DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 11/30/2020.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Drawings
The drawings were received on 11/27/2020.  These drawings are objected.
New corrected drawings in compliance with 37 CFR 1.121(d) are required in this application.
In the drawings, FIGS. 1-4 do not comply with 37 CFR 1.84(u)(2) because the numbers and letters identifying the views must be simple and clear and must not be used in association with brackets, circles, or inverted commas; AND the view numbers must be larger than the numbers used for reference characters.
In the drawings, FIGS. 1-4 do not comply with 37 CFR 1.84(p)(3) because the LETTERS / NUMBERS and/or REFERENCE CHARACTERS do not measure at least .32 cm. (1/8 inch) in height.
In the drawings, FIGS. 1-3 do not comply with 37 CFR 1.84(g) because of insufficient LEFT margins.  
In the drawings, FIGS. 1-4 are objected to because none of the drawings reasonably depict the method recited by claim 46.  See MPEP 608.01(g), “Every feature specified in the claims must be illustrated, but there should be no superfluous illustrations.”
Applicant is advised to employ the services of a competent patent draftsperson outside the Office, as the U.S. Patent and Trademark Office no longer prepares new drawings. The corrected drawings are required in reply to the Office action to avoid abandonment of the application. The requirement for corrected drawings will not be held in abeyance.

Claim Objections
Claims 35, 43, 47, 49 and 50 are objected to because of the following informalities:  
Claim 33 recites “each data packet” in line 2. Examiner recommends “each of the data packet” to clearly indicate the “data packet” in Claim 31.
Claim 35 recites “each data packet” in line 2-3. Examiner recommends “each of the data packet” to clearly indicate the “data packet” in Claim 31.
Claim 41 recites “each data packet” in line 2-3. Examiner recommends “each of the data packet” to clearly indicate the “data packet” in Claim 38.
Claim 43 recites “each data packet” in line 2. Examiner recommends “each of the data packet” to clearly indicate the “each data packet” in Claim 38.
Claim 47 recites “each data packet” in line 1. Examiner recommends “the each data packet” to clearly indicate the “each data packet” in Claim 46.
Claim 49 recites “each data packet” in line 1. Examiner recommends “the each data packet” to clearly indicate the “each data packet” in Claim 46.
Claim 50 recites “each data packet” in line 1. Examiner recommends “the each data packet” to clearly indicate the “each data packet” in Claim 46.
Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention

The following is a quotation of 35 U.S.C. 112(b):

CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


Claims 32, 33, 36, 40, 44, 45 and 50 are rejected under 35 U.S.C. 112(a), first paragraph, as failing to comply with the written description requirement. The claims contain subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, the inventor(s), at the time the application was filed, had possession of the claimed invention. 
As per claims 32 and 40, they recite “a cryptographic protection encapsulation layer, a descriptor encapsulation layer and a data encapsulation layer” however the application as filed does not contain adequate written description of this feature.  While there is no in haec verba requirement, newly added claims or claim limitations must be supported in the specification through express, implicit, or inherent disclosure.  An adequate written description of the invention may be shown by any description of sufficient, relevant, identifying characteristics so long as a person skilled in the art would recognize that the inventor had possession of the claimed invention. In this case, the application as filed does not describe the claimed feature “a cryptographic protection encapsulation layer, a descriptor encapsulation layer and a data encapsulation layer”. Examiner reviewed the all three separate specifications filed on 11/27/2020. Examiner reviewed descriptions regarding ISO/OSI model and transport encrypted protocol (TEP). However, they do not describe the technologies in the claims. 
As per claim 33 and 41, they recite “the first application … by using a public key of the receiver of the data packet according to an asymmetric encryption scheme” however the application as filed does not contain adequate written description of this feature.  While there is no in haec verba requirement, newly added claims or claim limitations must be supported in the specification through express, implicit, or inherent disclosure.  An adequate written description of the invention may be shown by any description of sufficient, relevant, identifying characteristics so long as a person skilled in the art would recognize that the inventor had possession of the claimed invention.  In this case, the application as filed does not describe the claimed the feature of “symmetric encryption scheme”. Examiner reviewed the all three separate specifications filed on 11/27/2020. However, they do not describe the technologies in the claims. 
As per claim 36 and 44, they recite “implement a logic circuit … performs device to device communications” however the application as filed does not contain adequate written description of this feature.  While there is no in haec verba requirement, newly added claims or claim limitations must be supported in the specification through express, implicit, or inherent disclosure.  An adequate written description of the invention may be shown by any description of sufficient, relevant, identifying characteristics so long as a person skilled in the art would recognize that the inventor had possession of the claimed invention.  In this case, the application as filed does not describe the claimed the feature of “device to device communications”. Examiner reviewed the all three separate specifications filed on 11/27/2020. However, they do not describe the technologies in the claims.
As per claim 50, they recite “verifying a correspondence … ; discarding the data …” however the application as filed does not contain adequate written description of this feature.  While there is no in haec verba requirement, newly added claims or claim limitations must be supported in the specification through express, implicit, or inherent disclosure.  An adequate written description of the invention may be shown by any description of sufficient, relevant, identifying characteristics so long as a person skilled in the art would recognize that the inventor had possession of the claimed invention. In this case, the application as filed does not describe the claimed the feature of “verifying a correspondence … ; discarding the data …”. Examiner reviewed the all three separate specifications filed on 11/27/2020. However, they do not describe the technologies in the claims.
 The description is a dictionary for the claims and should provide clear support or antecedent basis for all terms used in the claims. See 37 CFR 1.75, MPEP § 608.01(i), § 608.01(o), and § 1302.01, and § 2111.01.

