DETAILED ACTION
This Office Action is in response to the Amendment filed on February 14th, 2022.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
In the instant Amendment, claims 1, 7 & 15 have been amended; and claims 1, 7 & 15 are independent. Claims 1-20 have been examined and are pending.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant’s submission filed on April 11th, 2022 has been entered.
 
Response to Arguments
Applicant’s arguments, see pages 6-8, filed 02/14/2022, with respect to the rejection(s) of claim(s) 1-20 under 35 U.S.C. 103(a) has been fully considered and are persuasive.  Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of Stair.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains.  Patentability shall not be negatived by the manner in which the invention was made.

Claims 1-20 are rejected under 35 U.S.C 103(a) as being unpatentable over Clark et al. (Clark), U.S. Pub. Number 2019/0109848, in view of Mamou et al. (Mamou), U.S. Pub. Number 2006/0069717, and further in view of Stair et al. (Stair), U.S. Pub. Number 2018/0241718.
Regarding claim 1; Clark discloses a cloud-native firewall system comprising:
a processor (par. 0484; processor.); and
a memory (par. 0484; a memory.) comprising computer-executable instructions associated with a cloud-native firewall that (par. 0484; instructions.), when executed by the processor (par. 0484; when executed by the processor.), cause the processor to perform operations (par. 0484; enable or cause the processor to perform one or more of the methods.) comprising
receiving, from a client operating in a first network, a request for access to a service operating in a second network (par. 0306; metadata obtained by the middleware.),
in response to the request, retrieving, from the service registry instance, the metadata associated with the service (par. 0306; has been generated by an authorized application.), and
executing, based at least m part upon the metadata, a policy rule to determine whether to allow or deny the client access to the service (par. 0306; conforms to an authorized data protocol, as determined based at least on the metadata; has been received from an authorized node; contains at least one port number that is present on a predetermined list of port numbers.).
Clark fails to explicitly disclose a first network comprising a first service registry instance, a second network comprising a second service registry instance, wherein the first service registry instance and the second service registry instance are synchronized and both contain metadata associated with the service.
However, in the same field of endeavor, Mamou discloses security service for a services oriented architecture in a data integration platform comprising a first network comprising a first service registry instance, a second network comprising a second service registry instance (par. 0408; providing a module for a metadata management function, providing a registry of services, providing one or more client interfaces service policies and interceptors and identifying the module in the registry, wherein the module can be accessed as a service in a services oriented architecture; registry of services include first registry service and second registry service.), wherein the first service registry instance and the second service registry instance are synchronized and both contain metadata associated with the service (pars. 0443-0444; a data synchronization module synchronizes data from disparate resources; e.g., a data synchronization module aligns similar entries in different classes, performs cross-linking analysis and removes any duplicative or erroneous records; facilitates synchronization of data across a plurality of transactional formats, electronic data interchange format data, synchronization of HIPAA data, and SWIFT format data.).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Mamou into the methods of Clark comprising a first network comprising a first service registry instance, a second network comprising a second service registry instance, wherein the first service registry instance and the second service registry instance are synchronized and both contain metadata associated with the service to permit use, reuse, and modification of functionality in a changing business environment and deploy data integration functions (Mamou: par. 0031).

Clark and Mamou fail to explicitly disclose a dynamic firewall policy rule.
However, in the same field of endeavor, Stair discloses single packet authorization in a cloud computing environment comprising a dynamic firewall policy rule (Stair: par. 0036; a temporary/dynamic firewall policy.).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Stair into the methods of Clark and the method and system of Mamou comprising a dynamic firewall policy rule to validate the encrypted packet to allow temporary connections from authorized sources (Stair: par. 0002).
Regarding claim 2; Clark, Mamou and Stair disclose the cloud-native firewall system of claim 1, wherein Clark further discloses the metadata comprises a dynamic IP address associated with a system that provides, at least in part, the service (Clark: par. 0680; obtain corresponding network address (i.e., IP address).).
Regarding claim 3; Clark, Mamou and Stair disclose the cloud-native firewall system of claim 2, wherein Clark further discloses the metadata further comprises a port number associated with the system that provides, at least in part, the service (Clark: par. 0459; obtaining destination port numbers.).
Regarding claim 4; Clark, Mamou and Stair disclose the cloud-native firewall system of claim 3, wherein Clark further discloses the metadata further comprises an authentication type (Clark: par. 0528; preprovisioned set of authentication code parameters including one or more of a source user application identifier, a payload data type descriptor, and port number.).
Regarding claim 5; Clark, Mamou and Stair disclose the cloud-native firewall system of claim 4, wherein Clark further discloses the metadata further comprises an authentication provider (Clark: par. 0533; an insurance provider via the public internet.).
Regarding claim 6; Clark, Mamou and Stair disclose the cloud-native firewall system of claim 1, wherein Clark further discloses the service provides the synchronized metadata to the second service registry instance during a registration process (par. 0715; certain instances the malware may be able to identify sufficient cryptographic data to compromise a security protocol.).
Regarding claims 7-14; Claims 7-14 are directed to method which have similar scope as claims 1-6. Therefore, claims 7-14 remain un-patentable for the same reasons.
Regarding claims 15-20; Claims 15-20 are directed to computer-readable storage medium which have similar scope as claims 1-6. Therefore, claims 15-20 remain un-patentable for the same reasons.






Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KHOI V LE whose telephone number is (571)270-5087. The examiner can normally be reached 9:00 AM - 5:00 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on 571-272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/KHOI V LE/
Primary Examiner, Art Unit 2436