DETAILED ACTION

1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

2.	Claims 1-19 are pending.  Claims 1, 8 and 13 are independent.

3.	The IDS’es submitted on 9/16/19, 2/16/21, 10/20/21 and 7/12/22 have been considered.

Examiner’s Amendment
4.         An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

Authorization for this examiner’s amendment was given in a telephonic interview with Applicants' representative, Joel Weiss (Reg. No. 44,398) on 8/19/22.

5.         The following listing of claims replaces all previous versions and listings of claims:
		1. 	(Currently Amended) A multi-spoke data tunnel inspection architecture, the architecture comprising:
		a data tunnel, the data tunnel in electronic communication with a complementary pair of a first data conduit and a second data conduit, the data tunnel comprising: 
			a data review tunnel
			a data collector 
			an interpreter 
			a set of data review decision rules 
			a data reporter 
			wherein the data review tunnel 
			receive a first portion of a data stream in the first data conduit, said first portion of the data stream encrypted with a first encryption scheme;
			receive a second portion of the data stream in the second data conduit, said second portion of the data stream encrypted with a second encryption scheme; 
			decrypt and reconstruct a complete data stream, said complete data stream formed from the first data stream and the second data stream;
			analyze and review the flow of the data stream in conjunction with the data collectorset of data review decision rules 
			prepare, using the data reporter
		2. 	(Currently Amended) The architecture of claim 1, wherein the data collector 
		3. 	(Currently Amended) The architecture of claim 1, wherein the interpreter 
		4. 	(Currently Amended) The architecture of claim 1, wherein the set of data review decision rules 
		5. 	(Currently Amended) The architecture of claim 1, wherein the data review tunnel is in electronic communication with a second complementary pair of data conduits, the second complementary pair of data conduits operable to review and analyze data at a different security level from the first complementary pair of data conduits.
		6. 	(Currently Amended) The architecture of claim 1, wherein the data review tunnel set of data review decision rules
		7. 	(Currently Amended) The architecture of claim 6, wherein the data reporter 
		8.	(Original) A multi-level data channel and inspection architecture, said architecture comprising:		a multi-level data pipeline, said pipeline receiving a data stream at an upstream portion of the tunnel and outputting inspected data at a downstream portion of the pipeline, wherein said pipeline comprises:			a plurality of pipes, said plurality of pipes comprising one or more complementary pairs of pipes, each pipe within a complementary pair of pipes encrypted using a different security key from the security key used to encrypt a second pipe of the same complementary pair of pipes, wherein encryption of the data stream as it passes through the two pipes in each of the complementary pair of pipes forms a two-key encryption scheme;			a data manager is configured to coordinate passage of the data into and out of the pipeline; and			wherein each of the complementary pairs of pipes is configured to inspect the data on a different level of data channel inspection than any of the other of the complementary pair of pipes, each level of data channel inspection having individual data attribute and/or metadata extracting capabilities.
		9.	(Original) The architecture of claim 8, wherein each of the complementary pairs of pipes are coupled in parallel to one another within the multi-level data pipeline.  
		10.	(Original) The architecture of claim 8, wherein each complementary pair of pipes is configured to review and analyze a flow of data through the complementary pair of pipes, said review and analysis of the flow being based on flow characteristics of the data stream.
		11.	(Original) The architecture of claim 8, wherein each of the complementary pair of pipes is configured to carry a partial amount of the data stream.
		12.	(Original) The architecture of claim 8, wherein each complementary pair of pipes is in electronic communication with a second complementary pair of data pipes, the second complementary pair of data pipes operable to review and analyze data at a different security level from the first complementary pair of data pipes.
		13.	(Currently Amended) A method for providing deep packet inspection of data in a multi-spoke data tunnel inspection architecture, the method comprising:
			using a data review tunnel module to receive, in a data tunnel, a first portion of a data stream in a first data conduit, said first portion of the data stream encrypted with a first encryption scheme;
			using the data review tunnel module to receive a second portion of the data stream in the second data conduit, said second portion of the data stream encrypted with a second encryption scheme; 
			decrypting and reconstructing a complete data stream, said complete data stream derived from the decrypted and reconstructed first data stream and the decrypted and reconstructed second data stream;
			analyzing and reviewing the flow of the complete data stream in conjunction with a data collector module, an interpreter module, and a set of data review decision rules module, said analyzing and reviewing for determining whether the flow of the data stream is associated with a higher than threshold level of likelihood of intrusion; and
			preparing, using a data reporter module, a data report based on the analysis and review, and use the data reporter module to publish the data report. 
		14. 	(Original) The method of claim 13, wherein the data collector module is configured to coordinate transportation of data from ingestion at data receipt, and throughout the rest of the multi-spoke data inspection tunnel architecture.
		15.	(Original) The method of claim 13, wherein the interpreter module is configured to review data received by the data review tunnel module and to establish a type of data for reference by the data review tunnel module.  
		16.	(Currently Amended) The method of claim 13, wherein the set of data review decision rules module is configured to store rules for reviewing and analyzing the data.
		17. 	(Original) The method of claim 13, wherein the data tunnel is in electronic communication with a second complementary pair of data conduits, the second complementary pair of data conduits operable to review and analyze data at a different security level from the first complementary pair of data conduits.
		18. 	(Currently Amended) The method of claim 13, wherein the data review tunnel module is only configured to validate data in the data stream based on a validation of the data in the data stream received from each of the data collector module, the interpreter module, and the set of data review decision rules module.  
		19. 	(Currently Amended) The method of claim [[8]]13, wherein the data reporter module is configured to only prepare a report based on the validation of the data stream by the data review tunnel module.