Claims 37, 43 and 44 are rejected under 35 U.S.C. 112(b), second paragraph, as failing to set forth the subject matter which the inventor or a joint inventor, the applicant regards as the invention. 
As per claim 37, it recites the limitation “first software application” in line 1-2.  There is insufficient antecedent basis for this limitation in the claim. For the sole purpose of prior art analysis, examiner has interpreted the limitation to recite as follows “first application”. 
As per claim 43, it recites the limitation “second software application” in line 1-2.  There is insufficient antecedent basis for this limitation in the claim. For the sole purpose of prior art analysis, examiner has interpreted the limitation to recite as follows “second application”. 
As per claim 44, it recites the limitation “first software application” in line 1-2.  There is insufficient antecedent basis for this limitation in the claim. For the sole purpose of prior art analysis, examiner has interpreted the limitation to recite as follows “first application”.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 31, 35-39 and 43-45 are rejected under 35 U.S.C. 103 as being unpatentable over Gorajala Chandra et al. (US 20160241702 A1 hereinafter “GC”) in view of Mehedy et al. (US 20190342084 A1 hereinafter “Mehedy”) in view of Register et al. (US 20170324708 A1 hereinafter “Register”) in view of Lee et al. (US 20200259863 A1, Foreign Priority on 08/29/2017, hereinafter “Lee”).
Regarding independent claim 31, (New) GC discloses a telecommunication apparatus, comprising (Figs. 7 and 8): 

As per Figs. 7 and 8, GC states, in para. 0062, that Figs. 7 and 8 use corresponding reference numbers but hundreds place and further description of the previously described functional units is omitted for brevity in Fig. 8. Thus, Examiner asserts that both Figures are considered as one embodiment with various aspect of features (Emphasis added).

a calculator (para. 0088-0091, Embodiments of the present supports a general-purpose or special-purpose processor (“calculator”) programmed with instructions to perform these steps); 
a hypervisor comprised in a firmware of said calculator; and an antenna (para. 0061-0063, a dual-band wireless AP 700 and 800 comprising a hypervisor 860, host OS 720, two band antennas (712, 713, respectively the “hypervisor, firmware and calculator”)); 
the hypervisor is configured to launch a virtual machine executing a first application and a second application (para 0061, Host OS comprises a virtualization application 730 (“virtual machine”). On the VM, virtual machine 732 and 735 are created (“first and second application”)), and 
the first application executed by the virtual machine is configured to [[generate a data packet]] to be transmitted and is further configured to transmit the data packet as radiofrequency pulses emitted by the antenna (para. 0061,  A Wi-Fi module 734, included the virtual machines 732 above (“first application executed by the virtual machine”), managing the band 1 Wi-Fi services may run on guest OS 733. A radio frequency (RF) unit 711 of host hardware platform 710 includes a band 1 antenna 712 and a band 2 antenna 713 so that dual-band wireless AP 700 may operate on two radio frequencies, such as 2.4 GHz band and 5 GHz band, concurrently (“transmit the data packet as radiofrequency pulses emitted by the antenna”)).
Although GC teaches second virtual machines 735 (analogous to the “second application”), it does not teach “a copy of a distributed ledger; the distributed ledger contains a database of caller identifiers that transit through said telecommunication apparatus, each of the caller identifiers is recorded in the distributed ledger as a corresponding hash, and the second application executed by the virtual machine is configured to select a hash recorded in the distributed ledger corresponding to a receiver of the data packet to be transmitted, and is further configured to provide said selected hash to the first application”.
In a same field of endeavor, Mehedy discloses the apparatus, wherein 
a copy of a distributed ledger (para. 0051, FIG. 4A, a blockchain network is shown which includes a plurality of blockchain peer nodes 410-414 (“distributed ledger”));
the distributed ledger contains a database of caller identifiers that transit through said telecommunication apparatus, each of the caller identifiers is recorded in the distributed ledger as a corresponding hash (para. 0051-0056, the blockchain peer 410 may broadcast the file hash to the other blockchain peers 411-413 in the network (“hash corresponding caller identifiers, recorded in the distributed ledger”)), and 
the second application executed by the virtual machine is configured to select a hash recorded in the distributed ledger corresponding to a receiver of the data packet to be transmitted (para. 0051-0056, The blockchain peer 410 may hash each file share with the public key of the selected storing peer for this file share and generates a hash for the share (“hash corresponding to a receiver of the data packet”). The blockchain peer 410 may broadcast the file hash (“data packet to be transmitted”) to the other blockchain peers 411-413 in the network), and is further configured to provide said selected hash to the first application (para. 0051-0056, the blockchain peer 410 (“second application”) transmits a file hash (or id) of the file to the client node (“to provide said selected hash to the first application”) for reference and later retrieval).
Mehedy teaches, in para. 0038, that blockchain nodes including the blockchain base or platform may include various layers of blockchain data, services (e.g., virtual execution environment, etc.). Thus, Examiner asserts that blockchain peer 410, as the second application as claimed, cures the deficiency of the second virtual machines 735 disclosed by GC. The client node (the user, considered the first application above) is also cured by the virtual machines 732 disclosed by GC as stated above. 
GC and Mehedy are analogous arts because they are in a similar field of endeavor in improving security in transmission and reception of electronic message. Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by GC with the teachings of Mehedy to include a second application which is configured to select a hash recorded in the distributed ledger corresponding to a receiver of the data packet to be transmitted, and is further configured to provide said selected hash to the first application. One of ordinary skill in the art would have been motivated to make this modification because the distributed ledger (such as blockchain) may hold a continuously growing list of records that apply cryptographic techniques such as storing cryptographic hashes relating to other blocks within a chain of blocks. Cryptography is used to ensure integrity of information, protect private information, secure an authentication of a transaction source. Thus, the blockchain may separately manage file storage creating an additional layer of security (para. 0003 and 0023).
However, the combination does explicitly not teaches “the first application is configured to insert said selected hash in the data packet to be transmitted”.
In a same field of endeavor, Register further discloses the apparatus, wherein the first application is configured to insert said selected hash in the data packet to be transmitted (para. 0047, adding a new encapsulation header to the packet 305 that includes the hash value 311, inserting the hash value 311 into one or more existing fields within the packet 305, adding a new field to the packet 305 that includes the hash value 311).
GC, Mehedy and Register are analogous arts because they are in a similar field of endeavor in improving security in transmission and reception of electronic message. Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by GC and Mehedy with the teachings of Register to insert a selected hash in a data packet to be transmitted. One of ordinary skill in the art would have been motivated to make this modification because a hash table may configure to store entries for a plurality of input packets. Thus, the entry within the hash table further includes a receipt mask, and further includes setting bits within the receipt mask to indicate receipt of return packets from the plurality of network security tools (para. 0008). Therefore, the receipt mask associated with the matching hash value is updated to indicate that a return packet has been received from the security tool that sent the return packet.
However, the combination does not teach “virtual machine is configured to generate a data packet”.
In a same field of endeavor, Lee discloses the virtual machine, wherein virtual machine is configured to generate a data packet (para. 0010, generating a first TCP packet including a payload of the decrypted first SSL packet transmitted from the virtual client to the virtual server).
GC, Mehedy, Register and Lee are analogous arts because they are in a similar field of endeavor in improving security in transmission and reception of electronic message. Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by GC, Mehedy and Register with the teachings of Lee to include a virtual machine which generates a data packet. One of ordinary skill in the art would have been motivated to make this modification because it provides a method for setting up a TCP session between a virtual client and a virtual server, transmitting a packet transmitted and received to set up the TPC session between the virtual client and the virtual server (para. 0008).

