Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Claim Rejections - 35 USC § 112

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 1-16 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the enablement requirement.  The claim(s) contains subject matter which was not described in the specification in such a way as to enable one skilled in the art to which it pertains, or with which it is most nearly connected, to make and/or use the invention. 
Examiner notes that the claims are generic and it is unclear what the invention is.  Examiner could not find sufficient explanation in the specification to clarify the purpose of the invention.



The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


The claims are generally narrative and indefinite, failing to conform with current U.S. practice.  They appear to be a literal translation into English from a foreign document and are replete with grammatical and idiomatic errors.

Claims 1-16 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.

Examiner notes that this is not a complete and exhaustive list and encourages Applicant to thoroughly review the claim limitations.

At least claims 1, 10, 13, 14 the claim ends with “a next time”.  It is unclear what happens a next time.
As per claims 1-16, Examiner asserts it is not clear what an “APP” is.  In its not clear what a “defensive node device” is.  
Examiner asserts it is unclear what “current attack situation” means.
Examiner asserts it is unclear what dividing “user levels” “node levels” means.  There is no context for the term “dividing”.
Examiner asserts it is unclear what “high level”  “highly defensive” and all other references to levels means.  There is no context to these relative terms.   

Examiner makes note of, but does not rely on Sunkaranam US 2019/0342305. 


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1, 2, 9, 10, 12-16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Chen US 2020/0304853 in view of Tinnakornsris US 2010/0124228


As per claims 1, 15 Chen teaches A method for defending against an attacking behavior, the method being applied to defensive node devices, and a number of the defensive node devices being at least two, the method comprising: receiving a signaling request sent by a terminal provided with an APP, the signaling request being used for requesting for establishing a trusted connection with the defensive node devices, and the signaling request at least including information of the terminal and the APP; authenticating the terminal based on the information of the terminal and the APP, establishing, in response to the authenticating the terminal being successful, the trusted connection with the terminal, and forwarding APP traffic from the terminal to a source station of the APP; [0003]-[0011]; [0038]-[0045]  (teaches authentication via a web APP, including IP address, a secure connection with a security gateway node, and processing the authentication request and request for services to be forwarded to the service provider)

Tinnakornsris teaches a number of the defensive node devices being at least two, receiving a signaling request sent by a terminal provided with an APP, the signaling request being used for requesting for establishing a trusted connection with the defensive node devices and returning a dispatching instruction to the terminal, the dispatching instruction being used for instructing a defensive node device to which the terminal sends the signaling request a next time.  [0048][0055][0061]-[0063] (teaches reaching out to security gateways and authenticating, and receiving the address of a proper security gateway/defensive node)
It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the nodes of Tinnakornsris with Chen because it provides load balancing for network traffic efficiency.

As per claim 2. Tinnakornsris teaches The method according to claim 1, wherein before the returning a dispatching instruction to the terminal, the method further comprises:  determining the defensive node device to which the terminal sends the signaling request the next time based on a defensive policy, wherein the defensive policy is used for dispatching between the at least two defensive node devices.  [0048][0055][0061]-[0063] (teaches reaching out to security gateways and authenticating, and receiving the address of the next security gateway/defensive node)
As per claim 9. Tinnakornsris teaches The method according to claim 1, wherein the dispatching instruction comprises an address of the defensive node device to which the terminal sends the signaling request the next time, and time when the terminal sends the signaling request the next time; wherein, before the time comes, the terminal establishes the trusted connection with the current defensive node device.  [0048][0055][0061]-[0063]

As per claims 10, 16. Chen teaches A method for defending against an attacking behavior, the method being applied to a terminal provided with an APP, the method comprising: sending a signaling request to defensive node devices, a number of the defensive node devices being at least two, the signaling request being used for requesting for establishing a trusted connection with the defensive node devices, and the signaling request at least including information of the terminal and the APP;   establishing, in response to the defensive node devices successfully authenticating the terminal based on the information of the terminal and the APP, the trusted connection with the defensive node devices, and  forwarding APP traffic of the terminal to a source station of the APP by the defensive node devices; and [0003]-[0011]; [0038]-[0045]  (teaches authentication via a web APP, including IP address, a secure connection with a security gateway node, and processing the authentication request and request for services to be forwarded to the service provider)


Tinnakornsris teaches sending a signaling request to defensive node devices, a number of the defensive node devices being at least two determining, based on a dispatching instruction returned by the defensive node devices, a defensive node device to which the signaling request is sent a next time.  [0048][0055][0061]-[0063] (teaches reaching out to security gateways and authenticating, and receiving the address of a proper security gateway/defensive node)
It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the nodes of Tinnakornsris with Chen because it provides load balancing for network traffic efficiency.



