Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Restriction to one of the following inventions is required under 35 U.S.C. 121:
I. Claims 1 - 7, 21 – 27, and 61 - 69 drawn to a method of controlling a rate of content requests, classified in H04L63/1425.
II. Claims 41 - 47, drawn to a method of filtering requests by a web extension running in a browser, classified in G06F9/44526.
Inventions I and II are related as subcombinations disclosed as usable together in a single combination.  The subcombinations are distinct if they do not overlap in scope and are not obvious variants, and if it is shown that at least one subcombination is separately usable.  In the instant case, subcombination I has separate utility; e.g., the rate control functionality can be enabled by a proxy server rather than the browser plug-in utilized in subcombination II.  See MPEP § 806.05(d).
The examiner has required restriction between subcombinations usable together. Where applicant elects a subcombination and claims thereto are subsequently found allowable, any claim(s) depending from or otherwise requiring all the limitations of the allowable subcombination will be examined for patentability in accordance with 37 CFR 1.104.  See MPEP § 821.04(a).  Applicant is advised that if any claim presented in a continuation or divisional application is anticipated by, or includes all the limitations of, a claim that is allowable in the present application, such claim may be subject to provisional statutory and/or nonstatutory double patenting rejections over the claims of the instant application. 

Restriction for examination purposes as indicated is proper because all the inventions listed in this action are independent or distinct for the reasons given above and there would be a serious search and/or examination burden if restriction were not required because one or more of the following reasons apply:
The inventions require a different field of search (for example, searching different classes/subclasses/symbols, other electronic resources, or employing different search queries).	For example:		subcombination I requires searches for monitoring traffic between two devices and consideration of rate limits, 		subcombination II requires searches for web extensions and their interaction with network monitoring devices.
Applicant is advised that the reply to this requirement to be complete must include (i) an election of an invention to be examined even though the requirement may be traversed (37 CFR 1.143) and (ii) identification of the claims encompassing the elected invention. 
The election of an invention may be made with or without traverse. To reserve a right to petition, the election must be made with traverse. If the reply does not distinctly and specifically point out supposed errors in the restriction requirement, the election shall be treated as an election without traverse. Traversal must be presented at the time of election in order to be considered timely. Failure to timely traverse the requirement will result in the loss of right to petition under 37 CFR 1.144. If claims are added after the election, applicant must indicate which of these claims are readable upon the elected invention.
Should applicant traverse on the ground that the inventions are not patentably distinct, applicant should submit evidence or identify such evidence now of record showing the inventions to be obvious variants or clearly admit on the record that this is the case. In either instance, if the examiner finds one of the inventions unpatentable over the prior art, the evidence or admission may be used in a rejection under 35 U.S.C. 103 or pre-AIA  35 U.S.C. 103(a) of the other invention.
 During a telephone call on 8/25/2022 a provisional election was made not to  traverse to prosecute the invention of I, claims 1 – 7, 21 – 27, and 61 - 69.  Affirmation of this election must be made by applicant in replying to this Office action.  Claim 41 – 47 are withdrawn from further consideration by the examiner, 37 CFR 1.142(b), as being drawn to a non-elected invention.