Regarding claim 35, (New) the combination of GC, Mehedy, Register and Lee discloses the telecommunication apparatus according to claim 31, wherein the second application is configured to generate and store in the distributed ledger a record of each data packet transmitted by the first application (Mehedy: para. 0051-0056, the blockchain peer node 410 receives a request to store a file from a client through a client-side application (analogous to “data packet transmitted by the first application”). The blockchain peer 410 may hash each file share with the public key of the selected storing peer for this file share and generates a hash for the share (“hash corresponding to a receiver of the data packet”). The blockchain peer 410 may broadcast the file hash to the other blockchain peers 411-413 in the network (“hash recorded in the distributed ledger”); GC: para. 0061, a two-band wireless access point 700 with two virtual machines 732 and 735 (“first and second application executed by the virtual machine”) in accordance with an embodiment of the present invention).

Regarding claim 36, (New) the combination of GC, Mehedy, Register and Lee discloses the telecommunication apparatus according to claim 31, wherein the first application is configured to implement a logic circuit to simulate an apparatus that performs device to device communications (GC: para. 0061,  On virtualization application 730, virtual machine 732 is created and a guest OS 733 (“a logic circuit”) may run on virtual machine 732. A Wi-Fi module 734 (“apparatus”) managing the band 1 Wi-Fi services may run on guest OS 733 (“device to device communications in simulated apparatus”)). 

Regarding claim 37, (New) the combination of GC, Mehedy, Register and Lee discloses the telecommunication apparatus according to claim 36, wherein the first software application is configured to have the logic circuit to simulate an apparatus that operates as a node of a peer to peer network (GC: para. 0061, A Wi-Fi module 734 (“apparatus”) managing the band 1 Wi-Fi services may run on guest OS 733 (“logic circuit” and “simulating an apparatus as a node” b/t at least one wireless client and a wireless AP (“peer to peer network”))).

Regarding independent claim 38, (New) GC discloses a mobile station comprising (Figs. 7 and 8; para. 0034, the system supports IP-PBX phone system appliances (“mobile station”)):

As per Figs. 7 and 8, GC states, in para. 0062, that Figs. 7 and 8 use corresponding reference numbers but hundreds place and further description of the previously described functional units is omitted for brevity in Fig. 8. Thus, Examiner asserts that both Figures are considered as one embodiment with various aspect of features (Emphasis added).
 
