DETAILED ACTION
1.	Claims 1-18 are pending in this examination.
Notice of Pre-AIA  or AIA  Status
2.1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
2.2.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Allowable Subject Matter
3.	Claims 2-3 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Double Patenting
4.1.	The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees.  A nonstatutory double patenting rejection is appropriate where the claims at issue are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO internet Web site contains terminal disclaimer forms which may be used.  Please visit http://www.uspto.gov/forms/.  The filing date of the application will determine what form should be used.  A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission.  For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.  

4.2.	Claims 1,3-5, 9-16 rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1, 3-5, 7-14 of U.S. Patent No. 10708236.
Although the conflicting claims are not identical, they are not patentably distinct from each other because claims 1,3-5, 9-16 are anticipated by claims 1, 3-5, 7-14 of U.S. Patent No.. ‘326, for example:

Instant application No. 
Claims: 1,3-5, 9-16
U.S. Patent No.. ‘326
Claims: 1, 3-5, 7-14
1. A method, comprising: receiving, by a computing device on a first port of a plurality of ports, a data packet, wherein each of the ports corresponds to one of a plurality of security classes including a first security class that corresponds to the first port, and the computing device comprises a plurality of cryptographic modules, 
each module comprising a cryptographic engine configured as a systolic-matrix array; 








routing, based on at least one header, the data packet to a first cryptographic module of the plurality of cryptographic modules; and e
encrypting the data packet using the first cryptographic module.


3. The method of claim 2, further comprising: 
selecting, based on the tagging data, one of a plurality of ports of the second computing device; and 
providing the decrypted packet as output on the selected port of the second computing device.
4. The method of claim 1, further comprising loading at least one key for the encrypting by the computing device of the received data packet, wherein the at least one key is selected based on a security class of the received data packet.
5. The method of claim 4, wherein the security class of the received data packet is determined by at least one header comprising security information.
9. The method of claim 1, wherein the first port is a virtual port.
10. The method of claim 1, wherein the at least one header is an embedded data header or a meta-data header.
11. A system, comprising: 
at least one processor or field-programmable gate array (FPGA); and memory configured to instruct the at least one processor or FPGA to:
receive, on a first port of a plurality of ports, a data packet, wherein each of the ports corresponds to one of a plurality of security classes;
tag the data packet using tagging data that identifies a first security class of the security classes;





route the data packet to a first cryptographic module of a plurality of cryptographic modules, wherein each cryptographic module comprises a cryptographic engine configured as a systolic-matrix array; and 



encrypt the data packet using the first cryptographic module.

12. The system of claim 11, further comprising a data storage device coupled to receive the encrypted data packet.
13. | The system of claim 11, wherein the first port is a physical port.
14. The system of claim 11, wherein the data packet is routed to the first cryptographic module based on the tagging data.
15. |The system of claim 14, wherein at least one header of the data packet comprises the tagging data.
16. |The system of claim 11, wherein the tagging data further identifies the first port as an entry port.

1. A method, comprising: receiving, by a first computing device on a first port of a plurality of ports, a data packet, wherein each of the ports corresponds to one of a plurality of security classes including a first security class that corresponds to the first port, and the first computing device comprises a plurality of cryptographic modules, 

each module configured to encrypt data for a respective one of the security classes, 

each module comprising a cryptographic engine configured as a systolic-matrix array, 

and each module further comprising at least one field-programmable gate array (FPGA) programmable to support at least one security protocol; tagging the data packet using tagging data that identifies the first security class and the first port, wherein tagging the data packet comprises replacing an external tag of the received data packet with an internal tag, wherein a first value in a field of the external tag indicates a protocol associated with the data packet, and wherein the internal tag is obtained by encoding the first value to a second value, the second value having a reduced number of bits as compared to the first value, and the second value replacing the first value in the field: 

routing, based on at least one header, the data packet to a first cryptographic module of the plurality of cryptographic modules; 

encrypting the data packet using the first cryptographic module; 

and storing the encrypted data packet in a first data storage device.

