Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Objections
Claim 19 objected to because of the following informalities:  Claim 19 seems to have been cut off mid-sentence or is a duplicate claim as it reiterates almost the same limitations of Claim 20.  Appropriate correction is required.
Allowable Subject Matter
Claims 7 and 15 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Regarding Claims 7 and 15, prior art does not explicitly disclose identifying a first number of bytes in the second portion of the packet, identifying a second number of bytes of a block size and determining that a multiple of block size corresponds to a third number of bytes that is greater than or equal to first number of bytes wherein encrypting the second portion of the packet comprises encrypting third number of bytes of the packet.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 1-2,5,9-10,13,17-20 is/are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Kurmala (US20160315920).
Regarding Claim 1 and Claim 9, Kurmala discloses A method comprising: 
creating an encrypted tunnel over a network and between a first device and a second device to communicate encrypted data over the network; (Paragraph [0022] Examiner Notation (E.N.) A full encryption tunnel can be established between two devices where different types of tunnels such as null-encryption tunnel or a header-only encryption virtual tunnel can be established.)
determining, at the first device, that a packet is to be sent to the second device over the network in the encrypted tunnel; (Figure 2 E.N. The traffic from the client device and server go through an encryption tunnel)
determining, at the first device, that a first portion of the packet is encrypted; (Paragraph [0026] E.N. The gateway which receives packets is able to determine if a session is encrypted (each of the packet in the system is encrypted). 
determining, at the first device, that a second portion of the packet is unencrypted; (Paragraph [0032 lines 1-5] E.N. For null-encryption virtual tunnels, data packets are sent in plaintext with the internal address of client devices and servers (exposing them)).
encrypting, at the first device, the second portion of the packet using an encryption protocol associated with the encrypted tunnel; (Paragraph [0032 lines 6-7] and Figure 4 Element (Header Encrypted ESP Packet) E.N. The first portion of the packet contains TCP header and TCP payload while the second portion of the packet contains ESP header and Original IP Header which is placed before the first portion. In a header-only encryption, the Original IP header is encrypted using either DES/3DES or AES encryption when going through the tunnel.)
and sending, from the first device, the packet over the network to the second device using the encrypted tunnel. (Figure 2)

Regarding Claim 2 and Claim 10, Kurmala discloses the method of claim 1 and the first device of claim 9. Kurmala further discloses comprising at least one of: determining to refrain from encrypting the first portion of the packet that is encrypted; or refraining from encrypting the first portion of the packet that is encrypted. (Paragraph [0031] E.N. Virtual tunnels is used to eliminate or reduce the negative performance effect of double encryption that is experienced using full-encryption tunnel).

Regarding Claims 5,13,19 and 20 Kurmala discloses the method of claim 1 and the first device of claim 9 and the system of claim 17. Kurmala further discloses wherein determining that the first portion of the packet is encrypted includes identifying, from a header of the packet, an indicator that indicates a size of the first portion of the packet that is encrypted. (Paragraph [0032 lines 2-4 and 7-11] E.N. For a header-only encryption, only the IP header is encrypted. The block size used for encryption can vary from different types of encryption used such as if a DES/3DES will be 8 bytes while AES-128/192/256 will be 16 bytes.)

	Regarding Claim 17, Kurmala discloses A system comprising: 
one or more processors; (Paragraph [0048])
and one or more non-transitory computer-readable media storing computer-executable instructions that, when executed by the one or more processors, cause the one or more processors to perform operations comprising: (Paragraph [0050 lines 1-4])
creating an encrypted tunnel over a network and with a source device to communicate encrypted data over the network; (Paragraph [0013])
receiving a packet that is sent from the source device over the network and in the encrypted tunnel; (Figure 2)
determining that a first portion of the packet is encrypted using a first encryption protocol associated with the encrypted tunnel; (Paragraph [0034 lines 1-4] E.N. an original IP data packet (first portion) includes an IP header, TCP header and TCP payload which can be encrypted)
decrypting the first portion of the packet according to the first encryption protocol; (Paragraph [0002] E.N. After receiving the data through the tunnel, the peer VPN gateway decrypts the payload (which contains the packet) according to IPsec (encryption protocol)). 
determining that a second portion of the packet is encrypted using a second encryption protocol; (Paragraph [0025] E.N. Encryption protocol such as HTTPS or SSH etc. can be used during communication between the client device and server.)
and decrypting the second portion of the packet according to the second encryption protocol. (Paragraph [0003] E.N. Encrypted packets can only be decrypted at its destination. Encryption protocol such as SSH is used for both encrypting and decrypting.)

Regarding Claim 18, Kurmala discloses the system of claim 17. Kurmala further discloses determining that the first portion of the packet is encrypted includes determining that a header of the packet is encrypted; (Figure 4 Element (Header Encrypted ESP Packet (DES/3DES)) E.N. The original IP header (which is in the first portion of the packet) is encrypted) 
and determining that the second portion of the packet is encrypted includes identifying a payload of the packet that is encrypted. (Figure 4 Element (Regular ESP Packet) E.N. The second portion (which includes ESP header and Original IP header) is encrypted along with the TCP payload.)


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 3-4,8,11-12 and 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Kurmala (US20160315920) in view of Dhanabalan (US20200186507 ).

