Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
	Examiner respectfully withdraws the Double Patenting rejection in light of the terminal disclaimer filed on 09/26/2022.
	Regarding applicants arguments directed at Webb on page 2-3, examiner respectfully agrees and withdraws the previous rejection, a second non-final with a new rejection can be found below. 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1, 3-6, 9, 13, 15-16, and 19-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. (US 20170290074 A1) in view of Finster (US 20120151077 A1)

	Regarding claim 1, Lee teaches a method for delivering content, comprising: (0015; Method)
receiving, over a first communication path of an open network connected to a device via the open network (0033; public network), information (request identifying and profile information Fig 1 elements 108 and 112);) corresponding to the device; (0045; receiving a request from a remote client device over a public network)
 	comparing the received information to authorized accessor (user Fig 1 user device 102) information (device and profile information Fig 1 elements 108 and 112); (0052; comparing the received device identifying information with information in a subscriber database)
after determining that the received information (device and profile information Fig 1 elements 108 and 112) is not included in the authorized accessor information, (determining that the device is new to the network and not associated with the subscriber) adding the received information to the authorized accessor information, ([0052] receiving by the device policy manager device information and determining that the device is new to the network (equivalent to does not correspond to at least one of the set of known subscribers) and not associated with the subscriber, in turn associating the device with the a private network subscriber and storing the association in the gateway)
the device being operable to communicate via the open network (internet) regardless whether the received information is included in the authorized accessor information; ([0052] receiving by the device policy manager device information and determining that the device is new to the network and not associated with the subscriber, (equivalent to operable to communicate via the open network), since the network is open such as the internet the user can still communicate the request through the open network)
 Lee does not explicitly teach and after determining that the received information is included in the authorized accessor information, 
delivering the content to the device over a second communication path of a closed network using a gateway that is connected to the device via the closed network and that determines whether to deliver the content in response to a request received from the device over the second communication path, the device being unable to communicate with the gateway via the closed network until the received information is included in the authorized accessor information.  
In an analogous art Finster teaches and after determining that the received information (0042; users http request includes identifying information) is included in the authorized accessor information, (Fig 1; Fig. 3;  0039; 0042; the user requests content through unmanaged network 102; which is then pass to the authentication module 300, Fig 3; shows steps of identifying the subscriber and retrieving the subscription info to determine if the user is a premium subscriber or not (equivalent to included in the authorized accessor information))
delivering the content (streaming content) to the device (Fig. 1 subscriber 101) over a second communication path (path in Fig 1 from the operator to the subscriber through the distribution network 106) of a closed network using a gateway (0029; 0036; 0058; operator server (such as proxy server) which is part of and communicates with the client through the distribution network) that is connected to the device via the closed network (0055-0056; determining to deliver and delivering the content to the subscriber of the operators distribution network (equivalent to a closed network); 0054; 0058; the operators proxy server acts as a gateway see (0029 and 0036) and is used to deliver content from the CDN to the subscriber)
and that determines whether to deliver the content in response to a request received from the device over the second communication path, (see mapping above for request for content) (0055-0056; determining to deliver and delivering the content to the subscriber of the operators distribution network (equivalent to a closed network); 0054; 0058; the operators proxy server acts as a gateway see {0029 and 0036) and is used to deliver content from the CDN to the subscriber)
the device being unable to communicate with the gateway via the closed network (distribution network) until the received information (subscriber information) is included in the authorized accessor information. (see mapping above, plus 0024; the system architecture includes a distribution network 106 in communication with the operator 103 and one or more subscribers 101 over which the operator 103 streams media content to the one or more subscribers 101.  (Fig 1; Fig. 3;  0039; 0042; the user requests content through unmanaged network 102; which is then pass to the authentication module 300, Fig 3; shows steps of identifying the subscriber and retrieving the subscription info to determine if the user is a premium subscriber or not (equivalent to included in the authorized accessor information) In order to send information to the user through the distribution network, and therefore communication through the distribution network is contingent on the users subscriber information)
 	It would have been obvious to one of ordinary skill in the art prior to the effective filing date of the application to modify the teachings of Lee to include a private network with access control as is taught by Finster
	The suggestion/motivation for doing so is to be able to better access and protect private content [0001-0003]

Regarding claim 3, Lee in view of Finster teach the method of claim 1, and is disclosed above, Lee further teaches wherein the authorized accessor information includes at least one communication address ([0039] where the subscriber information includes an IP address of the user device)

Regarding claim 5, Lee in view of Finster teach the method of claim 1, and is disclosed above, Lee further teaches wherein the gateway is operable to route communications (0025; gateway facilitates connection and communication)

Regarding claim 6, Lee in view of Finster teach the method of claim 1, and is disclosed above, Lee teaches wherein the device is a content access device ([0034] wherein the user device is a set-top box)

Regarding claim 9, the claim inherits the same rejection as claim 1 above for reciting similar limitations in the form of a system claim, Lee teaches a system for providing content, comprising: ([0015] system) 