3.  The method of claim 2, further comprising:
selecting, based on the tagging data, one of a plurality of ports of the second computing device; and
providing the decrypted packet as output on the selected port of the second computing device.
4. The method of claim 1, further comprising loading at least one key for the encrypting by the first computing device of the received data packet, wherein the at least one key is selected based on a security class of the received data packet.
5.  The method of claim 4, wherein the security class of the received data packet is determined by at least one header comprising security information.
7. The method of claim 1, wherein the first port is a virtual port.
8. The method of claim 1, wherein the at least one header is an embedded data header or a meta-data header.
9. A system, comprising: 

at least one processor; and memory storing instructions configured to instruct the at least one processor to: 

receive, on a first port of a plurality of ports, a data packet, wherein each of the ports corresponds to one of a plurality of security classes;

 tag the data packet using tagging data that identifies a first security class of the security classes, 

wherein tagging the data packet comprises replacing an external tag of the received data packet with an internal tag, wherein a first value of the external tag indicates a protocol associated with the data packet, and wherein the internal tag is obtained by replacing the first value with a second value obtained by encoding the first value; 


route the data packet to a first cryptographic module of a plurality of cryptographic modules, wherein each cryptographic module is configured to encrypt data for a respective one of the security classes, each module comprises a cryptographic engine configured as a systolic-matrix array, 

and each module further comprises at least one field-programmable gate array (FPGA) programmable to support at least one security protocol; and 

encrypt the data packet using the first cryptographic module.


10. The system of claim 9, further comprising a data storage device coupled to receive the encrypted data packet for storage.
11. The system of claim 9, wherein the first port is a physical port.
12. The system of claim 9, wherein the data packet is routed to the first cryptographic module based on the tagging data.
13. The system of claim 12, wherein at least one header of the data packet comprises the tagging data. 
14. The system of claim 9, wherein the tagging data further identifies the first port as an entry port.



This is an obviousness-type double patenting rejection.

Claim Rejections - 35 USC § 103
5.1.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


5.2.	Claims 1, 4-5, 10 are rejected under 35 U.S.C. 103 as being unpatentable over US Patent Application No. 20050198412 to Pedersen et al (“Pedersen”) in view of US Patent Application No. 20120257506 to Bazlamacci et al (“Bazlamacci”), and in view of US Application Patent No. 20090327617 to Furuichi et al (“Furuichi”).
 	As per claim 1, Pedersen discloses a method, comprising: receiving, by a computing device on a first port of a plurality of ports, a data packet, wherein each of the ports corresponds to one of a plurality of security classes including a first security class that corresponds to the first port, and the computing device comprises a plurality of cryptographic modules (Pedersen, [0140]-[0142], also see figs. 23-24 and associated texts); 
	Pedersen does not explicitly disclose however in the same field of endeavor, Bazlamacci discloses each module comprising a cryptographic engine configured as a systolic-matrix array ([0082]), routing, based on at least one header, the data packet to a first cryptographic module of the plurality of cryptographic modules (claim 1, [0089]). 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Bazlamacci with the teaching of Pedersen by including the feature of routing, in order for Pedersen’s system to protecting data on the storage device. For example, if the data is read directly from the storage device such that in order for the host system to access data from the storage device, the request to access is authorized prior to decryption of the data on the storage device to be accessed.  Additionally, the location where the encryption key that encrypts data on the storage device is stored affects the security of encrypted storage device. If the encryption key is stored on a storage device in the host system, the security of the encryption key may be compromised when the host system is lost or stolen. For example, if data on the storage device is read directly and the location of the stored encryption key is known by the hacker. Data security can thus be compromised due to the encryption key residing on the system. (Bazlamacci).
Pedersen does not explicitly disclose however in the same field of endeavor, Furuichi discloses encrypting the data packet using the first cryptographic module ([0052]-[0058]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Bazlamacci/ Furuichi with the teaching of Pedersen by including the feature of encrypting the data, in order for Pedersen’s system for controlling information read/write processing. The risk of information leakage upon data exchange between computers can be reduced using a security function. However, it is difficult to enhance security for a shared object accessible from plural programs in the same computer, so that the other programs on the same computer can easily read/write data from/to the shared object. Division areas as a target of read/write processing are specified in accordance with user identification information to thereby assign a shared object to division areas that permit a predetermined user to read write data thereto/therefrom to execute information read/write processing through the shared object. In this way, a shared object can be used at any address different from the standard address without loss of functionality. (Furuichi,).
As per claim 4, the combination of Pedersen, Bazlamacci and Furuichi discloses the method of claim 1, further comprising loading at least one key for the encrypting by the computing device of the received data packet, wherein the at least one key is selected based on a security class of the received data packet (Pedersen, [0157]-[0159], also see fig. 33 and associated texts).
As per claim 5, the combination of Pedersen, Bazlamacci and Furuichi discloses the method of claim 4, wherein the security class of the received data packet is determined by at least one header comprising security information (Pedersen, [0128]).
As per claim 10, the combination of Pedersen, Bazlamacci and Furuichi discloses the method of claim 1, wherein the at least one header is an embedded data header or a meta-data header (Pedersen, [0131], [0158]).

