DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 7, 11 and 17 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
As per claims 7, 11, and 17, the claims recite “digital signature including the private key”.  It is unclear to the examiner on how a digital signature includes a private key.  It is well known in the art that a private key is used to generate a digital signature and the signature itself does not include the private key.  For examination purposes in applying prior art, the examiner interprets the limitation as “digital 8signature derived from a private key”.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Thompson et al. US2017/0171220 hereinafter referred to as Thompson, in view of Epple et al. US2019/0245894 hereinafter referred to as Epple.
As per claim 1, Thompson teaches a method for secure one-way transmission of data from a public network to a private network, the method comprising: forwarding stream of data packets to a second computing device in the private network via a cross-domain system (CDS), where received data packets are forwarded to a recipient application and recipient user in the private network to consume the data (Thomson paragraph [0035], [0037], [0043], [0069], [0084]-[0087], provide secure communications between applications.  Forward packets from a first computer in a public network to a second computer in a private network via unidirectional communication system).
Thompson does not explicitly disclose obtaining, at a first computing device, a stream of data packets; forwarding the stream of data packets and user information associated with a sending user to a first instance of a trust module executing on the first computing device; adding metadata to the stream of data packets, the metadata including a digital signature derived from a private key specific to the first instance of the trust module and information relating to the user information, a first application providing the stream of data packets, a recipient user, and recipient application; and 
second computing device being configured to process the metadata of the stream of data packets to verify the digital signature relating to the first instance of the trust module based on a public key that corresponds to the private key. 
Epple teaches obtaining, at a first computing device, a stream of data packets; forwarding the stream of data packets and user information associated with a sending user to a first instance of a trust module executing on the first computing device; adding metadata to the stream of data packets, the metadata including a digital signature derived from a private key specific to the first instance of the trust module and information relating to the user information, a first application providing the stream of data packets, a recipient user, and recipient application (Epple paragraph [0161]-[0164], [0168], [0188]-[0191], obtain data packets and append information such as digital signature, user information, source application information and recipient information); and 
second computing device being configured to process the metadata of the stream of data packets to verify the digital signature relating to the first instance of the trust module based on a public key that corresponds to the private key (Epple paragraph [0145], [0189], [0194], verify signature with public key). 
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Thompson with the teachings of Epple to include adding metadata to packets such as user information, source information and recipient information because the results would have been predictable and results in data packets have source and recipient information.  It would have also been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Thompson with the teachings of Epple to include adding signature information to packets in order to allow the recipient to verify the source and integrity of the received data packets.

As per claim 11, Thompson teaches a system comprising: a first computing device in a public network, the first computing device including: a first processor; and a first computer-readable medium including instructions that, when executed by the first processor, cause the first processor to: forward stream of data packets to a second computing device in a private network via a cross-domain system (CDS) providing one-way communication of data from the public network to the private network (Thomson paragraph [0035], [0037], [0043], [0069], [0084]-[0087], provide secure communications between applications.  Forward packets from a first computer in a public network to a second computer in a private network via unidirectional communication system).  
Thompson does not explicitly disclose obtain a stream of data packets from a first application executing on a first computing device; pass the stream of data packets to a first instance of a trust module executing on the first computing device; add, by the first instance of the trust module, metadata to the stream of data packets, the metadata including a digital signature including a private key specific to the first instance of the trust module and information relating to user information provided to the first instance of the trust module, the first application, a sending user, and a recipient user.
Epple teaches obtain a stream of data packets from a first application executing on a first computing device; pass the stream of data packets to a first instance of a trust module executing on the first computing device; add, by the first instance of the trust module, metadata to the stream of data packets, the metadata including a digital signature including a private key specific to the first instance of the trust module and information relating to user information provided to the first instance of the trust module, the first application, a sending user, and a recipient user (Epple paragraph [0161]-[0164], [0168], [0188]-[0191], obtain data packets and append information such as digital signature, user information, source application information and recipient information).
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Thompson with the teachings of Epple to include adding metadata to packets such as user information, source information and recipient information because the results would have been predictable and results in data packets have source and recipient information.  It would have also been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Thompson with the teachings of Epple to include adding signature information to packets in order to allow the recipient to verify the source and integrity of the received data packets.