As per claim 12. Tinnakornsris teachThe method according to claim 11, wherein the dispatching instruction comprises an address of the defensive node device to which the terminal sends the signaling request the next time, and time when the terminal sends the signaling request the next time;   wherein, before the time comes, the terminal establishes the trusted connection with a current defensive node device.  [0048][0055][0061]-[0063]

As per claim 13.  Chen teaches An apparatus for defending against an attacking behavior, the apparatus being provided in defensive node devices, and a number of the defensive node devices being at least two, the apparatus comprising: at least one processor; and a memory storing instructions, wherein the instructions when executed by the at least one processor, cause the at least one processor to perform operations, the operations comprising: receiving a signaling request sent by a terminal provided with an APP, the signaling request being used for requesting for establishing a trusted connection with the defensive node devices, and the signaling request at least including information of the terminal and the APP; authenticating the terminal based on the information of the terminal and the APP, establishing, in response to the authenticating the terminal being successful, the trusted connection with the terminal, and forwarding APP traffic from the terminal to a source station of the APP; and [0003]-[0011]; [0038]-[0045]  (teaches authentication via a web APP, including IP address, a secure connection with a security gateway node, and processing the authentication request and request for services to be forwarded to the service provider)


Tinnakornsris teaches and a number of the defensive node devices being at least two, returning a dispatching instruction to the terminal, the dispatching instruction being used for instructing a defensive node device to which the terminal sends the signaling request a next time.  
[0048][0055][0061]-[0063] (teaches reaching out to security gateways and authenticating, and receiving the address of a proper security gateway/defensive node)
It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the nodes of Tinnakornsris with Chen because it provides load balancing for network traffic efficiency.

As per claim 14. Chen teaches An apparatus for defending against an attacking behavior, the apparatus being provided in a terminal provided with an APP, the apparatus comprising: at least one processor; and  a memory storing instructions, wherein the instructions when executed by the at least one processor, cause the at least one processor to perform operations, the operations comprising: sending a signaling request to defensive node devices, a number of the defensive node devices being at least two, the signaling request being used for requesting for establishing a trusted connection with the defensive node devices, and the signaling request at least including information of the terminal and the APP; establishing, in response to the defensive node devices successfully authenticating the terminal based on the information of the terminal and the APP, the trusted connection with the defensive node devices, and  forwarding APP traffic of the terminal to a source station of the APP by the defensive node devices; and [0003]-[0011]; [0038]-[0045]  (teaches authentication via a web APP, including IP address, a secure connection with a security gateway node, and processing the authentication request and request for services to be forwarded to the service provider)


Tinnakornsris teaches a number of the defensive node devices being at least two, determining, based on a dispatching instruction returned by the defensive node devices, a defensive node device to which the signaling request is sent a next time.  [0048][0055][0061]-[0063] (teaches reaching out to security gateways and authenticating, and receiving the address of a proper security gateway/defensive node)
It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the nodes of Tinnakornsris with Chen because it provides load balancing for network traffic efficiency.

Claim(s) 3 is/are rejected under 35 U.S.C. 103 as being unpatentable over Chen US 2020/0304853 in view of Tinnakornsris US 2010/0124228 in view of Srinath US 2020/0045087


As per claim 3. Srinath teaches The method according to claim 2, wherein the determining the defensive node device to which the terminal sends the signaling request the next time based on a defensive policy comprises: acquiring a current attack situation of each defensive node device; and determining a current response performance of each defensive node device based on the attack situation, [0010][0011][0038][0062] (teaches critical events for example a gateway going down and selecting a secondary or backup gateway for alternate routing)
It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the systems of Srinath with the previous art combination because it provides redundancy.

Tinnakornsris teaches  determining the defensive node device to which the terminal sends the signaling request the next time based on a principle of balanced response performance.  [0048][0055][0061]-[0063] (teaches reaching out to security gateways and authenticating, and receiving the address of a proper security gateway/defensive node)

Claim(s) 4-6 is/are rejected under 35 U.S.C. 103 as being unpatentable over Chen US 2020/0304853 in view of Tinnakornsris US 2010/0124228 in view of Kennedy US 20120191980  in view of Desai US 10,938,787. 