5.3.	Claims 7-8 are rejected under 35 U.S.C. 103 as being unpatentable over Pedersen, Bazlamacci, Furuichi and Smith as applied to claim above, and further in view of US Patent Application No. 20090129388 to Akhtar et al (“Akhtar”).  
As per claim 7, the combination of Pedersen, Bazlamacci, Furuichi and Smith discloses the invention as described above. Pedersen, Bazlamacci, Furuichi and Smith do not explicitly disclose however in the same field of endeavor, Smith discloses the method of claim 6, further comprising verifying, based on the internal tag, that a security class of a key does not exceed the first security class (Akhtar, [0081]-[0083]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Akhtar with the teaching of Pedersen, Bazlamacci, Furuichi and Smith by including the feature of verifying, in order for Pedersen’s system for reducing the SIP message size has been to establish a standardized dictionary as discussed in RFC 3485 "The Session Initiation Protocol (SIP) and Session Description Protocol (SDP) Static Dictionary for Signaling Compression (SIGCOMP)." In the SIGCOMP approach, a finite dictionary defines many SIP parameters as 3-byte data substitutions. However, there are problems with the SIGCOMP approach. SIGCOMP is limited by the terms defined in the dictionary, which is static. The SIGCOMP dictionary does not evolve as SIP or SDP evolved and has remained static and unchanged. Attempts have been made to use event based state tables to build a dynamic extension to the SIGCOMP library, but under this approach the initial REGISTER message lacks enough pre-history traffic data to take advantage of this feature and memory limitations in the user equipment (UE) (e.g. cell phone, personal data assistant, computer, etc) restricts storage of long term history in the state tables to build an adequate library. There is a need for a flexible protocol to reduce the message size of SIP messages and improve service on networks.
As per claim 8, the combination of Pedersen, Bazlamacci, Furuichi, Smith and Akhtar, discloses the method of claim 7, further comprising, in response to verifying that the security class of the key does not exceed the first security class, restoring a field associated with the data packet (Akhtar, [0081]-[0083]). The motivation regarding the obviousness of claim 7 is also applied to claim 8. 

5.4.	Claims 9 are rejected under 35 U.S.C. 103 as being unpatentable over Pedersen, Bazlamacci and Furuichi as applied to claim above, and in view of US Patent Application No.  20080181406 to Iyer et al (“Iyer”).
	As per claim 9, the combination of Pedersen, Bazlamacci and Furuichi discloses the invention as described above. Pedersen, Bazlamacci and Furuichi do not explicitly disclose however in the same field of endeavor, Iyer discloses the method of claim 1, wherein the first port is a virtual port (Iyer, [0060]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Iyer with the teaching of Pedersen, Bazlamacci and Furuichi by including the feature of port, in order for Pedersen’s system for preventing unauthorized access of electronic devices. With increased usage of portable electronic devices, security of data stored on storage devices has become imperative as personal privacy and confidentiality can be jeopardized upon unauthorized access of electronic devices. While passwords (e.g., operating system log on password, BIOS password, etc.) have prevented unauthorized users from logging on to a host device (e.g., a laptop computer), the contents of the storage device can be compromised upon removal of the device from the host system. For example, a data hacker may physically remove the storage device and move it to another host device to which the data hacker has authorization for access. a hardware key intercepting a request sent from a host to a storage device to access data stored on the storage device, wherein the data stored on the storage device has been encrypted using a first encryption key, the hardware key configured to be plugged into a port of the host and the hardware key comprising a controller comprising the first encryption key to decipher the encrypted data from the storage device. The hardware key interpreting the request and issuing a command to the storage device to access the encrypted data. The hardware key providing the first encryption key to decipher the encrypted data from the storage device.