Claim 3 is rejected under 35 U.S.C. 103 as being unpatentable over Thompson in view of Epple, and further in view of Trudeau et al. US2019/0124031 hereinafter referred to as Trudeau.
As per claim 3, Thompson in view of Epple teaches the method of claim 1.
Thompson in view of Epple does not explicitly disclose wherein first application authenticates user by verifying login credentials provided to the first application that correspond with the user.  
Trudeau teaches wherein first application authenticates user by verifying login credentials provided to the first application that correspond with the user (Trudeau paragraph [0033], [0063], login to application).  
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Thompson in view of Epple with the teachings of Trudeau to include authenticating the user in order to allow only authorized users to use the application to send data.

Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Thompson in view of Epple, and further in view of Richardson et al. US2009/0037581 hereinafter referred to as Richardson.
As per claim 8, Thompson in view of Epple teaches the method of claim 1.
Thompson in view of Epple does not explicitly disclose wherein data are provided to a one- 2way clipboard allowing content to be written or copied to the one-way clipboard.  
Richardson teaches wherein data are provided to a one-way clipboard allowing content to be written or copied to the one-way clipboard (Richardson paragraph [0043], writing data unidirectionally to clipboard).  
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Thompson in view of Epple with the teachings of Richardson to include a unidirectional clipboard in order to provide clipboard functionality.  It would have also been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Thompson in view of Epple with the teachings of Richardson to include writing data to a unidirectional clipboard because the results would have been predictable and resulted in writing the data packets to the clipboard.

Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Thompson in view of Epple, and further in view of Huckins USPN7,765,316.
As per claim 10, Thompson in view of Epple teaches the method of claim 1, wherein the stream of data packets are sent to the second computing device via the CDS (Thomson paragraph [0035], [0037], [0043], [0069], [0084]-[0087], Forward packets from a first computer in a public network to a second computer in a private network via unidirectional communication system; Epple paragraph [0161]-[0164], [0168], [0188]-[0191]).  
Thompson in view of Epple does not explicitly disclose one-way chat application.  
Huckins teaches one-way chat application (Huckins col 2 lines 20-25, col 2 line 60  - col 3 line 2, unidirectional messaging application).  
Thus it would have also been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Thompson in view of Epple with the teachings of Huckins to include a unidirectional messaging application because the results would have been predictable and resulted in sending the data messages via a messaging application.

Claims 12, 16 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Thompson in view of Epple, and further in view of Grewal et al. US2014/0068704 hereinafter referred to as Grewal.
As per claim 12, Thompson in view of Epple teaches the system of claim 11, wherein the second computing device in the private network is configured to: process, by a second instance of the trust module executing on the second computing device, the metadata of the stream of data packets to verify an identity of the sending user and verify the digital signature relating to the first instance of the trust module (Thomson paragraph [0035], [0037], [0043], [0069], [0084]-[0087], Forward packets from a first computer in a public network to a second computer in a private network via unidirectional communication system; Epple paragraph [0145], [0189], [0194], verify sender and signature with public key).
Thompson in view of Epple does not explicitly disclose receive data at a receiving buffer responsive to verifying identity of sending user and verifying digital signature.  
Grewal teaches receive data at a receiving buffer responsive to verifying identity of sending user and verifying digital signature (Grewal paragraph [0021], [0027], [0062]-[0063], validate sender and signature and send data to buffer).  
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Thompson in view of Epple with the teachings of Grewal to include validating a sender and signature of received before sending the data to a buffer in order to protect the buffer/recipient device from malicious entities and malware.  It would have also been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Thompson in view of Epple with the teachings of Grewal to include validating a sender and signature of received before sending the data to a buffer because the results would have been predictable and resulted in sending data to a buffer memory for a recipient application.