Regarding claim 13, Lee in view of Finster teach the system of claim 9, and is disclosed above, Lee further teaches wherein the provisioning device communicates the authorization to access the content to the gateway (0028; transmitting the user profile used for access control to the gateway)

Regarding claim 15, the claim inherits the same rejection as claim 1 above for reciting similar limitations in the form of a computer program product comprising a non-transitory computer-readable storage medium encoding instructions executable by at least one processor to: ([0021-0024] computer readable storage medium comprising instructions executed by a processor)

Regarding claim 16, Lee in view of Finster teach the computer program product of claim 15, and is disclosed above Lee further teaches wherein the instructions are further executable by the at least one processing unit to provide the information(request and profile information) to the router (0045; receiving a request from a remote client device over a public network; wherein the network device transmits the received information to a computing device having a database; [0087] computing devices can be routers)

Regarding claim 19, Lee in view of Finster teach the computer program product of claim 15, and is disclosed above, Lee further teaches wherein the information is at least one of an identification number, a block of communication addresses, an internet protocol address, or a media access control address.  ([0039] where the subscriber information includes an IP address of the user device)

Regarding claim 20, Lee in view of Finster teach the computer program product of claim 15, and is disclosed above Lee further teaches wherein the router stores the authorized accessor information. (0045; receiving a request from a remote client device over a public network; wherein the network device transmits the received information to a computing device having a database which stores device and profile information of the user for access purposes ; [0087] computing devices can be routers)

Claims 2 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. (US 20170290074 A1) in view of Finster (US 20120151077 A1) and further in view of Barkie et al. (US 20160241563 A1)

Regarding claim 2, Lee in view of Finster teach the method of claim 1, and is disclosed above,  Lee in view of Finster do not explicitly teach further comprising blocking additional received information received from an additional device after determining not to add the additional received information to the authorized accessor information.  
In an analogous art Barkie teaches blocking additional received information received from an additional device after determining not to add the additional received information to the authorized accessor information.   ([0017 & 0023] when the unauthorized device is not registered (equivalent to set of known subscriber information), the system determines if the device classified as unauthorized, if it is classified as such then the device cannot be registered and is blocked from accessing the network)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the application to modify the teachings of Lee in view of Finster to include blocking devices that are unauthorized to access a network as is taught by Barkie
The suggestion/motivation for doing so is to be able to block unauthorized users

Claim(s) 4 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. (US 20170290074 A1) in view of Finster (US 20120151077 A1) in view of Suzuki (US 20140280793 A1)

Regarding claim 4, Lee in view of Finster teach the method of claim 1, and is disclosed above, Lee in view of Suzuki do not explicitly teach wherein the second communication path is monitored by a firewall
	In an analogous art Suzuki teaches wherein the second communication path is monitored by a firewall (0023; Fig 1; communication through networks 106, include multiple gateways and firewalls through which content distribution occurs)

Claim 7 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. (US 20170290074 A1) in view of Finster (US 20120151077 A1) and further in view of Bell et al. (US 20160330245 A1)

Regarding claim 7, Lee in view of Finster teach the method of claim 1, and is disclosed above, Lee in view of Finster do not explicitly teach wherein adding the received information to the authorized accessor information comprises automatically updating a range of internet protocol addresses associated with the received information.  
In an analogous art Bell teaches wherein adding the received information to the authorized accessor information comprises automatically updating a range of internet protocol addresses associated with the received information.  ([0273] when a new client IP address appears in the traffic flow of the customer network, after authentication, adding a range of IP addresses associated with the customer network (equivalent to subscriber information))
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the application to modify the teachings of Lee in view of Finster to include updating rages of IP addresses associated with the customer information as is taught by Bell

Claims 8 and 12 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. (US 20170290074 A1) in view of Finster (US 20120151077 A1) and further in view of Davis et al. (US 20120117571 A1)

Regarding claim 8, Lee in view of Finster teach the method of claim 1, and is disclosed above, Lee in view of Finster do not explicitly teach further comprising removing the received information from the authorized accessor information after determining not to allow the device access to the content.  
In an analogous art Davis teaches removing the received information from the authorized accessor information after determining not to allow the device access to the content.  ([0071-0073] automatically executing firewall functions including removing an entry from an access control list; if the firewall previously allowed access to the network, and now removes access its equivalent to should not maintain access to the content over the second communication channel)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the application to modify the teachings of Lee in view of Finster to include updating the access control list used by the firewall by deleting entries from the access control list as is taught by Davis
The suggestion/motivation for doing so is to be able to update network access information that the firewall uses by deleting entries

Regarding claim 12, Lee in view of Finster teach the system of claim 9, and is disclosed above, Lee in view of Finster do not explicitly teach wherein the provisioning device is further configured to remove the authorization to access the content
In an analogous art Davis teaches wherein the provisioning device is further configured to remove the authorization to access the content ([0071-0073] automatically executing firewall functions including removing an entry from an access control list;)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the application to modify the teachings of Lee in view of Finster to include updating the access control list used by the firewall by deleting entries from the access control list as is taught by Davis
	The suggestion/motivation for doing so is to be able to better access and protect private content [0003-0007]