an EPROM storing a firmware comprising a hypervisor configured to launch a virtual machine which is configured to execute a first application and a second application (para. 0027, Embodiments of the present supports a machine-readable medium including erasable PROMs (EPROMs); para. 0061-0063, a dual-band wireless AP 700 and 800 comprising a hypervisor 860, host OS 720, a virtualization application 730 and virtual machines 732 and 735, respectively the “hypervisor, virtual machine and 1st and 2nd applications”)), 
an antenna, and wherein the first application executed by the virtual machine is configured to [[generate a data packet]] to be transmitted and transmit the data packet as radiofrequency pulses emitted by the antenna (para. 0061,  A Wi-Fi module 734, included the virtual machines 732 above (“first application executed by the virtual machine”), managing the band 1 Wi-Fi services may run on guest OS 733. A radio frequency (RF) unit 711 of host hardware platform 710 includes a band 1 antenna 712 and a band 2 antenna 713 so that dual-band wireless AP 700 may operate on two radio frequencies, such as 2.4 GHz band and 5 GHz band, concurrently (“transmit the data packet as radiofrequency pulses emitted by the antenna”)).
Although GC teaches virtual machines 735 (considers as the “second application”), it does not teach “storing a distributed ledger which contains a database comprising caller identifiers that transit through said mobile station, wherein each one of the caller identifiers is recorded in the distributed ledger as a corresponding hash; the second application executed by the virtual machine is configured to select a hash recorded in the distributed ledger corresponding to a receiver of the data packet to be transmitted, and is further configured to provide said selected hash to the first application.”
In a same field of endeavor, Mehedy discloses the station, wherein storing a distributed ledger which contains a database comprising caller identifiers that transit through said mobile station, wherein each one of the caller identifiers is recorded in the distributed ledger as a corresponding hash (para. 0051-0056, the blockchain peer 410 may broadcast the file hash to the other blockchain peers 411-413 in the network (“hash corresponding caller identifiers, recorded in the distributed ledger”)), 
the second application executed by the virtual machine is configured to select a hash recorded in the distributed ledger corresponding to a receiver of the data packet to be transmitted (para. 0051-0056, The blockchain peer 410 may hash each file share with the public key of the selected storing peer for this file share and generates a hash for the share (“hash corresponding to a receiver of the data packet”). The blockchain peer 410 may broadcast the file hash (“data packet to be transmitted”) to the other blockchain peers 411-413 in the network), and is further configured to provide said selected hash to the first application (para. 0051-0056, the blockchain peer 410 (“second application”) transmits a file hash (or id) of the file to the client node (“to provide said selected hash to the first application”) for reference and later retrieval).
Mehedy teaches, in para. 0038, that blockchain nodes including the blockchain base or platform may include various layers of blockchain data, services (e.g., virtual execution environment, etc.). Thus, Examiner asserts that blockchain peer 410, as the second application as claimed, cures the deficiency of the second virtual machines 735 disclosed by GC. The client node (the user, considered the first application above) is also cured by the virtual machines 732 disclosed by GC as stated above.
GC and Mehedy are analogous arts because they are in a similar field of endeavor in improving security in transmission and reception of electronic message. Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by GC with the teachings of Mehedy to include a second application which is configured to select a hash recorded in the distributed ledger corresponding to a receiver of the data packet to be transmitted, and is further configured to provide said selected hash to the first application. One of ordinary skill in the art would have been motivated to make this modification because the distributed ledger (such as blockchain) may hold a continuously growing list of records that apply cryptographic techniques such as storing cryptographic hashes relating to other blocks within a chain of blocks. Cryptography is used to ensure integrity of information, protect private information, secure an authentication of a transaction source. Thus, the blockchain may separately manage file storage creating an additional layer of security (para. 0003 and 0023).
However, the combination does explicitly not teaches “the first application is configured to insert said selected hash in the data packet to be transmitted”.
In a same field of endeavor, Register further disclose the mobile station, wherein the first application is configured to insert said selected hash in the data packet to be transmitted (para. 0047, adding a new encapsulation header to the packet 305 that includes the hash value 311, inserting the hash value 311 into one or more existing fields within the packet 305, adding a new field to the packet 305 that includes the hash value 311).
GC, Mehedy and Register are analogous arts because they are in a similar field of endeavor in improving security in transmission and reception of electronic message. Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by GC and Mehedy with the teachings of Register to insert a selected hash in a data packet to be transmitted. One of ordinary skill in the art would have been motivated to make this modification because a hash table may configure to store entries for a plurality of input packets. Thus, the entry within the hash table further includes a receipt mask, and further includes setting bits within the receipt mask to indicate receipt of return packets from the plurality of network security tools (para. 0008). Therefore, the receipt mask associated with the matching hash value is updated to indicate that a return packet has been received from the security tool that sent the return packet. 
However, the combination does not teach “virtual machine is configured to generate a data packet”.
In a same field of endeavor, Lee discloses the virtual machine, wherein virtual machine is configured to generate a data packet (para. 0010, generating a first TCP packet including a payload of the decrypted first SSL packet transmitted from the virtual client to the virtual server).
GC, Mehedy, Register and Lee are analogous arts because they are in a similar field of endeavor in improving security in transmission and reception of electronic message. Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by GC, Mehedy and Register with the teachings of Lee to include a virtual machine which generates a data packet. One of ordinary skill in the art would have been motivated to make this modification because it provides a method for setting up a TCP session between a virtual client and a virtual server, transmitting a packet transmitted and received to set up the TPC session between the virtual client and the virtual server (para. 0008).

Regarding claim 39, (New) the combination of GC, Mehedy, Register and Lee discloses the mobile station according to claim 38, further comprising a memory card storing a computer software product that when executed by the hypervisor instantiates said virtual machine (GC: para. 0090-0094, Examples of processor 1305 include, but are not limited to, an Intel® Itanium® or Itanium 2 processor(s), or AMD®, Opteron®, Memory 1315 can be Random Access Memory (RAM) and Mass storage 1325 may be any current or future mass storage solution).

Regarding claim 43, (New) the combination of GC, Mehedy, Register and Lee discloses the mobile station according to claim 38, wherein the second software application is configured to generate and store a record of each data packet transmitted in the distributed ledger (Mehedy: para. 0051-0056, the blockchain peer 410 (“second application”) may hash each file share with the public key of the selected storing peer for this file share and generates a hash for the share (“hash corresponding to a receiver of the data packet”). The blockchain peer 410 may broadcast the file hash to the other blockchain peers 411-413 in the network (“hash recorded in the distributed ledger”); GC: para. 0061, a two-band wireless access point 700 with two virtual machines 732 and 735 (“first and second application executed by the virtual machine”) in accordance with an embodiment of the present invention).