Double Patenting
Claims 1 – 2 and 4 - 7 are provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1 – 2 and 4 - 7 of copending Application No. 17/012,502. Each pending claim in the present application is fully anticipated by a corresponding pending claim in the copending application (i.e., pending claim 1 by copending claim 1, pending claim 2 by copending claim 2, pending claim 4 by copending claim 4, etc.)
Claims 21 - 26 are provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claim 1 - 6 of copending Application No. 17/012,644 in view of Srinivasan (US-11075923-B1).	Regarding claim 21, co-pending claim 1 anticipates all of said claim, with the exception that the evaluated request is a endpoint request rather than a domain request.	Srinivasan shows performing analogous request evaluations, said evaluations made based on the domain relevant the request (each tenant/organization (i.e., domain) in a multi-tentant cloud environment has their own unique set of security policies; see col. 3 lines 41-45, col. 4 lines 65 – col. 5 line 10).	It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to apply the domain-based security policy and rate limiting techniques of Srinivasan to the endpoint-based application of the co-pending application as grouping endpoints by their domain is a well-known technique to provide customizable but uniform treatment of requests to associated and related endpoints (i.e., all endpoints of a particular organization).	Regarding claims 22 – 26, each of said pending claims corresponds to a co-pending claim in co-pending claims 2 – 6 (i.e., pending claim 22 by copending claim 2, pending claim 23 by copending claim 3, pending claim 24 by copending claim 4, etc.).
This is a provisional nonstatutory double patenting rejection.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 21 – 27 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
	On page 5, lines 3 - 4, claim 21 recites:	
		“receiving a domain request from one of the one or more devices; 		receiving a JavaScript function request from the domain of the domain request;”	“Domain” in line 4 appears to be used to describe an association of related devices via the language “request from the domain”. However, it also recites the request from the domain is “of the domain request”. Combined with the line 3’s recitation of a received “domain request”, the scope of what precisely constitutes a “domain” and the intended scope for what could represent a “domain request” is unclear and indefinite. It is also unclear what the desired relationship or otherwise association is between the request in lines 3 and the request in line 4.	In order to perform a complete examination, the above language has been interpreted broadly; e.g., a domain request is any request targeted to or from (or otherwise relevant to) a particular domain.	Regarding claims 22 – 27, said claims depend on claim 21 and fail to clarify the above noted issues.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1, 2 and 4 – 6 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Kamath (US-20100131668-A1).	Regarding claim 1, Kamath shows a method for rate limiting ([143], “control the flow of requests”) access to data endpoints ([128]), the method comprising:	monitoring network traffic ([53-54] and [131], see “monitor requests”) between one or more devices on a first network (Fig. 1 item 104) and a second network (Fig. 1 item 104’); 	receiving a first data endpoint request from one of the one or more devices ([128] discussing a client’s request to a server);	comparing the first data endpoint request to a ledger of one or more data endpoints, the ledger having a rate limit associated with the one or more data endpoints, the rate limit defining a threshold number of requests allowed for the one or more data endpoints (Fig. 4 steps 405-415 and [159-160] where policies are specified for a particular “service resource”, “URL” or “IP address”, each of which are mechanisms to identify data endpoints; see also [142,145]); and 	in response to the first data endpoint request matching one or more of the data endpoints on the ledger ([161-162] discussing a “unique identifier of the specific server” used to “identify a policy that specifies . . . . a throttling mode”): 		comparing the first data endpoint request to the rate limit ([142,145] discussing a “throttling threshold for specific client 112 or server 116”) associated with the matching data endpoint on the ledger ([142,145,157] where data is controlled based on the particular identifiers such as URLs, specific servers, clients); and 		blocking (Fig. 4 steps 420-425 and [164]) the first data endpoint request if the data endpoint request exceeds the threshold number of requests allowed for the matching data endpoint on the ledger ([141-142, 157]).
Regarding claim 2, Kamath shows allowing the data endpoint request when the data endpoint request does not exceed the threshold number of requests allowed for the matching data endpoint on the ledger ([165]).
Regarding claim 4, Kamath shows wherein the ledger includes a mapping of one or more triggering domains associated with each of the one or more data endpoints ([142] discussing a policy based on the “domain name of a service resource”).
	Regarding claim 5, Kamath shows receiving a second data endpoint request, the second data endpoint being a request for a triggering domain of the one or more data endpoints ([142]); 	activating a temporary rate limit for the one or more data endpoints associated with the triggering domain ([144-145, 148] discussing a maximum number of requests over a threshold period).
Regarding claim 6, Kamath shows disabling the temporary rate limit for the one or more data endpoints associated with the triggering domain after a threshold period of time ([148-150, 162] discussing where throttling modes may change depending on the time period).