5.5.	Claims 6, 11, 14-16 are rejected under 35 U.S.C. 103 as being unpatentable over Pedersen, Bazlamacci and Furuichi as applied to claim above, and in view of US Patent Application No.  20110283339 to Smith et al (“Smith”).
	As per claim 6, the combination of Pedersen, Bazlamacci and Furuichi discloses the invention as described above. Pedersen, Bazlamacci and Furuichi do not explicitly disclose however in the same field of endeavor, Smith discloses the method of claim 1, further comprising replacing an external tag of the received data packet with an internal tag, wherein the internal tag includes at least one header comprising security information (Smith, [0046]-[0048]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Smith with the teaching of Pedersen, Bazlamacci and Furuichi by including the feature of tag, in order for Pedersen’s system for providing network security using security labeling is disclosed. The method includes comparing first security level information and second security level information, and indicating processing to be performed on the packet based on the comparing. The first security level information is stored in a security label of a packet received at a network node, while the second security level information is stored at the network node. Network security is increasing importance. A mechanism that allows for the efficient identification of network traffic. Preferably, such an approach should address limitations encountered in the use of existing ACL technology. Also preferably, such an approach should allow the network to be easily reconfigured and grow, without incurring a disproportionate administrative burden or consuming inordinately large amounts of network resources.

As per claim 11, the combination of Pedersen, Bazlamacci, Furuichi and Smith discloses a system, comprising: at least one processor or field-programmable gate array (FPGA); and memory configured to instruct the at least one processor or FPGA to:receive, on a first port of a plurality of ports, a data packet, wherein each of the ports corresponds to one of a plurality of security classes (Pedersen, [0140]-[0142], also see figs. 23-24 and associated texts).
 	Pedersen does not explicitly disclose however in the same field of endeavor, Bazlamacci discloses route the data packet to a first cryptographic module of a plurality of cryptographic modules ([0082]), wherein each cryptographic module comprises a cryptographic engine configured as a systolic-matrix array (claim 1, [0089]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Bazlamacci with the teaching of Pedersen by including the feature of routing, in order for Pedersen’s system to protecting data on the storage device. For example, if the data is read directly from the storage device such that in order for the host system to access data from the storage device, the request to access is authorized prior to decryption of the data on the storage device to be accessed.  Additionally, the location where the encryption key that encrypts data on the storage device is stored affects the security of encrypted storage device. If the encryption key is stored on a storage device in the host system, the security of the encryption key may be compromised when the host system is lost or stolen. For example, if data on the storage device is read directly and the location of the stored encryption key is known by the hacker. Data security can thus be compromised due to the encryption key residing on the system. (Bazlamacci,).
Pedersen does not explicitly disclose however in the same field of endeavor, Furuichi discloses encrypting the data packet using the first cryptographic module ([0052]-[0058]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Bazlamacci/ Furuichi with the teaching of Pedersen by including the feature of encrypting the data, in order for Pedersen’s system for controlling information read/write processing. The risk of information leakage upon data exchange between computers can be reduced using a security function. However, it is difficult to enhance security for a shared object accessible from plural programs in the same computer, so that the other programs on the same computer can easily read/write data from/to the shared object. Division areas as a target of read/write processing are specified in accordance with user identification information to thereby assign a shared object to division areas that permit a predetermined user to read write data thereto/therefrom to execute information read/write processing through the shared object. In this way, a shared object can be used at any address different from the standard address without loss of functionality. encrypt the data packet using the first cryptographic module.
Pedersen does not explicitly disclose however in the same field of endeavor, Smith discloses tag the data packet using tagging data that identifies a first security class of the security classes (Smith,[0012]-[0013] Also see [0046]-[0048]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Smith with the teaching of Pedersen, Bazlamacci and Furuichi by including the feature of tag, in order for Pedersen’s system for providing network security using security labeling is disclosed. The method includes comparing first security level information and second security level information, and indicating processing to be performed on the packet based on the comparing. The first security level information is stored in a security label of a packet received at a network node, while the second security level information is stored at the network node. Network security is increasing importance. A mechanism that allows for the efficient identification of network traffic. Preferably, such an approach should address limitations encountered in the use of existing ACL technology. Also preferably, such an approach should allow the network to be easily reconfigured and grow, without incurring a disproportionate administrative burden or consuming inordinately large amounts of network resources.
As per claim 14, the combination of Pedersen, Bazlamacci, Furuichi and Smith discloses the system of claim 11, wherein the data packet is routed to the first cryptographic module based on the tagging data (Pedersen, [0062], [0065]).
As per claim 15, the combination of Pedersen, Bazlamacci, Furuichi and Smith discloses the system of claim 14, wherein at least one header of the data packet comprises the tagging data (Smith, [0046]-[0048]). The motivation regarding the obviousness of claim 11 is also applied to claim 15.
As per claim 16, the combination of Pedersen, Bazlamacci, Furuichi and Smith discloses the system of claim 11, wherein the tagging data further identifies the first port as an entry port (Smith, [0033]). The motivation regarding the obviousness of claim 11 is also applied to claim 16.