Regarding claim 44, (New) the combination of GC, Mehedy, Register and Lee discloses the mobile station according to 38, wherein the first application is configured to implement a logic circuit which is configured to simulate an apparatus that allows to perform device to device communications (GC: para. 0061,  A Wi-Fi module 734 managing the band 1 Wi-Fi services (GC: para. 0061,  On virtualization application 730, virtual machine 732 is created and a guest OS 733 (“a logic circuit”) may run on virtual machine 732. A Wi-Fi module 734 (“apparatus”) managing the band 1 Wi-Fi services may run on guest OS 733 (“device to device communications in simulated apparatus”)).


Regarding claim 45, (New) the combination of GC, Mehedy, Register and Lee discloses the mobile station according to 44, wherein the first software application is configured to have the logic circuit to simulate an apparatus that operate as a node of a peer to peer network (GC: para. 0061, A Wi-Fi module 734 (“apparatus”) managing the band 1 Wi-Fi services may run on guest OS 733 (“logic circuit” and “simulating an apparatus as a node” b/t at least one wireless client and a wireless AP (“peer to peer network”))).


Claims 32 and 40 are rejected under 35 U.S.C. 103 as being unpatentable over Gorajala Chandra et al. (US 20160241702 A1 hereinafter “GC”) in view of Mehedy et al. (US 20190342084 A1 hereinafter “Mehedy”) in view of Register et al. (US 20170324708 A1 hereinafter “Register”) in view of Lee et al. (US 20200259863 A1, Foreign Priority on 08/29/2017, hereinafter “Lee”) as applied to claims 31 and 38 above, and further in view of Yan (US 20190190887 A1, Provisional appl. 62/589761 filed on 12/14/2017 hereinafter “Prov_0887”).
Regarding claim 32, (New) the combination of GC, Mehedy and Register may not explicitly teach, but Yan, which is a same field of endeavor, discloses the telecommunication apparatus according to claim 31, wherein the first application is configured to generate the data packet, comprising: 
a cryptographic protection encapsulation layer (para. 0018 and Prov_0887 para. 0003, receiver address (RA), See below); 
a descriptor encapsulation layer (para. 0018 and Prov_0887 para. 0003, a source address (SA), See below); and 
a data encapsulation layer containing data to be transmitted (para. 0018 and Prov_0887 para. 0003, a destination address (DA), See below), 
wherein the descriptor encapsulation layer encapsulates the data encapsulation layer and the cryptographic protection encapsulation layer encapsulates the descriptor encapsulation layer (para. 0018 and Prov_0887 para. 0003, According to the IEEE 802.11 standard, a frame sent from a wireless device to an access point should be encapsulated using a three-address format. The three addresses are a receiver address (RA, “cryptographic protection encapsulation layer”), which is the destination AP's media access control (MAC) address, or Basic Service Set Identifier (BSSID); a source address (SA, “data encapsulation layer”), which is the wireless device's MAC address; and a destination address (DA, “data encapsulation layer”) which is the destination client device's MAC address).
GC, Mehedy, Register, Lee and Yan are analogous arts because they are in a similar field of endeavor in improving security in transmission and reception of electronic message. Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by GC, Mehedy, Register and Lee with the teachings of Yan to include a descriptor encapsulation layer that encapsulating a data encapsulation layer and a cryptographic protection encapsulation layer which encapsulating the descriptor encapsulation layer. One of ordinary skill in the art would have been motivated to make this modification because an access point mode interface may implement infrastructure mode as defined, for example, in the IEEE 802.11 standards, to form a Basic Service Set (BSS) to provide connections for wireless and wired clients such as wireless devices. Thus, the station mode interface is used to communicate its own packets to another wireless mesh access point (WMAP) (para. 0026). 

Regarding claim 40, (New) the combination of GC, Mehedy, Register and Lee may not explicitly teach, but Yan, which is a same field of endeavor, discloses the mobile station according to claim 38, wherein the first application is configured to generate the data packet comprising: 
a cryptographic protection encapsulation layer (para. 0018 and Prov_0887 para. 0003, receiver address (RA), See below); 
a descriptor encapsulation layer (para. 0018 and Prov_0887 para. 0003, a source address (SA), See below); and 
a data encapsulation layer containing data to be transmitted (para. 0018 and Prov_0887 para. 0003, a destination address (DA), See below), 
wherein the descriptor encapsulation layer encapsulates the data encapsulation layer and the cryptographic protection encapsulation layer encapsulates the descriptor encapsulation layer (para. 0018 and Prov_0887 para. 0003, According to the IEEE 802.11 standard, a frame sent from a wireless device to an access point should be encapsulated using a three-address format. The three addresses are a receiver address (RA, “cryptographic protection encapsulation layer”), which is the destination AP's media access control (MAC) address, or Basic Service Set Identifier (BSSID); a source address (SA, “data encapsulation layer”), which is the wireless device's MAC address; and a destination address (DA, “data encapsulation layer”) which is the destination client device's MAC address).
GC, Mehedy, Register, Lee and Yan are analogous arts because they are in a similar field of endeavor in improving security in transmission and reception of electronic message. Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by GC, Mehedy, Register and Lee with the teachings of Yan to include a descriptor encapsulation layer that encapsulating a data encapsulation layer and a cryptographic protection encapsulation layer which encapsulating the descriptor encapsulation layer. One of ordinary skill in the art would have been motivated to make this modification because an access point mode interface may implement infrastructure mode as defined, for example, in the IEEE 802.11 standards, to form a Basic Service Set (BSS) to provide connections for wireless and wired clients such as wireless devices. Thus, the station mode interface is used to communicate its own packets to another wireless mesh access point (WMAP) (para. 0026).