Regarding Claim 3 and Claim 11, Kurmala discloses the method of claim 1 and the first device of claim 9. Kurmala further discloses: determining, at the first device, that the second portion of the packet is unencrypted includes identifying a header of the packet that is unencrypted. (Paragraph [0032 lines 4-5] and Figure 4 Element (Null Encrypted ESP Packet) E.N. When null-encryption tunnels are used, the packets are only authenticated and not encrypted therefore, the data packets sent using null-encryption tunnels are sent in plaintext with the IP address of clients and servers (information found in headers) exposed.) 
Kurmala does not, but in related art, Dhanabalan teaches: determining that the first portion of the packet is encrypted includes determining that a payload of the packet is encrypted; (Paragraph [0009] E.N. The first network device is able to receive a packet which contains header information as well as payload. The device may determine if the packet (which contains the payload) is encrypted to meet a threshold level of security)
Therefore, it would be obvious to one of ordianary skill in the art before the effective filing date of the claimed invention to have modified Kurmala to incorporate the teachings of Dhanabalan because Kurmala does not explicitly disclose determining that the payload is encrypted which is taught by Dhanabalan. Incorporating the teachings of Dhanabalan to Kurmala allows for file transfer to contain encrypted payload allowing for a much safer transport. 

Regarding Claim 4 and Claim 12, Kurmala discloses the method of claim 1 and the first device of claim 9. Kurmala further discloses: identifying a first predefined portion of packets that are encrypted according to the protocol type; (Figure 4 and Paragraph [0034 lines 1-4] E.N. AN original data packet (first predefined portion) includes an IP header, TCP header and TCP payload which may be encrypted)
and identifying a second predefined portion of packets that are unencrypted according to the protocol type, 22(Figure 4 and Paragraph [0034 lines 4-7] E.N. A null-encryption virtual tunnel can be used for an unencrypted packet while still containing an outer IP header with ESP header (Second portion) and ESP authentication component.)
Client Docket No. 1028655-US.01wherein the first portion is determined based at least part on the first predefined portion and the second portion is determined based at least part on the second predefined portion. (Figure 4 E.N. The original IP packet is considered the first portion while the second portion can be either the full-encryption tunnel, null-encryption tunnel or header-encrypted tunnel as it contains the first portion along with an ESP header and an original header.)
Kurmala does not, but in related art, Dhanabalan teaches: determining a protocol type of the packet; (Paragraph [0014] E.N. The first device is able to identify the communication protocol of the packet.)
Therefore, it would be obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have incorporated the teachings of Dhanabalan to Kurmala because Kurmala does not explicitly disclose determining the protocol type of the packet which is taught by Dhanabalan. Incorporating the teachings of Dhanabalan to Kurmala allows for a smoother transmission of the packets knowing what protocol should be used to transport the packets between the client and server. 

Regarding Claim 8 and 16, Kurmala discloses the method of Claim 1 and the first device of Claim 9. Kurmala further discloses the encryption protocol comprises at least one of: Internet Protocol Security (IPsec) protocol; (Paragraph [0018] IPsec encryption is used on the packets)
Kurmala does not, but in related art, Dhanabalan teaches the first portion of the packet is encrypted using at least one of:
Secure Socket Layer (SSL) protocol; (Paragraph [0064 lines 1-3] E.N. The encryption engine is able to establish an SSL (which is used to encrypt data packets sent over a network) or TLS connection between a client and server.)
	Therefore, it would be obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention to have incorporated the teachings of Dhanabalan to Kurmala because Kurmala does not explicitly disclose encrypting packets using SSL which is taught by Dhanabalan. Incorporating the teachings of Dhanabalan to Kurmala allows for the use of SSL or TLS when encrypting packets sent over a network for a more secure data communication/transportation. 

Claim(s) 6 and 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Kurmala (US20160315920) in view of Friedl (An Illustrated guide to IPsec).

Regarding Claim 6 and 14, Kurmala discloses the method of claim 1 and the first device of claim 9. Kurmala does not, but in related art, Friedl teaches: encapsulating the packet in an overlay packet according to an overlay protocol; (Page 9 [ESP-Encapsulating Security Payload Paragraph 1-2] E.N. IPsec protocol contains an Encapsulating Security payload which surround the payload)
and populating a field of an overlay header of the overlay packet with an indication of a size of the second portion of the packet, (Page 12 [ESP in Tunnel Mode] E.N. The diagram shows a tunneled data packet which contains an IP header (outer IP header) that includes information such as header length and total packet length. The second portion of the packet which includes an ESP header and IP header (inner IP header) before the TCP header with payload (first portion))
wherein sending the packet comprises sending the overlay packet to the second device. (Page 12 [ESP in Tunnel Mode] E.N. In tunnel mode, when the packet is sent, the information regarding the packet is encrypted and not visible to those who cannot decrypt the packet.)
Therefore, it would be obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have incorporated the teachings of Friedl to Kurmala because Kurmala does not explicitly disclose encapsulating the packet and indicating the size of the second portion of the packet which is taught by Friedl. Incorporating the teachings of Friedl to Kurmala allows for the packet to contain an extra layer of security when going through transport between the device and server. 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AAYUSH ARYAL whose telephone number is (571)272-2838. The examiner can normally be reached 8:00 a.m. - 5:30 p.m..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached on (571) 272-3685. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/AAYUSH ARYAL/Examiner, Art Unit 2435 

/JOSEPH P HIRL/Supervisory Patent Examiner, Art Unit 2435