DETAILED ACTION
This Office Action is in response to application 17/353,871 filed on June 22, 2021.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claims 1-20 are pending and herein considered.

Notice of AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 06/22/2021 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.

Claims 1-20 rejected on the ground of nonstatutory double patenting as being unpatentable over the following U.S. Patent in view of the prior art of record (Scott, Jha and Chadzelek)

U.S. Patent No. 10,873,567, which is directed towards remote access through a cloud network to one or more backend servers.
U.S. Patent No. 11,349,815, which is directed towards remote access through a cloud network to one or more backend servers.
Although the claims at issue are not identical, they are not patentably distinct from each
other because the claim limitations are either anticipated by the claims of the issued patents, or
are otherwise obvious variations. Any limitations of the claims of the Instant Application not
disclosed in the claims of the (parent) patents are obvious in view of the cited prior art of record.

Claim Objections
Claim 1 is objected to because of the following informalities: Claim 1 recites “the remove device” in line 17.  Appropriate correction is required. 
Claim 3 is objected to because of the following informalities: Claim 3 recites “the remove device” in line 3.  Appropriate correction is required. 
Claim 8 is objected to because of the following informalities: Claim 8 recites “the remove device” in line 13.  Appropriate correction is required.
Claim 10 is objected to because of the following informalities: Claim 10 recites “the remove device” in line 3.  Appropriate correction is required.
Claim 15 is objected to because of the following informalities: Claim 15 recites “the remove device” in line 14.  Appropriate correction is required.
Claim 17 is objected to because of the following informalities: Claim 17 recites “the remove device” in line 3.  Appropriate correction is required.


Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. Especially, claim 1 recites “…when the backend server is publicly accessible, forwarding the request to the backend server…”. It is unclear which backend server receive the request. Claims 8 and 15 are also rejected under similar rationale.
Claim 1 recites the limitation "the tunnel server" in line 24.  There is insufficient antecedent basis for this limitation in the claim.
Claim 8 recites the limitation "the tunnel server" in line 20.  There is insufficient antecedent basis for this limitation in the claim.
Claim 15 recites the limitation "the tunnel server" in line 21.  There is insufficient antecedent basis for this limitation in the claim.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 4-9, 11-16 and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over Scott et al. (Scott), U.S. Pat. Number 10,079,854, in view of Jha et al. (Jha), U.S. Pat. Number 10,425,465.
Regarding claim 1; Scott discloses a system for communications between publicly accessible and publicly non-accessible servers and a remote device, comprising:
a processor (col. 22, lines [35-60] computer program comprising a plurality of instructions executable by one or more processors); and
memory storing instructions that, when executed by the processor, causes the system to perform a set of operations for communications between servers and a remote device (col. 22, lines [35-60] computer program comprising a plurality of instructions executable by one or more processors), the set of operations comprising:
receiving, at a proxy service for access to backend servers, a request from a remote device to access backend servers, the device physically outside the premises at which the backend servers reside (col. 4, lines 47-56] a proxy server 116 is coupled to the backend server 112…a proxy server is any computer system offering a service that acts as an intermediary between the two communicating parties, the client and the server. In the presence of a proxy server, there is no direct communication between the client, say browser 122, and the server, say backend server 112);
determining, by the proxy service coupled to a management service, the management service to manage client access requests on the device, a customer and a connection associated with the request, the proxy service communicating with the management service to identify, based on the customer and the connection, a publicly accessible backend server to which to send the request or a publicly non-accessible backend server to which to send the request (col. 4, lines 55-65] proxy server 116 is configured to provide service to the network 106 to allow remote clients to make indirect network connections to other network services, such as a website provided by the backend server 112; col. 7, lines [57-65] In response to receiving the request from browser 122, the proxy server …determines if and to which backend service(s) additional calls should be made);
when the backend server is publicly accessible, forwarding the request to the backend server, executing the request and returning results of the request to the remove device (col. 7, lines [57-65] In response to receiving the request from browser 122, the proxy server …determines if and to which backend service(s) additional calls should be made. The proxy server 116 communicates with a backend server or server system 112, and the backend server provides an initial response, such as an HTML document 118, to the proxy server).