Claims 33, 34, 41 and 42 are rejected under 35 U.S.C. 103 as being unpatentable over Gorajala Chandra et al. (US 20160241702 A1 hereinafter “GC”) in view of Mehedy et al. (US 20190342084 A1 hereinafter “Mehedy”) in view of Register et al. (US 20170324708 A1 hereinafter “Register”) in view of Lee et al. (US 20200259863 A1, Foreign Priority on 08/29/2017, hereinafter “Lee”) in view of Yan (US 20190190887 A1, Provisional appl. 62/589761 filed on 12/14/2017) as applied to claims 32 and 40 above, and further in view of Petersen (US 20210075623 A1, Provisional appl. 62/663133 filed on 04/26/2018 hereinafter “Prov_5623”).
Regarding claim 33, (New) the combination of GC, Mehedy, Register, Lee and Yan teaches all elements of the current invention as stated in claim 31 above except “the first application is configured for encrypting each data packet to be transmitted according to a blockchain paradigm by using a public key of the receiver of the data packet according to an asymmetric encryption scheme”.
In a same field of endeavor, Petersen discloses the telecommunication apparatus according to claim 32, wherein the first application is configured for encrypting each data packet to be transmitted according to a blockchain paradigm by using a public key of the receiver of the data packet according to an asymmetric encryption scheme (para. 0040 and Prov_5623 para. 0034, Asymmetric encryption utilizes private and public keypair for a given address. Thus, both a sender and a recipient will have a public and private keypair. The public key is used to encrypt a message or transaction, and the corresponding private key allows the encrypted transaction to be decrypted).
GC, Mehedy, Register, Lee, Yan and Petersen are analogous arts because they are in a similar field of endeavor in improving security in transmission and reception of electronic message. Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by GC, Mehedy, Register, Lee and Yan with the teachings of Petersen to encrypt each data packet to be transmitted according to a blockchain paradigm by using a public key of the receiver of the data packet according to an asymmetric encryption scheme. One of ordinary skill in the art would have been motivated to make this modification because the public key is made available to the network, everyone is then able to verify the authenticity of the transaction using the public key from the sender's address (para. 0040).

Regarding claim 34, (New) the combination of GC, Mehedy, Register, Lee, Yan and Petersen discloses the telecommunication apparatus according to claim 33, further comprising: 
a third application, installed either in the firmware of said calculator, or executed by said virtual machine (GC: para. 0063, The Wi-Fi service of each band is managed by a Wi-Fi module that is running on an independent virtual machine while wireless AP state monitor 850 and wireless AP management console 840 (“third application”) reside on hypervisor 850).
the third application being configured to manage an encryption phase of the data packet according to a secure communication protocol, said protocol providing a further encryption layer (Petersen: para. 0040 and Prov_5623 para. 0034, the transaction is encrypted (“encryption layer”) using symmetric encryption or asymmetric encryption .The public key is used to encrypt a message or transaction, and the corresponding private key allows the encrypted transaction to be decrypted. The private key of such a keypair is used to sign transactions from the corresponding address of the sender).

Regarding claim 41, (New) the combination of GC, Mehedy, Register, Lee and Yan teaches all elements of the current invention as stated in claim 31 above except “the mobile station according to claim 40, wherein the first application is configured for encrypting each data packet to be transmitted according to a blockchain paradigm by using a public key of the receiver of the data packet according to an asymmetric encryption scheme.”
In a same field of endeavor, Petersen discloses the mobile station according to claim 40, wherein the first application is configured for encrypting each data packet to be transmitted according to a blockchain paradigm by using a public key of the receiver of the data packet according to an asymmetric encryption scheme (para. 0040 and Prov_5623 para. 0034, Asymmetric encryption utilizes private and public keypair for a given address. Thus, both a sender and a recipient will have a public and private keypair. The public key is used to encrypt a message or transaction, and the corresponding private key allows the encrypted transaction to be decrypted).
GC, Mehedy, Register, Lee, Yan and Petersen are analogous arts because they are in a similar field of endeavor in improving security in transmission and reception of electronic message. Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by GC, Mehedy, Register, Lee and Yan with the teachings of Petersen to encrypt each data packet to be transmitted according to a blockchain paradigm by using a public key of the receiver of the data packet according to an asymmetric encryption scheme. One of ordinary skill in the art would have been motivated to make this modification because the public key is made available to the network, everyone is then able to verify the authenticity of the transaction using the public key from the sender's address (para. 0040).

Regarding claim 42, (New) the combination of GC, Mehedy, Register, Lee and Yan discloses the mobile station according to claim 40, further comprising: 
a third application, installed either in the firmware stored in the EPROM, or executed by the virtual machine (GC: para. 0063, The Wi-Fi service of each band is managed by a Wi-Fi module that is running on an independent virtual machine while wireless AP state monitor 850 and wireless AP management console 840 (“third application”) reside on hypervisor 850).
the third application being configured to manage an encryption phase of the data packet according to a secure communication protocol, said protocol providing a further encryption layer (Petersen: para. 0040 and Prov_5623 para. 0034, the transaction is encrypted (“encryption layer”) using symmetric encryption or asymmetric encryption .The public key is used to encrypt a message or transaction, and the corresponding private key allows the encrypted transaction to be decrypted. The private key of such a keypair is used to sign transactions from the corresponding address of the sender).
GC, Mehedy, Register, Lee, Yan and Petersen are analogous arts because they are in a similar field of endeavor in improving security in transmission and reception of electronic message. Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by GC, Mehedy, Register, Lee and Yan with the teachings of Petersen to include third application being configured to manage an encryption phase of the data packet according to a secure communication protocol, said protocol providing a further encryption layer. One of ordinary skill in the art would have been motivated to make this modification because the public key is made available to the network, everyone is then able to verify the authenticity of the transaction using the public key from the sender's address (para. 0040).