5.6.	Claims 12-13 are rejected under 35 U.S.C. 103 as being unpatentable over Pedersen, Bazlamacci, Furuichi and Smith as applied to claim above, and in view of US Patent Application No.  20080181406 to Iyer et al (“Iyer”).
	As per claim 12, the combination of Pedersen, Bazlamacci, Furuichi and Smith discloses the invention as described above. Pedersen, Bazlamacci, Furuichi and Smith do not explicitly disclose however in the same field of endeavor, Iyer discloses system of claim 11, further comprising a data storage device coupled to receive the encrypted data packet (Iyer, [0098]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Iyer with the teaching of Pedersen, Bazlamacci and Furuichi by including the feature of port, in order for Pedersen’s system for preventing unauthorized access of electronic devices. With increased usage of portable electronic devices, security of data stored on storage devices has become imperative as personal privacy and confidentiality can be jeopardized upon unauthorized access of electronic devices. While passwords (e.g., operating system log on password, BIOS password, etc.) have prevented unauthorized users from logging on to a host device (e.g., a laptop computer), the contents of the storage device can be compromised upon removal of the device from the host system. For example, a data hacker may physically remove the storage device and move it to another host device to which the data hacker has authorization for access. a hardware key intercepting a request sent from a host to a storage device to access data stored on the storage device, wherein the data stored on the storage device has been encrypted using a first encryption key, the hardware key configured to be plugged into a port of the host and the hardware key comprising a controller comprising the first encryption key to decipher the encrypted data from the storage device. The hardware key interpreting the request and issuing a command to the storage device to access the encrypted data. The hardware key providing the first encryption key to decipher the encrypted data from the storage device.
As per claim 13, the combination of Pedersen, Bazlamacci, Furuichi, Smith and Iyer, system of claim 11, wherein the first port is a physical port (Iyer, [0060]). The motivation regarding the obviousness of claim 12 is also applied to claim 13.