Scott does not disclose, which Jha discloses when the backend server is publicly non-accessible, executing (Jha: col. 14, lines [34-45] the remote API management server 610 determines whether the API request is for a deployed API protected by a local API proxy. If the API request is not for a deployed API protected by a local API proxy, the API request is proxied to the deployed API):
forwarding the request to a tunnel service, the tunnel service enabling secure access to the publicly non-accessible backend server (Jha: col. 14, lines [30-55] if the API request is for a deployed API protected by a local API proxy, the API request is forwarded to the local API proxy. The local API proxy applies a security protocol (e.g., token authentication, API credential validation, etc.), then forwards the API request to the deployed API; col. 23, lines [45-55] a secure channel is established with a remote API management server. For example, the secure channel is established between local API proxy 232 and a remote API management server … For example, a Transport Layer Security (TLS) based connection (e.g., HTTPS connection) is established);
storing the request (Jha: col. 14, lines [52-55] local API proxy 632 sends metadata to the remote API management server 610 via internet 602 regarding information about handling of API requests and responses; at least part of the information generated at 706 and 708 is associated with the local API proxy and stored by the remote API management server.);
retrieving the stored request by a tunnel agent by way of a Hypertext Transfer Protocol (HTTP) request to the tunnel server, the tunnel agent servicing the publicly non-accessible backend server (Jha: col. 14, lines [52-65] local API proxy 632 sends metadata to the remote API management server 610 via internet 602 regarding information about handling of API requests and responses; col. 15, lines [10-15] a secure channel is established with a remote API management server…establishing the secure channel includes establishing an encrypted communication connection. For example, a Transport Layer Security (TLS) based connection (e.g., HTTPS connection) is established).
forwarding the request to the publicly non-accessible backend server (Jha: col. 14, lines [52-65] local API proxy 632 sends metadata to the remote API management server 610 via internet 602 regarding information about handling of API requests and responses. An example process for communications between local API proxy 632 and remote API management server 610);
executing the request and returning results of the request to the tunnel agent, the tunnel agent returning results to the tunnel service, the tunnel service returning results to the proxy service, the proxy service returning the results to the remote device (Jha: col. 14, lines [45-50] the API request for deployed API 624 is forwarded to local API proxy 632. Local API proxy 632 applies one or more API management functions, then forwards the API request to deployed API 624. An example process for handling an API request by local API proxy 632      103) col. 18, lines [42-54] at least metadata about the API request is provided to the remote API management server… over a secure channel and according to the process).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Scott to provide hen the backend server is publicly non-accessible, executing: forwarding the request to a tunnel service, the tunnel service enabling secure access to the publicly non-accessible backend server; storing the request; retrieving the stored request by a tunnel agent by way of a Hypertext Transfer Protocol (HTTP) request to the tunnel server, the tunnel agent servicing the publicly non-accessible backend server; forwarding the request to the publicly non-accessible backend server; executing the request and returning results of the request to the tunnel agent, the tunnel agent returning results to the tunnel service, the tunnel service returning results to the proxy service, the proxy service returning the results to the remote device, as taught by Jha. The motivation is to provide an API management services including proxying and analytics to accommodate mechanisms for consuming services, implements security measures (i.e. some service providers are not permitted to send data outside their data center or have third parties receive API requests due to security and/or compliance and traffic management for request).

Regarding claim 2; the combination of Scott and Jha discloses the system of claim 1, wherein the proxy service, management service, and tunnel service are co-located on a cloud-based platform that receives client requests from the remote device and the tunnel agent is co-located with the non-publicly accessible backend server on an on-premise enterprise platform (Jha: col. 2, lines [47-55] hybrid cloud API management in which API management functionalities are distributed between a remote API management server in a network cloud environment (e.g., managed by a third-party) and a local API proxy (e.g., local to an end server/data provider). The reason to combine Scott and Jha is the same as claim 1, above.

Regarding claim 4; the combination of Scott and Jha discloses the system of claim 1, wherein a client application executing on the remote device issues the request received by the proxy service executing on a cloud-based platform (Jha: col. 2, lines [45-60] the local API proxy is a gateway/interface/application deployed in a service provider's environment that forwards API requests made by a client application (“client app”) to a deployed API. The deployed API exposes backend data/services to the client app). The reason to combine Scott and Jha is the same as claim 1, above.

Regarding claim 5; the combination of Scott and Jha discloses the system of claim 1, wherein the request is a message and the tunnel agent is deployed in a customer data center, the tunnel agent reading the tunneled message via the HTTP request, the tunnel service executing in a cloud-based platform and exposing a public facing HTTP servlet end-point used by the tunnel agent to create tunnels, read tunneled messages, and write tunneled responses (Jha: col. 5, lines [55-67] local API proxy is implemented by a single process server. The single process server facilitates automation and containerization by not requiring two separate processes for launching the local API proxy by an agent… local API proxy 232 acts as an interface for content and/or a service provided by backend data/services). The reason to combine Scott and Jha is the same as claim 1, above.