As per claim 4. Kennedy teaches The method according to claim 2, wherein the determining the defensive node device to which the terminal sends the signaling request the next time based on a defensive policy comprises: acquiring a user level of the terminal, the user level being divided based on an APP service feature of a user; and  determining the defensive node device to which the terminal sends the signaling request the next time based on a corresponding relationship between the user level and a node level; wherein the at least two defensive node devices are divided based on the node level.  [0083] [0084] (teaches user levels associated with security and access permissions )
It would have been obvious to one of ordinary skill in the art to use the permissions of Kennedy with the previous system because it provides for more customization of network security

Desai teaches determining the defensive node device to which the terminal sends the signaling request the next time based on a corresponding relationship between the user level and a node level; wherein the at least two defensive node devices are divided based on the node level.
(Column 5 line 10 to Column 6 line 25; Claim 1)  (teaches directing traffic to different nodes/paths based on security levels/priority levels/load balancing)
It would have been obvious to one of ordinary skill in the art to use the permissions of Kennedy with the previous system because it provides for more customization of network security

As per claim 5. Kennedy teaches The method according to claim 4, wherein the node level includes a high level and other levels except for the high level; and accordingly, in response to a current defensive node device that establishes the trusted connection with the terminal belonging to the high level, the method further comprises:  dispatching, in response to monitoring occurrence of an attacking behavior on a defensive node device of the high level, a terminal with the user level higher than a first set threshold among at least one terminal that establishes the trusted connection with the defensive node device of the high level to a backup defensive node device by returning the dispatching instruction.   [0083] [0084] (teaches user levels associated with security and access permissions )
Desai teaches node defense levels and using a defensive node of a high level with a trusted connection and additionally using backup nodes.
(Column 5 line 10 to Column 6 line 25; Claim 1)  (teaches directing traffic to different nodes/paths based on security levels/priority levels/load balancing)


As per claim 6. Kennedy teaches The method according to claim 5, wherein in response to the current defensive node device that establishes the trusted connection with the terminal belonging to the other levels, the method further comprises: dispatching, in response to monitoring occurrence of an attacking behavior on a defensive node device of the other levels, a terminal with the user level lower than a second set threshold among at least one terminal that establishes the trusted connection with the defensive node device of the other levels to a highly defensive node device by returning the dispatching instruction;  wherein a response performance of the highly defensive node device is higher than response performances of other defensive node devices.  [0083] [0084] (teaches user levels associated with security and access permissions )

Desai teaches determining the defensive node device to which the terminal sends the signaling request the next time based on a corresponding relationship between the user level and a node level; wherein the at least two defensive node devices are divided based on the node level based on security/defense levels.
(Column 5 line 10 to Column 6 line 25; Claim 1)  (teaches directing traffic to different nodes/paths based on security levels/priority levels/load balancing)

Claim(s) 11 is/are rejected under 35 U.S.C. 103 as being unpatentable over Chen US 2020/0304853 in view of Tinnakornsris US 2010/0124228 in view of Desai US 10,938,787.

As per claim 11. Tinnakornsris teaches The method according to claim 10, wherein before the sending a signaling request to defensive node devices, the method further comprises: acquiring, in response to starting the APP, an address of the defensive node devices by a domain name resolution server; wherein the domain name resolution server is configured to allocate a defensive node device to the terminal through domain name resolution, the defensive node device is a highly defensive node device, and a response performance of the highly defensive node device is higher than response performances of other defensive node devices.  [0055]  (uses DNS for defensive node)

Desai teaches determining the defensive node device being a highly defensive node device.
(Column 5 line 10 to Column 6 line 25; Claim 1)  (teaches directing traffic to different nodes/paths based on security levels/priority levels/load balancing)


Claim(s) 7 is/are rejected under 35 U.S.C. 103 as being unpatentable over Chen US 2020/0304853 in view of Tinnakornsris US 2010/0124228 in view of Kennedy US 20120191980 in view of Persson 2017/0302624

As per claim 7. Persson teaches The method according to claim 6, wherein the highly defensive node device is further configured to dispatch a terminal with a trusted connection duration reaching a preset duration threshold to a defensive node device allocated to the terminal with the trusted connection duration reaching the preset duration threshold last time by the dispatching instruction.  [0073] 
It would have been obvious to use the threshold of Perrson with the previous combination because it reduces costs [0073]




Claim(s) 8 is/are rejected under 35 U.S.C. 103 as being unpatentable over Chen US 2020/0304853 in view of Tinnakornsris US 2010/0124228 in view of Chunduru Venkata US 2020/0186427

As per claim 8. Chunduru Venkata The method according to claim 6, wherein the highly defensive node device is further configured to establish the trusted connection with a terminal starting the APP for a first time.  [0018]-[0020][0055][0057] (provisioned to connect with a security gateway with a trusted connection when first booted)
It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the configuration of Chunduru Venkata with the prior art combination because it provides instant security upon first activation.


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHRISTOPHER BROWN whose telephone number is (571)272-3833. The examiner can normally be reached M-F 8-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571) 270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/CHRISTOPHER J BROWN/Primary Examiner, Art Unit 2439