5.7.	Claims 17 are rejected under 35 U.S.C. 103 as being unpatentable over Pedersen, Bazlamacci, Furuichi and Smith as applied to claim above, and in view of US Patent No. 6128666 issued to Muller et al (“Muller”).
	As per claim 17, the combination of Pedersen, Bazlamacci, Furuichi and Smith discloses the invention as described above. Pedersen, Bazlamacci, Furuichi and Smith do not explicitly disclose however in the same field of endeavor, Muller discloses the system of claim 11, wherein the memory is further configured to instruct the at least one processor or FPGA to, after encrypting the data packet using the first cryptographic module, restore a value associated with the tagging data (Muller, 6:20-35, 7:40-55).
 	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Muller with the teaching of Pedersen, Bazlamacci, Furuichi and Smith by including the feature of replacing a tag, in order for Pedersen’s system for updating packet headers using hardware that maintains the high performance of the network element. In one embodiment, the system includes an input port process (IPP) that buffers the input packet received and forwards header information to the search engine. The search engine searches a database maintained on the switch element to determine the type of the packet. In one embodiment, the type may indicate whether the packet can be routed in hardware. In another embodiment, the type may indicate whether the packet supports VLANs. The search engine sends the packet type information to the IPP along with the destination address (DA) to be updated if the packet is to be routed, or a VLAN tag if the packet has been identified to be forwarded to a particular VLAN. The IPP, during transmission of the packet to a packet memory selectively replaces the corresponding fields, e.g., DA field or VLAN tag field; the modified packet is stored in the packet memory. Associated with the packet memory are control fields containing control field information conveyed to the packet memory by the IPP. An output port process (OPP) reads the modified input packet and the control field information and selectively performs additional modifications to the modified input packet and issue control signals to the output interface (i.e., MAC). The MAC, based upon the control signals, replaces the source address field with the address of the MAC and generates a CRC that is appended to the end of the packet (Muller).

 5.8.	Claims 18 are rejected under 35 U.S.C. 103 as being unpatentable over Pedersen, Bazlamacci, Furuichi and Smith as applied to claim above, and in view of US Patent Application No. 20090129388 to Akhtar et al (“Akhtar”).  
As per claim 18, the combination of Pedersen, Bazlamacci, Furuichi and Smith discloses the invention as described above. Pedersen, Bazlamacci, Furuichi and Smith do not explicitly disclose however in the same field of endeavor, Akhtar discloses system of claim 11, wherein the memory is further configured to instruct the at least one processor or FPGA to, in response to verifying that a security class of a key does not exceed the first security class, restore a field associated with the data packet (Akhtar, It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Akhtar with the teaching of Pedersen, Bazlamacci, Furuichi and Smith by including the feature of verifying, in order for Pedersen’s system for reducing the SIP message size has been to establish a standardized dictionary as discussed in RFC 3485 "The Session Initiation Protocol (SIP) and Session Description Protocol (SDP) Static Dictionary for Signaling Compression (SIGCOMP)." In the SIGCOMP approach, a finite dictionary defines many SIP parameters as 3-byte data substitutions. However, there are problems with the SIGCOMP approach. SIGCOMP is limited by the terms defined in the dictionary, which is static. The SIGCOMP dictionary does not evolve as SIP or SDP evolved and has remained static and unchanged. Attempts have been made to use event based state tables to build a dynamic extension to the SIGCOMP library, but under this approach the initial REGISTER message lacks enough pre-history traffic data to take advantage of this feature and memory limitations in the user equipment (UE) (e.g. cell phone, personal data assistant, computer, etc) restricts storage of long term history in the state tables to build an adequate library. There is a need for a flexible protocol to reduce the message size of SIP messages and improve service on networks.
6.           The prior art made of record and not relied upon is considered pertinent to applicant's disclosure as the prior art discloses many of the claim features (See PTO-form 892). 
a).  US Patent Application No. 20080062803 to Fronte el al. discloses a system and method for encrypting data. The system includes a controller and a processing element (PE) array coupled to the controller. The PE array is operative to perform one or more of encryption functions and decryption functions using an encryption algorithm. According to the system and method disclosed herein, by utilizing the PE array, the system encrypts and decrypts data efficiently and flexibly.

Conclusion
7.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to HARUNUR RASHID whose telephone number is (571)270-7195. The examiner can normally be reached 9 AM to 5PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A. Shiferaw can be reached on (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

HARUNUR . RASHID
Primary Examiner
Art Unit 2497



/HARUNUR RASHID/Primary Examiner, Art Unit 2497