Regarding claim 6; the combination of Scott and Jha discloses the system of claim 1, wherein the tunnel service is a plurality of tunnel services and the proxy service initializes a tunnel service store to store the request and route the request to publicly non-accessible backend server via one of the tunnel services (Jha: col. 13, lines [55-65] Each instance 532.1, 532.2 of the local API proxy fulfills the request by accessing its respective API and/or backend data/service (not shown). … local API proxy instances 532.1, 532.2 provide information (e.g., API execution data) to remote API management server 210). The reason to combine Scott and Jha is the same as claim 1, above.

Regarding claim 7; the combination of Scott and Jha discloses the system of claim 1, wherein the HTTP request comprises authentication information from the device request to authenticate on the backend server (Jha: col. 15, lines [10-14] establishing the secure channel includes establishing an encrypted communication connection. For example, a Transport Layer Security (TLS) based connection (e.g., HTTPS connection) is established; col. 15, lines [28-35]   identification, configuration, and/or authentication information about the local API proxy is provided to the remote API management server). The reason to combine Scott and Jha is the same as claim 1, above.

Regarding claims 8-9 and 11-14; claims 8-9 and 11-14 are directed to a method which has similar scope as claims 1-2 and 4-7, respectively. Therefore, claims 8-9 and 11-14 remain un-patentable for the same reasons.

Regarding claims 15-16 and 18-20; claims 15-16 and 18-20 are directed to a computer product which has similar scope as claims 1-2 and 4-6, respectively. Therefore, claims 15-16 and 18-20 remain un-patentable for the same reasons.

Claims 3, 10 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Scott et al. (Scott), U.S. Pat. Number 10,079,854, in view of Jha et al. (Jha), U.S. Pat. Number 10,425,465 and further in view of Chadzelek, U.S. Pub. Number 2016/0308974.
Regarding claim 3; the combination of Scott and Jha discloses the system of claim 2, wherein the non-publicly accessible backend server [[is behind a corresponding demilitarized zone]] accessible by an on-premises intranet but not directly accessible by the remove device, whereby the tunnel agent coupled to the non-publicly accessible backend server indirectly provides communications access via the HTTP request to the tunnel service on the cloud-based platform (Jha: col. 15, lines [10-15] a secure channel is established with a remote API management server…establishing the secure channel includes establishing an encrypted communication connection. For example, a Transport Layer Security (TLS) based connection (e.g., HTTPS connection) is established).
 The combination above does not disclose, which Chadzelek disclosed backend server [is behind a corresponding demilitarized zone (Chadzelek: para. [0019] one or more client devices 110 being network accessible via an Internet connection, and connected to a reverse proxy server 120 in a network demilitarized zone (DMZ)).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Scott, in view of Jha to provide backend server is behind a corresponding demilitarized zone, as taught by Chadzelek.  The motivation would be to provide protection layer to backend server by restricting access to information and servers (i.e. services may be communicated to the consuming clients indirectly from components located accessible in the DMZ, the corporate intranet, or the Internet).

Regarding claims 10; claim 10 is directed to a method which has similar scope as claim 3 Therefore, claim 10 remains un-patentable for the same reasons.

Regarding claims 17; claim 17 is directed to a computer product which has similar scope as claim 3 Therefore, claim 17 remains un-patentable for the same reasons.


Examiner’s remarks to overcome the rejection above
The Examiner encourage Applicant to contact the Examiner to discuss claim’s amendment before responding to this Office Action for compact prosecution. 

Related Art
The following prior art made of record and cited on PTO-892, but not relied upon, is considered pertinent to applicant’s disclosure:
U.S. Pat. Number 10,374,869 to Jain-Jain teaches a containerized architecture to secure and manage Internet-connected devices, such as “Internet of Things” devices, is disclosed. In various embodiments, one or more containerized applications are run, e.g., on an Internet of Things gateway, subject to management by the management server. At least one of the containerized applications is a management agent configured to participate, subject to control of the management server, in management of one or more other of said containerized applications.
U.S. Pat. Number 7,958,347 to Ferguson-Ferguson teaches a proxy resides in a respective network environment between one or more clients and multiple servers. The proxy is to enable the clients retrieve data stored at the multiple servers. To establish a first connection between the proxy and a respective client, the proxy communicates with an authentication agent to verify a challenge response received from the client.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to VU V TRAN whose telephone number is (571)270-1708.  The examiner can normally be reached on M-F, 8 AM- 4 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 571-272-3972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/VU V TRAN/Primary Examiner, Art Unit 2491