connect with a host (application initiates requests across network, p. 5, 101-102); 
select, by the network-coordination service and in response to the request, the network-interface component to service the requested connection with the host (initialize a network interface component thru the DPDK library, p. 2, 171), wherein the network-interface component is associated with a network interface of the device (the user level protocol stack is on the VI, p. 148-149, 178-179); 
allocate, by the network-coordination service, a shared memory region for the application and the selected network-interface component, wherein the shared memory region is associated with a reference (initializing shared memory region and enabling respective pseudo VI for the application, p. 169, 177); and 
send, by the network-coordination service (helper application), the reference to the user space level, wherein the reference is configured to be used by the application to access the shared memory region (the descriptors are moved to the user level and accessible by the application 200, p. 240); wherein the shared memory region is configured to be used by the application and the network-interface component to communicate packet data (the application 200 and the pseudo VI, p. 160, 177). Pope does not specifically teach sending the reference to the application. However, Pope teaches the need to pass network connection information between application/processes/threads (p. 135-136). It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to modify Pope to substitute handover of connection information from Pope as an equivalent mechanism for transferring the connection information to the application.
Pope does not specifically teach verifying, by the network-coordination service and in response to the request, that the application has permission to connect with the host.  However, in same field of endeavor, Masputra teaches verifying, by the network-coordination service and in response to the request, that the application has permission to connect with the host (p. 171, “As used herein, the term “agent” may refer to a software agent that acts for a user space application or other program in a relationship of agency with appropriate privileges.” And p. 174, “In other words, the agent does not permit the user application to exceed its privileges (e.g., the agent cannot commandeer the network driver at the highest network priority, or force a read/write to another application's memory space without the other kernel and/or other application's consent).”).  It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Pope to substitute verifying application permission from Masputra for the requesting connection from Pope to protect requests through an intermediary and thereby not creating security weaknesses.
B.	The method of claim 1 is rejected on the same rationale as claim 11 above. The non-transitory storage media of claim 16 is rejected on the same rationale as claim 11, above.
C.	Regarding dependent claim 2, Pope-Masputra teaches the method of Claim 1, wherein the network-interface component comprises a set of per-interface services (Pope, responsive to different protocol services such as DHCP, p. 171) and a network-interface library (helper initializes DPDK and creates DPDK memory pools as network interface library, p. 171. And mapping to pseudo Vis, p. 176), wherein the set of per-interface services includes a first service configured to perform one or more control plane networking operations (Pope, ARP, VLAN etc are control plane network operations, p. 171. , and the network-interface library is configured to perform one or more data plane networking operations (Pope, DPDK library, p. 165).
D.	Regarding dependent claim 3, Pope-Masputra teaches the method of Claim 1, wherein the application instantiates a transport protocol library associated with the operating system (Pope, user level application also creates user level protocol processing stack, p. 113, 179), the transport protocol library being configured to use the reference to the shared memory region to communicate packet data with the network-interface component (Pope, p. 176, 179).
E.	Regarding dependent claim 5, Pope-Masputra teaches the method of Claim 1, wherein the network-coordination service is configured to manage a plurality of network-interface components, including the selected network- interface component (Pope, managing DPDK resources for configured network interfaces, p. 169).
F.	Regarding dependent claim 6, Pope-Masputra teaches the method of Claim 5, further comprising: accessing, by the network-coordination service, network configuration or network status data associated with the plurality of network-interface components (Pope, allocation and configuration DPDK resources for p. 169, lines 1-11); wherein the selection of the network-interface component is based on the network configuration or network status data (Pope, selected based on DPDK library with the corresponding communication descriptors, p. 156).
G.	Regarding dependent claim 15, Pope-Masputra teaches the system of Claim 11, wherein the system is further configured to: receive, by the network-interface component and from the application, an address within the shared memory region for storing incoming packets (Pope, p. 177, 258, 262); cause, by the network-interface component, an incoming packet for the application to be stored in the shared memory region according to the address (Pope, p. 263, 264); and send, by the network-interface component, a message to the application to notify the application that the incoming packet is available in the shared memory region (Pope, event as a notification, p. 263).
H.	The method of claim 10 is rejected on the same rationale as claim 15, above. The non-transitory media of claim 19 is rejected on the same rationale as claim 15, above. 


Allowable Subject Matter
Claim 7-9, 13-14, and 18 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
The features objected to in dependent claims 7 and 13 are as follows. Requesting, by the network-coordination service and in response to the request, the network-interface component to provide name resolution and address resolution; generating, by the network-coordination service, one or more tokens associated with the name resolution and the address resolution; sending, by the network-coordination service, the one or more tokens to the application; receiving, by the network-interface component, a packet transmission request from the application specifying the one or more tokens; and determining, by the network-interface component, a destination address for one or more packets by validating the one or more tokens.
The features objected to in dependent claims 8-9, 14 and 18 are as follows. Receiving, by the network-interface component, a packet transmission request from the application specifying a data reference to data stored in the shared memory region; accessing, by the network-interface component, the data stored in the shared memory region using the data reference; generating, by the network-interface component, hardware descriptors and one or more packets for the data; and causing, by the network-interface component, the network interface to transmit the one or more packets using the hardware descriptors.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Raymond et al., US 20140280984 A1, teaches memory 204 in multiple respective computers 102 in the distributed computing system 100 are reserved and logically combined into the shared memory space 106 accessible to the computers 102 in the distributed computing system 100.
Epstein, US 20130276056 A1, teaches using a shared private call or shared memory call to allocate and name shared memory.
Marty et al., Snap: Microkernel Approach to Host Networking, teaches applications communicate with Snap through library calls that transfer data either asynchronously over shared memory queues (fast path) or synchronously over a Unix domain sockets interface (slow path) and using multicore interprocess communication (IPC) to implement network functionality as a the user-level service.
The other prior art of record teach user space application accessing share memory space and were cited in the parent application.                                                                                                                                                                             Any inquiry concerning this communication or earlier communications from the examiner should be directed to PATRICE L WINDER whose telephone number is (571)272-3935.  The examiner can normally be reached on M-F 10am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Thu Nguyen can be reached on 571-272-6967.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/Patrice L Winder/Primary Examiner, Art Unit 2452