As per claim 16, Thompson teaches a non-transitory computer-readable medium including stored thereon a sequence of instructions which, when executed by a processor causes the processor to execute a process, the process comprising: forwarding, by first computing device, stream of data packets to a second computing device in a private network via a cross-domain system (CDS) providing secure one- way communication of the stream of data packets from public network to the private network (Thomson paragraph [0035], [0037], [0043], [0069], [0084]-[0087], provide secure communications between applications.  Forward packets from a first computer in a public network to a second computer in a private network via unidirectional communication system), 
Thompson does not explicitly disclose obtaining, by a first computing device, a stream of data packets from a first application executing on the first computing device; passing, by the first computing device, the stream of data packets to a first instance of a trust module executing on the first computing device; adding, by the first instance of the trust module executing on the first computing device, metadata to the stream of data packets; 
wherein a second computing device is configured to: process the metadata of the stream of data packets to verify an identity of a sending user and verify a digital signature relating to the first instance of the trust module in the metadata in the stream of data packets.
Epple teaches obtaining, by a first computing device, a stream of data packets from a first application executing on the first computing device; passing, by the first computing device, the stream of data packets to a first instance of a trust module executing on the first computing device; adding, by the first instance of the trust module executing on the first computing device, metadata to the stream of data packets (Epple paragraph [0161]-[0164], [0168], [0188]-[0191], obtain data packets and append information such as digital signature, user information, source application information and recipient information); 
wherein a second computing device is configured to: process the metadata of the stream of data packets to verify an identity of a sending user and verify a digital signature relating to the first instance of the trust module in the metadata in the stream of data packets (Epple paragraph [0145], [0189], [0194], verify sender and signature with public key).
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Thompson with the teachings of Epple to include adding metadata to packets such as user information, source information and recipient information because the results would have been predictable and results in data packets have source and recipient information.  It would have also been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Thompson with the teachings of Epple to include adding signature information to packets in order to allow the recipient to verify the source and integrity of the received data packets.
Thompson in view of Epple does not explicitly disclose responsive to verifying identity of sending user and verifying digital signature, receive data in a receive buffer maintained by second computing device.  
Grewal teaches responsive to verifying identity of sending user and verifying digital signature, receive data in a receive buffer maintained by second computing device (Grewal paragraph [0021], [0027], [0062]-[0063], validate sender and signature and send data to buffer).  
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Thompson in view of Epple with the teachings of Grewal to include validating a sender and signature of received before sending the data to a buffer in order to protect the buffer/recipient device from malicious entities and malware.  It would have also been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Thompson in view of Epple with the teachings of Grewal to include validating a sender and signature of received before sending the data to a buffer because the results would have been predictable and resulted in sending data to a buffer memory for a recipient application.

As per claim 17, Thompson in view of Epple and Grewal teaches the non-transitory computer-readable medium of claim 16, where the metadata includes a digital signature including a private key specific to the first instance of the trust module and information relating to user information provided to the first instance of the trust module, the first application, a sending user, and a recipient user (Epple paragraph [0161]-[0164], [0168], [0188]-[0191], obtain data packets and append information such as digital signature, user information, source application information and recipient information).  

Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Thompson in view of Epple, and further in view of Goteti et al. USPN9,510,363 hereinafter referred to as Goteti.
As per claim 13, Thompson in view of Epple teaches the system of claim 11.
Thompson in view of Epple does not explicitly disclose wherein first computer-readable medium further causes first processor to: split stream of data packets into a number of portions responsive to the stream of data packets exceeding a threshold data volume, wherein the stream of data packets are forwarded in the number of portions.  
Goteti teaches wherein first computer-readable medium further causes first processor to: split stream of data packets into a number of portions responsive to the stream of data packets exceeding a threshold data volume, wherein the stream of data packets are forwarded in the number of portions (Goteti claim 1, determine data packet exceeds a threshold size and split the packet into portions. Transmit the portions).  
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Thompson in view of Epple with the teachings of Goteti to include determining that data packet exceeds a threshold size and split the packet into portions in order to conserve transmission energy of the sending device when sending the data packets.

Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Thompson in view of Epple and Grewal, and further in view of Goteti et al. USPN9,510,363 hereinafter referred to as Goteti.
As per claim 20, Thompson in view of Epple and Grewal teaches the non-transitory computer-readable medium of claim 16.
Thompson in view of Epple and Grewal does not explicitly disclose wherein process further comprises: splitting stream of data packets into a number of portions responsive to the stream of data packets exceeding a threshold data volume, wherein the stream of data packets are forwarded in the number of portions.
Goteti teaches wherein process further comprises: splitting stream of data packets into a number of portions responsive to the stream of data packets exceeding a threshold data volume, wherein the stream of data packets are forwarded in the number of portions (Goteti claim 1, determine data packet exceeds a threshold size and split the packet into portions.  Transmit the portions).
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Thompson in view of Epple and Grewal with the teachings of Goteti to include determining that data packet exceeds a threshold size and split the packet into portions in order to conserve transmission energy of the sending device when sending the data packets.

Allowable Subject Matter
Claims 2, 4-6, 9, 14-15, 18 and 19 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Claim 7 would be allowable if rewritten to overcome the rejection(s) under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), 2nd paragraph, set forth in this Office action and to include all of the limitations of the base claim and any intervening claims.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HENRY TSANG whose telephone number is (571)270-7959. The examiner can normally be reached M-F 8am - 5pm EST.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on (571) 272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/HENRY TSANG/Primary Examiner, Art Unit 2495