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 3  is rejected under 35 U.S.C. 103 as being unpatentable over Kamath in view of Purusothaman (US-20190364072-A1).
	Regarding claim 3, Kamath shows storing, in a memory of a computing device, one or more compatibility modules, the one or more compatibility modules being a security policy defining the rate limit for the one or more data endpoints (Fig. 4A, 420 and [133,141])	Kamath does not show receiving a user selection of at least one of the one or more compatibility modules, the user selection being received via a graphical user interface; and 	enabling the selected security policy.	Purusothaman shows receiving a user selection of at least one of the one or more compatibility modules, the user selection being received via a graphical user interface ([65-66,72,82]); and 	enabling the selected security policy ([82]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the network policy application techniques of Kamath with the user selection mechanism of Purusothaman in order to allow users of the system to ensure the desired level of protection is provided for their associated devices and networks.

Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Kamath in view of Kaidi (US-20210367923-A1).
	Regarding claim 7, Kamath shows data endpoint based request processing ([142]).	Kamath does not show receiving a third data endpoint request, the third data endpoint request being for the same domain as the second data endpoint request; and	extending the temporary rate limit for the one or more data endpoints associated with the triggering domain.	Kaidi shows receiving a third data endpoint request, the third data endpoint request being for the same domain as the second data endpoint request ([17] discussing repeated subsequent requests either from or targeting a particular IP address) ; and
	extending the temporary rate limit for the one or more data endpoints associated with the triggering domain ([17,19] further discussing monitoring requests after a threshold was breached, including subsequently implementing and extending a request blocking period).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the request control techniques of Kamath wit the subsequent request awareness and responsiveness of Kaidi in order to streamline the request control and avoid repeated blocking/unblocking operations, thus optimizing the use of network resources.

Claims 21 and 23 - 24 are rejected under 35 U.S.C. 103 as being unpatentable over Srinivasan (US-11075923-B1) in view of Phung (Phung, Phu H., David Sands, and Andrey Chudnov. "Lightweight self-protecting JavaScript." Proceedings of the 4th International Symposium on Information, Computer, and Communications Security. (Year: 2009)).
	Regarding claim 21, Srinivasan shows a method for rate limiting of functions, the method comprising: 	monitoring network traffic between one or more devices on a first network and a second network (Figs. 5 – 7); 	receiving a domain request from one of the one or more devices (col. 10 lines 45-55); 	receiving a function request from the domain of the domain request (col. 3 lines 41-51 and col. 4 line 64 – col. 5 line 9); 	comparing the function request considering a rate limit plurality of domains, the rate limit defining a threshold number of functions requests allowed for each of the plurality of domains in a period of time (col. 14 lines 4-35); and		 in response to the domain matching one of the plurality of domains on the ledger: compare the domain to the rate limit associated with the matching domain of the plurality of domains on the ledger; determine the rate limit associated with the domain for the function request has been exceeded (col. 14 lines 4-20 and col. 14 line 60 – col. 15 line 3); 	log the function request in the ledger (col. 6 lines 42-47 and col. 15 lines 15-16).	Srinivasan does not show limiting JavaScript function requests, 
	comparing the JavaScript function request to a ledger, the ledger having a rate limit associated with one or more JavaScript functions, 
	determine the rate limit associated with the domain for the JavaScript function request has been exceeded; and	block the JavaScript function request.	Phung shows limiting JavaScript function requests (pg. 48, right column lines 22-25 and 36 – 38, pg. 54, right column lines 28 – 42), 
	comparing the JavaScript function request to a ledger, the ledger having a rate limit associated with one or more JavaScript functions (pg. 50 right column lines 28-56), 
	determine the rate limit associated with the domain for the JavaScript function request has been exceeded (pg. 54, right column lines 35-42); and	block the JavaScript function request (pg. 48, right column lines 22-25 and 36 – 38, pg. 54, right column lines 28 – 42).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the request control of Srinivasan with the Javascript, ledger-based control of Phung in order to provide network protection when utilizing the popular, but untrustworthy Javascript (Phung, pg. 47, right column lines 14 – 16).	Regarding claim 23, Srinivasan in view of Phung further show wherein the ledger is maintained in a memory (Phung, pg. 49 left column lines 5-25 and right column lines 40-45) by a wrapper function (Phung, pg. 48 right column lines 49-52 and pg. 49 left column lines 48-51).
Regarding claim 24, Srinivasan in view of Phung further show wherein the ledger operates using a ledger logic (Phung, pg. 49 left column lines 1-25), the ledger logic and wrapper function being deployed on the domain (Phung, pg. 47 right column lines 51-54, pg. 48 left column lines 31-34 and pg. 49 right column lines 8-10) using a JavaScript file (Phung, pg. 50 right column lines 22-53 and pg. 52 right column lines 17-29).