Claims 46 and 47 are rejected under 35 U.S.C. 103 as being unpatentable over KRISHNAMACHARYA et al. (US 20200007316 A1, PCT filed on 02/01/2017 hereinafter “Krishnamacharya”) in view of Manzella et al. (US 20120236857 A1 hereinafter “Manzella”) in view of Gorajala Chandra et al. (US 20160241702 A1 hereinafter “GC”).
Regarding independent claim 46, (New) Krishnamacharya discloses a method for data exchange among nodes of a telecommunication network, comprising (Fig. 2): 
computing a plurality of hashes by means of an encryption technique, each hash identifying a corresponding node of the telecommunication network (para. 0026, The identity module 108 can update the blockchain 112 based on the request and generate a token that includes a hash value (“computing a plurality of hashes”) based on the blockchain 112. The identity module 108 compare the hash value with the current hash value of the blockchain 112, and provide confirmation of the identity (“each hash identifying a corresponding node”) in response to the hash value matching the current hash value); 
establishing a distributed ledger which is distributed among all the nodes of the network (para. 0024, The blockchain 112 (“distributed ledger”) can include blocks 114 that are generated by the identity service system 106 based on the identity sources 116.The blocks 114 can be generated in response to requests received at the identity service system 106 for communicatively coupling devices 102 a-c), and 
for each data packet to be transmitted (para. 0026, The identity module 108 can transmit the token to the computing device 102 a-c via the communications network port 130 for verifying the identity of the entity): 
said hash being selected among the plurality of the hashes memorized by the distributed ledger (para. 0026, the identity module 108 can receive the token via the communications network port 130, compare the hash value with the current hash value of the blockchain 112 (“select said hash”), and provide confirmation of the identity in response to the hash value matching the current hash value).
Although, Krishnamacharya teaches, in para. 0016 and 0026, “online identity can also be generated based on the digital identity of devices associated with the entity such as a mobile device identifier (e.g., a MAC address)” and “the confirmation can include an indication that an online identity associated with the entity is stored in the blockchain 112”, it does not teach “associating the data packet to a hash corresponding to an address of the destination node of the data packet”.
In a same field of endeavor, Manzella discloses the method, wherein associating the data packet to a hash corresponding to an address of the destination node of the data packet (para. 0072, destination addresses associated with an address hash of the packet might be determined by correlator 310).
Krishnamacharya and Manzella are analogous arts because they are in a similar field of endeavor in improving security in transmission and reception of electronic message. Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Krishnamacharya with the teachings of Manzella to associate a data packet to a hash corresponding to an address of the destination node of the data packet. One of ordinary skill in the art would have been motivated to make this modification because the correlator (or the “method”) contains logic to determine where to send the packet. Thus, each multicast packet to be transmitted by network processor, based on the destination addresses determined by the correlator (para. 0065). 
However, the combination of Krishnamacharya and Manzella does not teach “transmitting the data packet to the receiver via a radiofrequency transmission”.
In a same field of endeavor, GC discloses the method, wherein transmitting the data packet to the receiver via a radiofrequency transmission (para. 0061,  a radio frequency (RF) unit 711 of host hardware platform 710 includes a band 1 antenna 712 and a band 2 antenna 713 so that dual-band wireless AP 700 may operate on two radio frequencies, such as 2.4 GHz band and 5 GHz band, concurrently. A Wi-Fi module 734 managing the band 1 Wi-Fi services may run on guest OS 733).
Krishnamacharya, Manzella and GC are analogous arts because they are in a similar field of endeavor in improving security in transmission and reception of electronic message. Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Krishnamacharya and Manzella with the teachings of GC to transmit a data packet to the receiver via a radiofrequency transmission. One of ordinary skill in the art would have been motivated to make this modification because a baseband processor (or the method) that manage radio function may be used for carrying out baseband processing on data received or to be sent by radio frequency (RF) transceiver.

Regarding clam 47, (New) the combination of Krishnamacharya, Manzella and GC discloses the method according to claim 46, further comprising, for each data packet to be transmitted: 
associating the data packet to a further hash corresponding to an address of the sender node of the data packet (Manzella: para. 0061, Whenever the packet comes in, a hash of the source/destination address is calculated by task parameter decoder 304).


Claim 48 is rejected under 35 U.S.C. 103 as being unpatentable KRISHNAMACHARYA et al. (US 20200007316 A1, PCT filed on 02/01/2017 hereinafter “Krishnamacharya”) in view of Manzella et al. (US 20120236857 A1 hereinafter “Manzella”) in view of Gorajala Chandra et al. (US 20160241702 A1 hereinafter “GC”) as applied to claim 46, further Register et al. (US 20170324708 A1 hereinafter “Register”).
Regarding claim 48, (New) the combination of Krishnamacharya, Manzella and GC teaches all elements of the current invention as stated in claim 46 above except “encapsulating the data packet with an encapsulation layer comprising a header including said hash”.
In a same field of endeavor, Register discloses the method according to claim 46, wherein associating the data packet to a hash corresponding to an address of the receiver of the data packet comprises: 
encapsulating the data packet with an encapsulation layer comprising a header including said hash (The tag generator 306 can generate the tagged packet 307 using a variety of techniques including inserting the hash value 311 into a header field for the packet 305, adding a new encapsulation header to the packet 305 that includes the hash value 311).
Krishnamacharya, Manzella, GC and Register are analogous arts because they are in a similar field of endeavor in improving security in transmission and reception of electronic message. Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Krishnamacharya, Manzella and GC with the teachings of Register to encapsulate a data packet with an encapsulation layer comprising a header including said hash. One of ordinary skill in the art would have been motivated to make this modification because a hash table may configure to store entries for a plurality of input packets. Thus, the entry within the hash table further includes a receipt mask, and further includes setting bits within the receipt mask to indicate receipt of return packets from the plurality of network security tools (para. 0008). Therefore, the receipt mask associated with the matching hash value is updated to indicate that a return packet has been received from the security tool that sent the return packet.