Claim(s) 10 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. (US 20170290074 A1) in view of Finster (US 20120151077 A1) in view of Webb et al. (US 20020083342 A1) 

Regarding claim 10, Lee in view of Finster teach the system of claim 9, and is disclosed above, Lee in view of Finster do not explicitly teach wherein the gateway implements a firewall  
In an analogous art Webb teaches wherein the gateway implements a firewall (0006; 0033; 0041; gateway implementing a firewall)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the application to modify the teachings of Lee in view of Finster to include a firewall at the gateway as is taught by Webb
	The suggestion/motivation for doing so is to be able to better access and protect private content [0003-0007] 

Claim(s) 11 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. (US 20170290074 A1) in view of Finster (US 20120151077 A1) in view of Webb et al. (US 20020083342 A1) and further in view of Barkie et al. (US 20160241563 A1)

Regarding claim 11, Lee in view of Finster in view of Webb teach the system of claim 10, and is disclosed above, Lee in view of Finster in view of Webb do not explicitly teach wherein the provisioning device communicates the authorization to access the content to the firewall.  
	In an analogous art Barkie teaches wherein the provisioning device communicates the authorization to access the content to the firewall ([0014] the intelligent controller may update an access control list used by the firewall)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the application to modify the teachings of Lee in view of Finster in view of Webb to include updating the access control list used by the firewall as is taught by Barkie
The suggestion/motivation for doing so is to be able to update network access information that the firewall uses

Claims 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. (US 20170290074 A1) in view of Finster (US 20120151077 A1) in view of Lin et al. (US 20120133731 A1) 

Regarding claim 14, Lee in view of Finster teach the system of claim 9, and is disclosed above, Lee in view of Finster do not explicitly teach wherein the gateway is operable to communicably connect the device to at least one of a content delivery network and a digital rights manager.  
 Lin teaches wherein the gateway is operable to communicably connect the device to at least one of a content delivery network (content delivery system) and a digital rights manager (policy management server) ([0014-0017; 0042] receiving through a public network (equivalent to first communication path of an open network) a request from the user device, and authenticating by the application server the user by using the user information and user device information as well as licensing and subscription information (equivalent to restricting access by the gateway); allowing the user device after authentication access to the content delivery system which includes a content server and policy management server)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the application to modify the teachings of Lee in view of Finster to include a gateway restricting access to a content delivery network and a digital rights manager
The suggestion/motivation for doing so is to be able to interconnect and integrate business and control networks [0003-0004]

Claims 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. (US 20170290074 A1) in view of Finster (US 20120151077 A1) in view of Akers et al. (US 20180316769 A1) 

Regarding claim 17, Lee in view of Finster teach the computer program product of claim 18, and is disclosed above, Lee in view of Finster do not explicitly teach wherein the instructions are further executable by the at least one processing unit to determine whether the device is currently accessing the content over the second communication channel
	In an analogous art Akers teaches wherein the instructions are further executable by the at least one processing unit to determine whether the device is currently accessing the content over the second communication channel (0057; private pathway) (0065; analysis of network traffic is performed to determine private services currently being accessed; 0057; the private services include private pathways (equivalent to second communication channel))
It would have been obvious to one of ordinary skill in the art before the effective filing date of the application to modify the teachings of Lee in view of Finster to include monitoring current access to a service over a private path as is taught by Akers
The suggestion/motivation for doing so is to be able better provide services [0002-0004]

Claims 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al. (US 20170290074 A1) in view of Finster (US 20120151077 A1) in view of Akers et al. (US 20180316769 A1) in view of Davis et al. (US 20120117571 A1)

Regarding claim 18, Lee in view of Finster in view of Akers teach the computer program product of claim 17, and is disclosed above, Lee in view of Finster in view of Akers do not explicitly teach wherein the instructions are further executable by the at least one processing unit to remove the information from the authorized accessor information upon determining to no longer allow the device to access the content.  
In an analogous art Davis teaches wherein the instructions are further executable by the at least one processing unit to remove the information from the authorized accessor information upon determining to no longer allow the device to access the content ([0071-0073] automatically executing firewall functions including removing an entry from an access control list; if the firewall previously allowed access to the network, and now removes access its equivalent to should not maintain access to the content over the second communication channel)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the application to modify the teachings of Lee in view of Finster in view of Akers to include updating the access control list used by the firewall by deleting entries from the access control list as is taught by Davis
The suggestion/motivation for doing so is to be able to update network access information that the firewall uses by deleting entries

Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to ABDERRAHMEN H CHOUAT whose telephone number is (571)431-0695. The examiner can normally be reached 9AM-5PM Tentative.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Christopher Parry can be reached on 571-272-8328. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

Abderrahmen Chouat
Examiner
Art Unit 2451



/Chris Parry/Supervisory Patent Examiner, Art Unit 2451