Claim 22 is rejected under 35 U.S.C. 103 as being unpatentable over Srinivasan in view of Phung, as applied to claim 21 above, further in view of Holloway (US-20120117267-A1).
	Regarding claim 22, Srinivasan in view of Phung show domain-based request handling (Srinivasan, col. 3 lines 41-51 and col. 4 line 64 – col. 5 line 9).	Srinivasan in view of Phung do not show returning falsified values.	Holloway shows returning falsified values ([166]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the network monitoring and control of Srinivasan in view of Phung with the request handling of Holloway in order to further deter attackers or others from misusing the monitored network resources.

Claim 25 is rejected under 35 U.S.C. 103 as being unpatentable over Srinivasan in view of Phung, as applied to claim 21 above, further in view of Klatt (US-20170099314-A1).
	Regarding claim 25, Srinivasan in view of Phung show use of a ledger, and of a risk score correlating to a privacy risk (Phung, pg. 53 left column lines 14-21 and right column lines 25-29).	Srinivasan in view of Phung do not show assigning a risk score to a plurality of domains.	Klatt shows assigning a risk score to a plurality of domains ([11,18]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the network monitoring and control of Srinivasan in view of Phung with the domain risk scoring of Klatt in order to better anticipate which communications have the most risk, and thus selectively provide those communications with additional scrutiny, thus improving system security while minimizing additional resource use. 

Claim 26 is rejected under 35 U.S.C. 103 as being unpatentable over Srinivasan in view of Phung and Klatt, as applied to claim 25 above, further in view of Moscicki (Moscicki et al. English translation of CN 105723376 A.  (Year: 2014)).
	Regarding claim 26, Srinivasan in view of Phung and Klatt show domain based request handling (Srinivasan, col. 3 lines 41-51 and col. 4 line 64 – col. 5 line 9) and risk score associated with a plurality of domains (Klatt, [11,18]).	Srinivasan in view of Phung and Klatt do not show rate limit based on the associated risk score.	Moscicki shows rate limit based on the associated risk score (pg. 15 lines 29-41).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the network monitoring and control of Srinivasan in view of Phung and Klatt with Moscicki in order to continue to utilize the risk information of Srinivasan in view of Phung and Klatt in order to better prevent risky communications from overwhelming the network.

Claim 27 is rejected under 35 U.S.C. 103 as being unpatentable over Srinivasan in view of Phung, as applied to claim 21 above, further in view of Purusothaman.
	Regarding claim 27, Srinivasan in view of Phung show claim 21, including security policies defining the rate limit for the plurality of domains (Srinivasan, col. 14 lines 4-20 and col. 14 line 63 col. 15 line 3; also Phung, pg. 54, right column lines 35-42).	Srinivasan in view of Phung do not show storing, in a memory of a computing device, one or more compatibility modules;	receiving a user selection of at least one of the one or more compatibility modules, the user selection being received via a graphical user interface; and 	enabling the selected security policy.	Purusothaman shows storing, in a memory of a computing device, one or more compatibility modules;	receiving a user selection of at least one of the one or more compatibility modules, the user selection being received via a graphical user interface ([65-66, 77, 82]); and 	enabling the selected security policy ([82]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the network monitoring and control of Srinivasan in view of Phung with Purusothaman in order to allow users of the system to ensure the desired level of protection is provided for their associated devices and networks.