Claim 49 is rejected under 35 U.S.C. 103 as being unpatentable KRISHNAMACHARYA et al. (US 20200007316 A1, PCT filed on 02/01/2017 hereinafter “Krishnamacharya”) in view of Manzella et al. (US 20120236857 A1 hereinafter “Manzella”) in view of Gorajala Chandra et al. (US 20160241702 A1 hereinafter “GC”) as applied to claim 46, further in view of in view of Petersen (US 20210075623 A1).
Regarding clam 49, (New) the combination of Krishnamacharya, Manzella and GC may not explicitly discloses, but Petersen, which is a same field of endeavor, discloses the method according to claim 46, further comprising, for each data packet to be transmitted: 
generating a data hash comprising information regarding the data packet (para. 0047 and Prov_5623 para. 0041, the data is hashed using a hashing algorithm to generate a unique data hash corresponding to the data input 504); 
recording said data hash in the distributed ledger as a transaction data in a data block of the distributed ledger (para. 0047 and Prov_5623 para. 0041, This data hash is added to a transaction input in the new block 506).
Krishnamacharya, Manzella, GC and Petersen are analogous arts because they are in a similar field of endeavor in improving security in transmission and reception of electronic message. Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Krishnamacharya, Manzella and GC with the teachings of Petersen to generate a data hash comprising information regarding the data packet; record said data hash in the distributed ledger as a transaction data in a data block of the distributed ledger. One of ordinary skill in the art would have been motivated to make this modification because the implementation can prove if the hash is found within the blockchain, using any of the methods described in the present disclosure (para. 0051).


Claim 50 is rejected under 35 U.S.C. 103 as being unpatentable KRISHNAMACHARYA et al. (US 20200007316 A1, PCT filed on 02/01/2017 hereinafter “Krishnamacharya”) in view of Manzella et al. (US 20120236857 A1 hereinafter “Manzella”) in view of Gorajala Chandra et al. (US 20160241702 A1 hereinafter “GC”) in view of in view of Petersen (US 20210075623 A1) as applied to claim 49, further in view of Register et al. (US 20170324708 A1 hereinafter “Register”).
Regarding claim 50, (New) the combination of Krishnamacharya, Manzella, GC and Petersen discloses the method according to claim 49, further comprising, for each data packet received: 
verifying a correspondence between the data packet received and corresponding data packet information comprised in the data hash recorded in the distributed ledger (Petersen: para. 0052 and Prov_5623 para. 0046, the data hash from the block transaction is 610 compared to the hash generated in step 604). 
Although Petersen teaches, in para 0052, “If the hash values are found to be identical, then it would indicate that the data has not been altered, thus verifying the authenticity and timestamp of the data”, the combination of Krishnamacharya, Manzella, GC and Petersen does not teach “discarding the data packet whether said correspondence is not verified”.
In a same field of endeavor, Register further discloses the method, wherein discarding the data packet whether said correspondence is not verified (para. 0039, the network packet forwarding system can assume that the original packet was unsafe and discard information stored for the input packet after a timeout has occurred).
Krishnamacharya, Manzella, GC, Petersen and Register are analogous arts because they are in a similar field of endeavor in improving security in transmission and reception of electronic message. Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Krishnamacharya, Manzella, GC and Petersen with the teachings of Register to discard the data packet whether said correspondence is not verified. One of ordinary skill in the art would have been motivated to make this modification because the packet forwarding system 210 (or the method) can assume that the packet was dropped or blocked by one of the security tools as an unsafe or unsecure packet. Single return packet from a group can be considered a positive security response from the group (para. 0043).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Verzun et al. (US 20190386969 A1)- Decentralized Cybersecure Privacy Network For Cloud Communication, Computing And Global E-Commerce: [0032-0035] FIG. 3 include PHY data 51 Layer-1 data frame vulnerabilities such as signal intercepts and jamming. MAC data 52 Layer-2 data frame vulnerabilities including ID sniffing, packet sniffing, profiling, denial-of-service (DoS) attacks, WPA/WPA2 (i.e. WiFi Protected Access) hacking. Network data 53 Layer-3 datagram vulnerabilities in IP routing, DNS name server, and static addressing including man-in-the-middle (MiM) attacks, packet hijacking and rerouting, sniffing and packet recording, spoofing (imposter attack), and denial-of-service (DoS) attacks. Transport data 54 Layer-4 datagram vulnerabilities including port banging of static and pre-assigned (fixed) port numbers, TCP protocol exploits, SSL/TLS exploits and brute force code breaking, metadata collection and user profiling, traffic monitoring, and denial-of-service (DoS) attacks.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANDREW SUH whose telephone number is (571)270-5524. The examiner can normally be reached 9:00 AM- 5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on (571) 272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/A.S./Examiner, Art Unit 2493                                                                                                                                                                                                        
/CARL G COLIN/Supervisory Patent Examiner, Art Unit 2493