Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
	Claims 1-22 are presented for examination. 

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
are provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-19 of copending Application No. 17/080,659.  
Claims 1-22 are provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claim 1-19 of copending Application No. 17/080,659. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims of the present application are anticipated by the ‘659 application.  This is an anticipatory double patenting rejection. 
This is a provisional nonstatutory double patenting rejection because the patentably indistinct claims have not in fact been patented.
 
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-8 are rejected under 35 U.S.C. 103 as being unpatentable over Liu, CN 104901974 as and further in view of Sathish, CN 102939774.

Regarding claim 1, Liu discloses a method comprising: 
detecting a computing device on a network (Fig. 1: “establishing stage of session connection is a terminal or client sends request to the server to process of establishing the connection.”); 
assigning a network hyper context to the computing device based on network properties and computing device properties associated with the computing device (“a session connection of various stages of available security policy set corresponding to the API interface to receive security policy selected by the user terminal through the API interface of the identification according to the identification of the security policy by the user terminal corresponding to the selected security policy. session connection stage corresponding to the security policy for the application data for processing and transmission, so as to improve the applicability of the safe hyper text transmission protocol on the basis of safety ensuring application of data transmission and improves the transmission speed and network response speed of data.”); 
accessing a policy and corresponding to the network hyper context (“ 102, the available security policy session connection to each stage is a corresponding API interface so as to receive the identification of the security policy selected by the user terminal through the API interface.”).
Liu lacks or does not expressly discloses defining a segment identifier identifying a network segment.
However, Sathish discloses defining a segment identifier identifying a network segment (abstract: determining the network resource in a plurality of segments. Paragraph 0074:  if determining context for client proximity associated with the subsection of the network resource (e.g., URL) of the context tag and meet any other preferences, then transmit the identification segment of network resource of the network data (e.g., URL).);
assigning the segment identifier to the computing device (0124: if it is determined that the context of specific client approach segment context tags and determining segment close to the specific customer of interest, then the service is further configured to transmit identification data via the network segment of the network resource. .)
and 
segmenting the computing device onto the network segment responsive to detecting the computing device (0125: if it is determined that the context of specific client approach segment context tags and determining the particular network resource network resources are of interest for a particular customer, and the service is further configured to transmit identification data via the network segment of the network resource).
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Liu with Sathish to include defining a segment identifier identifying a network segment in order to determine the particular network resource is of interested of a particular customer and match with a particular service, as taught by Sathish, paragraph 0124.

Regarding claim 2, Liu lacks or does not expressly disclose detecting a change in connectivity type utilized by the computing device; and re-segmenting the computing device onto the segment subsequent to detecting the change in connectivity type (0051: context-aware recommendation service 120 of connectivity).  It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Liu with Sathish to include detecting a change in connectivity in order to update the network segment, as taught by Sathish, paragraph 0145.


Regarding claims 3-4, Liu, as modified above, discloses the method of claim 2, wherein detecting a change in connectivity type utilized by the computing device comprises detecting a change from wireless connectivity to wired connectivity; wherein detecting a change in connectivity type utilized by the computing device comprises detecting a change from wired connectivity to wireless connectivity (paragraph 0147: in wireless handheld device (such as cell phone movement phone), communications interface 770 includes a radio band electromagnetic transmitter and receiver called a radio transceiver. In certain embodiments, communication interface 770 to realize the connection of communication network 105 to provide segments of the context index of the network resource to the UE101.).   It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Liu with Sathish to include detecting a change in connectivity in order to update the network segment, as taught by Sathish, paragraph 0145.

Regarding claim 5, Liu, as modified above, discloses the method of claim 2, wherein the re-segmenting includes de-authenticating the computing device from the network (“wherein the identification security policy of the corresponding can set the entrance position and the outlet position of the corresponding communication pipeline, or identifying the security policy of the corresponding can be respectively set on the entrance position and the exit position of the corresponding communication channel.”).    

Regarding claim 6, Liu, as modified above, discloses the method of claim 1, further comprising prior to assigning a network hyper context to the computing device: accessing a hyper context set defining a plurality of possible network hyper contexts and corresponding policies; and locating the network hyper context from within the hyper context set based on the network properties and computing device properties, the corresponding policies of the hyper context set defining that devices assigned the network hyper context are to be segmented onto the segment (“the network application layer to be transmitted according to the preset classifying policy corresponding to the application” “wherein the identification security policy of the corresponding can set the entrance position and the outlet position of the corresponding communication pipeline, or identifying the security policy of the corresponding can be respectively set on the entrance position and the exit position of the corresponding communication channel.”).  

Regarding claim 7, Liu, as modified above, discloses the method of claim 6, wherein the hyper context set is generated based on one or more computing device properties and network properties (“ the step 103 specifically comprises: according to the identification of the security policy selected by the user terminal, the identification security policy are respectively provided in the communication pipeline of the corresponding session connection stage, so that each session connection data of the stage by the corresponding communication pipe.”).  

Regarding claim 8, Liu, as modified above, discloses the method of claim 6, wherein segmenting the computing device onto the segment comprises enforcing the corresponding policies of the hyper context on the computing device (abstract, session connection stage corresponding to the security policy for the application data for processing and transmission, so as to improve the applicability of the safe hyper text transmission protocol on the basis of safety ensuring application of data transmission and improves the transmission speed and network response speed of data).  

Claims 9-22 are rejected under 35 U.S.C. 103 as being unpatentable over Lui in view of Sathish as applied to claims 1-8 above, and further in view of Hegrat, CN 110875847.

Regarding claim 9, Liu lacks or does not expressly disclose blacklisting a computing device that is prevented from joining the network.  However, Hegrat discloses blacklisting a computing device that is prevented from joining the network (“ when defining the network infrastructure, infrastructure deployment platform can be based on virtual local area network (VLAN) scheme, a physical segment, firewall solution logic segment, white list or black list to define network infrastructure”).  
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Liu, as modified above, with Hegrat to include a black list in order to establish the network infrastructure as taught by Hegrat.

As per claims 10-18, this is a VLAN method version of the claimed method discussed above in claim 1 wherein all claimed limitations have also been addressed and/or cited as set forth above.  Liu lacks or does not expressly disclose a virtual local area network (VLAN).  However Hegrat discloses a VLAN (“ when defining the network infrastructure, infrastructure deployment platform can be based on virtual local area network (VLAN) scheme, a physical segment, firewall solution logic segment, white list or black list to define network infrastructure”).  
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Liu, as modified above, with Hegrat to include a VLAN in order to establish the network infrastructure as taught by Hegrat.

Allowable Subject Matter
Claims 19-22 would be considered allowable up approval of a terminal disclaimer in order to overcome the double patenting rejection. 
The prior art lacks or does not expressly disclose or make obvious by combination: 
a hyper context network sensor configured to observe span traffic associated with the network and detect the computing device on the network via the network traffic controller; a hyper context cloud server configured to receive data associated with the span traffic, assign a network hyper context to the computing device based on network properties and computing device properties associated with the computing device, and access a policy defining a segment identifier identifying a network segment and corresponding to the network hyper context; and a cloud controller configured to segment the computing device onto the network segment responsive to detecting the computing device.  

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure 
US 6,035,405 to Gage
US 2018/0027020 to Pallas
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AUBREY H WYSZYNSKI whose telephone number is (571)272-8155. The examiner can normally be reached M-F 9-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, KAMBIZ ZAND can be reached on 571-272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/AUBREY H WYSZYNSKI/Examiner, Art Unit 2434               

/TESHOME HAILU/Primary Examiner, Art Unit 2434