	


Claims 61 and 62 are rejected under 35 U.S.C. 103 as being unpatentable over Kamath in view of Feng (US-20170134430-A1) and Kirti (US-20170251013-A1).
	Regarding claim 61, Kamath shows a method for privacy and security policy delivery, comprising: 	storing, in a memory device of a computing device, activity data associated with a plurality of clients and servers on a first network ([54,57,128]);	monitoring, by the computing device, a stream of packets ([50-51] discussing streaming application delivery, as well as streaming video and audio; note TCP is utilizing [41-42]; TCP inherently utilizes packetized communications) addressed to a destination endpoint on the first network (Fig. 2B where services 270 are on network 104’), the stream of packets originating from a device on a second network; (Fig. 2B, see one of the clients 120 on network 104)	analyzing, by the computing device, the stream of packets to identify a first identifier associated with the destination endpoint and a second identifier associated with the originating device ([141] discussing throttling specific devices/users);	comparing, by the computing device, the first and second identifier with the activity data stored in the memory device ([143,145,157]); 	Kamath does not show data associated with a plurality of domains, including a first domain and a second domain, 	determining a security risk of the first and second domain, and	enforcing, by the computing device, security policies for the first and second domains based on the determined security risks for each domain.	Feng shows data associated with a plurality of domains, including a first domain and a second domain ([32-33,37]), and	determining a security risk of the first and second domain ([45-46, 48, 58]), and 	enforcing, by the computing device, security policies for the first and second domains based on the determined security risks ([15-16,26,37]) for each domain ([22] showing domains 110 and 130).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the request monitoring of Kamath with the domain based analysis of Feng in order to improve the resultant network protection via domain specific application of security policies; grouping devices by domain enables improved management of security policies as policies can be easily applied to related devices (i.e., ones in the same domain).	Kamath in view of Feng do not show where the determined security risk is for a user of an originating device.	Kirti shows determined security risks originating device users when evaluating network requests ([138-140, 151-152]).	It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the request monitoring of Kamath in view of Feng with user based risk determination in order to facilitate more detailed evaluation of the context of the potential security incident/risk, and thus make more intelligent and informed determinations.
	Regarding claim 62, Kamath in view of Feng and Kirti further show wherein the memory device includes a first cache and a second cache, the method further comprising: 	storing, in the first cache of the memory device, activity data associated with at least one first domain of the first network (Feng, [26,31,38-40]); and 	storing, in the second cache of the memory device, activity data associated with at least one second domain (Feng, [26,31,38-40]) associated with the originating device on the second network (Kirti, [112,114]).

Claim 63 is rejected under 35 U.S.C. 103 as being unpatentable over Kamath in view of Feng and Kirti, as applied to claim 61 above, further in view of Brinskelle (US-8856869-B1).
	Regarding claim 63, Kamath in view of Feng and Kirti show streams of packets (Kamath, [50-51] discussing streaming application delivery, as well as streaming video and audio; note TCP is utilizing [41-42]; TCP inherently utilizes packetized communications).	Kamath in view of Feng and Kirti do not show use of a secure connection established with the originating device via a trusted certificate of the originating device.	Brinskelle shows a secure connection established with the originating device via a trusted certificate of the originating device (Figs. 9 and 10).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the network monitoring disclosure of Kamath in view of Feng and Kirti with the secure communications of Brinskelle in order to better ensure data confidentiality and resultant network security.