Allowable Subject Matter

6.	Claims 1-19 are allowed.  The closest prior art Frayman (US PG Pub. 2018/0124085) discloses a network traffic hub that extracts encryption metadata from messages establishing an encrypted connection between a smart appliance and a remote server and determines whether malicious behavior is present in the messages and Leet (US PG Pub. 2014/0359605) discloses systems for generating a bundle package, digitally signing the bundle package, selectively disturbing the bundle package, and/or indexing one or more resource packages retrieved from the bundle package.  The prior art made of record, either in singular or in combination, does not teach or fairly suggest the combination of elements as recited in independent claim 1:
wherein the data review tunnel module is configured to:
receive a first portion of a data stream in the first data conduit, said first portion of the data stream encrypted with a first encryption scheme;
receive a second portion of the data stream in the second data conduit, said second portion of the data stream encrypted with a second encryption scheme;
decrypt and reconstruct a complete data stream, said complete data stream formed from the first data stream and the second data stream;
analyze and review the flow of the data stream in conjunction with the data collector, the interpreter, and the set of data review decision rules, said analyzing and reviewing for determining whether the flow of the data stream is associated with a higher than threshold level of likelihood of intrusion;

the combination of elements as recited in independent claim 8:
	a plurality of pipes, said plurality of pipes comprising one or more
complementary pairs of pipes, each pipe within a complementary pair of pipes encrypted
using a different security key from the security key used to encrypt a second pipe of the
same complementary pair of pipes, wherein encryption of the data stream as it passes through the two pipes in each of the complementary pair of pipes forms a two-key
encryption scheme;
	a data manager is configured to coordinate passage of the data into
and out of the pipeline; and
	wherein each of the complementary pairs of pipes is configured to
inspect the data on a different level of data channel inspection than any of the other of the
complementary pair of pipes, each level of data channel inspection having individual data
attribute and/or metadata extracting capabilities;

and the combination of elements as recited in independent claim 13:
	using a data review tunnel module to receive, in a data tunnel, a first
portion of a data stream in a first data conduit, said first portion of the data stream encrypted with a first encryption scheme;
	using the data review tunnel module to receive a second portion of
the data stream in the second data conduit, said second portion of the data stream encrypted with a second encryption scheme;
	decrypting and reconstructing a complete data stream, said complete
data stream derived from the decrypted and reconstructed first data stream and the
decrypted and reconstructed second data stream;
	analyzing and reviewing the flow of the complete data stream in conjunction with a data collector module, an interpreter module, and a set of data review decision rules module, said analyzing and reviewing for determining whether the flow of the data stream is associated with a higher than threshold level of likelihood of intrusion; and
	preparing, using a data reporter module, a data report based on the analysis and review, and use the data reporter module to publish the data report.

7.	As allowable subject matter has been indicated, applicant’s reply must either comply with all formal requirements or specifically traverse each requirement not complied with.  See 37 CFR 1.111(b) and MPEP § 707.07(a).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to THONG P TRUONG whose telephone number is (571)270-7905.  The examiner can normally be reached on M-F 8:30AM - 5:30PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on 57127267986798.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).  If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/THONG TRUONG/
Examiner, Art Unit 2433

/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433