Claim 64 is rejected under 35 U.S.C. 103 as being unpatentable over Kamath in view of Feng and Kirti, as applied to claim 61 above, further in view of Purusothaman.
	Regarding claim 64, Kamath in view of Feng and Kirti show storing, in a memory of a computing device, one or more compatibility modules, the one or more compatibility modules being a security policy defining the rate limit for the one or more data endpoints (Kamath, Fig. 4A, 420 and [133,141])	Kamath in view of Feng and Kirti do not show receiving a user selection of at least one of the one or more compatibility modules, the user selection being received via a graphical user interface; and 	enabling the selected security policy.	Purusothaman shows receiving a user selection of at least one of the one or more compatibility modules, the user selection being received via a graphical user interface ([65-66,72,82]); and 	enabling the selected security policy ([82]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the network monitoring disclosure of Kamath in view of Feng and Kirti with the user selection mechanism of Purusothaman in order to allow users of the system to ensure the desired level of protection is provided for their associated devices and networks.

	
Claim 65 is rejected under 35 U.S.C. 103 as being unpatentable over Kamath in view of Feng, Kirti and Purusothaman, as applied to claim 64 above, further in view of Varadharajan (Varadharajan, Vijay, et al. "A policy-based security architecture for software-defined networks." IEEE Transactions on Information Forensics and Security 14.4: 897-912. (Year: 2018)).
	Regarding claim 65, Kamath in view of Feng, Kirti and Purusothaman show compatibility modules (Purusothaman, [65-66,72,82]) and evaluations made based on a determined security risk for a domain (Feng, [45-46, 48, 58]).	Kamath in view of Feng, Kirti, and Purusothaman do not show wherein enforcing the security policies of the first and second network, comprises: accessing, by the computing device, security settings associated with each of the first and second domains	Varadharajan shows wherein enforcing the security policies of the first and second network, comprises: accessing, by the computing device, security settings associated with each of the first and second domains (pg. 897 left column lines 13-22, pg. 901, right column lines 39-42, pg. 902, left column line 17 – right column line 12, pg. 903, left column lines 16-28, discussing domain specific security policy requirements (noted on pg. 903, right column lines 38-45 as being expressible via Policy Expression templates), which are shared via security labels to propagate traffic across multiple domains with variable security policies) 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the network monitoring disclosure of Kamath in view of Feng, Kirti, and Purusothaman with the domain sensitive security requirement propagation in order to ensure consistent application of security rules as traffic crosses domain boundaries. 

Claim 66 is rejected under 35 U.S.C. 103 as being unpatentable over Kamath in view of Feng, Kirti, and Brinskelle, as applied to claim 63 above, further in view of Akashika (EP-2068264-A2).
	Regarding claim 66, Kamath in view of Feng, Kirti, and Brinskelle show processing the stream of packets (Kamath, [50-51] discussing streaming application delivery, as well as streaming video and audio; note TCP is utilizing [41-42]; TCP inherently utilizes packetized communications).	Kamath in view of Feng, Kirti, and Brinskelle do not show decryption based on a trusted root certificate.	Akashika shows decryption based on a trusted root certificate ([39]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the network monitoring disclosure of Kamath in view of Feng, Kirti, and Brinskelle with the security implementation of Akashika in order to utilize an industry standard encryption implementation, enabling secure and private communication across network boundaries. 

Allowable Subject Matter
Claim 67 is presently objected to, and would be allowable if rewritten in independent form with all the requirements of its parent claims. The prior art of record does teach monitoring and storing activity data as cited above, and the use of cookies is well known in the prior art. However, the use of a cookie containing an associated expiration time in the manner claimed is absent from the prior art given the context established by claim 67’s parent claims. 	Claims 68 – 69 are dependent on claim 67, and thus similarly objected to.





Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure, including Stein (US-10440042-B1).

Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOHN M MACILWINEN whose telephone number is (571)272-9686. The examiner can normally be reached Monday - Friday, 9:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, WILLIAM TROST can be reached on (571)272-7872. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

JOHN MACILWINEN
Primary Examiner
Art Unit 2442



/JOHN M MACILWINEN/Primary Examiner, Art Unit 2442